Crypto / NFT Rug Pull and DeFi Phishing

How This Attack Works

Attackers launch fake NFT collections, token presales, or DeFi yield farming platforms promoted through social media and email. Victims connect their crypto wallets to claim an airdrop or mint an NFT. A malicious smart contract then drains all assets from the connected wallet instantly. In rug pulls, developers withdraw all liquidity from a token after hype drives up the price.

Red Flags to Watch For

• ✗
  Project promoted primarily through anonymous social media accounts with no verifiable team
• ✗
  Airdrop or mint requires connecting your wallet to an unfamiliar domain
• ✗
  Smart contract has not been audited by a recognized security firm
• ✗
  Extreme FOMO pressure: "mint closes in 2 hours — whitelist spots remaining"
• ✗
  Returns or yields promised are unrealistically high compared to established protocols
• ✗
  Token cannot be sold immediately after purchase — liquidity is locked behind suspicious conditions

Known Malicious Domains

These domains have been associated with this attack. Never click links going to these addresses.

• nft-exclusive-mint.comMALICIOUS
• defi-yield-farm.netMALICIOUS
• crypto-airdrop-claim.comMALICIOUS
• token-presale-register.netMALICIOUS

Glance automatically blocks emails from domains on this list. Domain list is not exhaustive — attackers register new domains continuously.