An on-chain developer has announced that a new wave of deceptive non-fungible token (NFT) scams is sweeping across the XRP Ledger (XRPL), putting wallet holders on high alert. The attacks, which rely entirely on human error, have prompted growing concern within the XRP community about the threat of social engineering in the crypto space.
Developer Sounds Alarm On New XRP Scam
XRP wallet holders are facing new sophisticated scam attempts as fraudsters flood the XRP Ledger with fake NFT passes designed to trick users into surrendering control of their funds. Wietse Wind, the developer behind the Xaman wallet and a prominent figure in the XRP community, has sounded the alarm on X, urging members to stay vigilant.
Wind made it clear that neither he nor his team is distributing passes or NFTs of any kind. He warned that anything claiming otherwise is the work of bad actors. Notably, the new scam tactic relies on social engineering. Fraudsters send unsolicited NFTs to Xaman wallet owners and then wait for victims to engage with an offer tied to those assets.
When a user willingly accepts or signs the transaction, they may unknowingly hand over something of value in exchange for a worthless or malicious token. Wind described the mechanic plainly, likening it to a situation where someone presents a bad deal, and the victim voluntarily accepts it, walking away with something useless.
Security observers have warned that the attacks are not the result of any hack, technical breach, or flaw in the XRP Ledger itself. Instead, the entire scheme depends on one moment of human error. They caution that a random NFT appearing in a wallet should be treated as a red flag and strongly advise users not to engage, sign, or click anything related to unexpected tokens.
Wind confirmed that changes at the NFT code level alone would not fully resolve the scam problem since the vulnerability lies in user behavior rather than the underlying technology. For now, the safest course of action is to cancel any unsolicited offers immediately and spread awareness throughout the XRP community.
How To Cancel Scam Offers
Wind has offered guidance to affected users on how to protect themselves. He directed wallet holders to navigate to the ‘Events’ and ‘Requests’ sections to locate the suspicious offer, then hit the ‘Cancel’ button. While the developer reassured the community that simply ignoring the offer without any interaction would also prevent loss of funds, he has nonetheless strongly urged users to take the extra steps of canceling any suspicious offers outright.
Meanwhile, on the ground level, members of the XRP community have begun sharing their own encounters with the new scam. A blockchain enthusiast on X, going by the name Crypto Analytics, revealed that he personally received one of the fraudulent offers via his Bithomp wallet. He noted that the team at XRPL Labs had flagged the NFT offers as fraudulent on the wallet, giving users additional warning when they encounter the malicious scams.
