Phishing continues to take advantage of the ICOs and according to Kaspersky in his spam and phishing report of the second quarter of 2018 managed to steal an approximate 2.3 million dollars. The hackers’ approach focuses on scamming investors by creating fake ICO websites.
Kaspersky explains in his report that hackers use “the names of new ICO projects to raise money from potential investors trying to gain early access to new tokens”. To do this they focus on copying the web as it is.
Once investors reach the fraudulent pages, criminals do everything they can to get investors to send the accepted crypto currencies to their virtual wallets. Hackers do their best to convince investors that they are sending the money to invest in the copied project.
Kaspersky has worked hard against these attacks and they explain that with their efforts they have managed to prevent more than 58 thousand attempts at phishing attacks that seek to deceive investors with fake ICO websites and important crypto currency portals. According to the agency, in 2017 more than 2,000 phishing attacks were seen in the cryptocoins market and this implied losses of more than 300 million dollars for investors.
Current Phishing Cases
Experty, an ICO recently released, was one of the last to be involved in Phishing attacks. According to media reports, $150,000 was handed over by investors after hackers stole data from Experty’s database and contacted them posing as the company behind the ICO. The investors, believing they were official media, gave up their money.
The developers of Telegram, another ICO that has given a lot to talk about in the market because of the large amount of money they collected, saw how they created several fake websites that copied the original ICO page. According to Telegram’s analysis, the amount of money that investors lost on these pages is similar to the amount of money that was raised on the pre-sale. Telegram has not insured the lost amount but the media assume that a considerable amount of money was lost.
HTTPS certification is no longer reliable
The ease with which an HTTPS security certificate is obtained is generating that there are already fake or malicious pages with the appearance of secure pages. This situation has led many informed and computer savvy investors to believe that many fake websites are true.
According to Kaspersky’s study, large internet browsers such as Google are making changes to this situation that is affecting not only the cryptomime market but many others. It is expected that a future Google will no longer report that the site is secure but will inform when the site is unsafe by handling data on non-encrypted sites.
Phishing is one of the threats behind the ICOs and in the face of the boom we are experiencing we must be very vigilant. On the side of the ICO developers it is recommended that they register under their domain all the web pages that could be confused with the original page, in this way the action of the scammers is very limited.
For investors it is recommended to check very well the website in which you are investing and try to verify the website with other links that provide reliable websites. If we see that there are incongruities in the links and in the web pages, there is an irregularity that must be taken care of.