The source reports a North Korea-attributed phishing site at starbucks-nft.marketing that impersonated Starbucks Korea rewards content to lure users into a fake NFT airdrop. The page contrasted with the legitimate Starbucks site by offering a 'Starbucks Gift Card NFT' and prompting visitors to connect a cryptocurrency wallet through a WalletConnect QR flow. The operator used trust cues such as redirects to the real Starbucks site while the fake domain lacked the legitimate certificate and used Cloudflare infrastructure. The author noted that major security vendors did not yet flag the site at the time of testing and submitted reports to several blocking services.