Thread
🚨 Analysis of how a scammer stole 14 BAYCs worth over 852 ETH ($1.07 million) today through a month-long social engineering scam.

Here's how it happened πŸ§΅πŸ‘‡
1/ The scammer (@JasonBrubeck) contacted the victim (@_sevenseason_) and asked to license IP rights for BAYC #2060. They claimed to be a casting director working for "Forte Pictures" which is an LA based Emmy award winning company with offices at Sony Pictures Studio.
2/ The alias "Jason Brubeck" is fake and does not exist, however, Forte Pictures and Marcus Mizelle are both real and legitimate. The real Forte Pictures company did not own the domain forte(.)pictures, but rather operated under Mizelle's website, marcusmizelle(.)com.
3/ The scammers took this as an opportunity and registered the domain forte(.)pictures 118 days ago. They then posed as the Emmy award winning company and pretended they were creating an NFT-related film called "The Return of Time" in collaboration with "Unemployd"
4/ Unemployd was an "AI powered social IP platform for NFTs" which was also a scam. They spent many hours in calls, talked with victims for weeks, created fake pitches and partnerships, formed fake legal contracts, hosting frequent Twitter spaces
5/ and created fake BAYC/MAYC Twitter accounts who tweeted and interacted with people every day and pretended to have signed licensing deals for their NFTs with Unemployd. This was a long-term sophisticated scam, slowly building credibility over a long period of time.
6/ After going through contracts and discussing the terms, they sent an email stating they "sent a bid" through Unemployd. The scammer told him to visit Unemployd to "sign the contract" which is where the wallet drain took place.
7/ The scam website displayed a gas-less Seaport signature, which they claimed he needed to sign for the license. However, the signature actually created a private bundle listing of all of the victim's BAYCs to the scammer for 0.00000001 ETH.
8/ The scammer's wallet, funded by Secret Network, ran the matchOrders function to complete the private sale. The scammer then accepted the highest WETH offers on all of the NFTs, then converted the 852.86 WETH to 1.07m DAI.
9/ The scammer then sent the funds to a new wallet, where the funds are currently sitting dormant:

0x64677f177bc68382fc86714a3ed8f22bc368b7da
10/ A few notes to take:
- Understand what you're signing, don't blindly sign random signatures/transactions
- Don't sign Seaport signatures outside of OpenSea
- Don't trust new/random platforms
- Use multiple wallets (Hot, cold, hardware)
- Always confirm authenticity/identities
11/ Thanks for reading. Stay safe, and feel free to share this thread to educate others ❀️
Mentions
See All