Issue description

Occasionally, you may receive non-fungible tokens (NFTs) that you don’t recognize or did not transfer to your workspace. These unsolicited NFTs are typically sent by spammers who hope to call your attention to an NFT project or even initiate a phishing attack.

In the latter scenario, these transactions allow the spammer to fabricate a transaction history between their wallet and yours. Having established this history, the spammer may try to trick you into transferring funds to their wallet.

Resolution

If you encounter such transactions in your workspace, you may safely ignore them. Since these transactions occur at the blockchain level, Fireblocks cannot prevent spam transactions from being sent to your address.

However, Fireblocks recommends the following features to limit the effects of the issue:

• Archiving these spam NFTs so they do not appear in your gallery in the Fireblocks Console.
• Hiding NFT transaction records from the Recent activity panel and your Transaction History.

Please note that in these scenarios, the spammer has not compromised your wallet, Vault, or workspace keys. The spammer aims to familiarize you with their addresses, hoping you accidentally send them funds in the future. As long as you configure the proper destination for your transfers, your funds are safe.