BlockSec: A new type of NFT phishing scam exploiting OpenSea's proxy upgrade interface has emerged

ChainCatcher message, BlockSec monitoring has discovered a new phishing scam that utilizes the OpenSea protocol proxy upgrade interface. When users create an account on OpenSea, Opensea creates a proxy contract and allows users to authorize their NFTs to the proxy contract. This scam tricks victims into signing an upgradeTo() function, changing the OpenSea proxy to its own contract. After the implementation is changed, attackers can easily call multicall() and drain every approved NFT from the user's proxy contract. (source link)