The rapid growth in popularity and hype surrounding digital assets such as art, video, and music in the form of non-fungible tokens (NFTs) has made them a lucrative investment opportunity, with NFT-based sales surpassing $25B in 2021 alone. However, the volatility and general lack of technical understanding of the NFT ecosystem have led to the spread of various scams. The success of an NFT heavily depends on its online virality. As a result, creators use dedicated promotion services to drive engagement to their projects on social media websites, such as Twitter. However, these services are also utilized by scammers to promote fraudulent projects that attempt to steal users' cryptocurrency assets, thus posing a major threat to the ecosystem of NFT sales. In this paper, we conduct a longitudinal study of 439 promotion services (accounts) on Twitter that have collectively promoted 823 unique NFT projects through giveaway competitions over a period of two months. Our findings reveal that more than 36% of these projects were fraudulent, comprising of phishing, rug pull, and pre-mint scams. We also found that a majority of accounts engaging with these promotions (including those for fraudulent NFT projects) are bots that artificially inflate the popularity of the fraudulent NFT collections by increasing their likes, followers, and retweet counts. This manipulation results in significant engagement from real users, who then invest in these scams. We also identify several shortcomings in existing anti-scam measures, such as blocklists, browser protection tools, and domain hosting services, in detecting NFT-based scams. We utilized our findings to develop a machine learning classifier tool that was able to proactively detect 382 new fraudulent NFT projects on Twitter.

翻译：非同质化代币（NFT）形式的艺术、视频和音乐等数字资产的流行度与炒作热度迅速增长，使其成为利润丰厚的投资机会，仅2021年基于NFT的销售额就超过250亿美元。然而，NFT生态系统的波动性及普遍缺乏的技术理解导致了各种骗局的蔓延。NFT的成功很大程度上取决于其在网络上的病毒式传播。因此，创作者会利用专门的推广服务来推动其项目在社交媒体网站（如Twitter）上的参与度。然而，这些服务也被骗子利用来推广欺诈性项目，试图窃取用户的加密货币资产，从而对NFT销售生态系统构成重大威胁。在本文中，我们对Twitter上的439个推广服务（账号）进行了纵向研究，这些账号在两个月内通过抽奖竞赛共同推广了823个独特的NFT项目。我们的研究结果表明，其中超过36%的项目是欺诈性的，包括钓鱼诈骗、拉地毯骗局和预先铸造骗局。我们还发现，与这些推广活动（包括针对欺诈性NFT项目的推广）互动的大多数账号是机器人，它们通过增加点赞、关注和转发次数来人为提升欺诈性NFT收藏品的受欢迎程度。这种操纵行为吸引了大量真实用户的参与，这些用户随后会投资于这些骗局。我们还识别出现有反欺诈措施（如黑名单、浏览器保护工具和域名托管服务）在检测基于NFT的骗局方面存在的若干缺陷。我们利用研究结果开发了一个机器学习分类器工具，该工具能够主动检测Twitter上382个新的欺诈性NFT项目。