The massive growth of the ICO sphere attracts not only potential investors but also cybercriminals who are actively seeking new opportunities – and what’s even more alarming - they find them. One of the methods of stealing money from cryptocurrency services is phishing, and in 2017 it cost $115 million for business owners in the ICO sphere. The case of Kik’s ICO is a good example of how phishing works. The investors were deceived by fake payment websites, and they sent their money to black-hat hackers instead of investing it in cryptocurrency. There are other scenarios that have happier endings thanks to the measures applied perfectly on time. The Jibrel Network avoided being hacked, right before the beginning of their token sale. It was protected from a phishing attack by Hacken.
The main methods of phishing are via creating fake ICO websites that are perfectly visually similar to the genuine ones, emails with links that require verification of address with password, and even advertising in Google. About 22,000 of the incidents related to phishing took place in America in 2016, and all the business owners altogether paid about half a billion dollars to the black-hat hackers. In hopes of preventing you from joining the ranks of their victims, we suggest 3 outstanding measures to avoid phishing and its harm for the business. It's better to spend $10k on a high-quality anti-phishing service then lose $20m and trust in the aftermath of angry defrauded investors.
The investors of ICO companies buy cryptocurrency, the cost of which is growing everyday. Thus, they invest a lot of money into the development of the company and protecting their interests is the primary goal of any ICO. In 2017, this business demonstrated a growth of $327 million in capital, meaning it will attract more and more black-hat hackers desiring to steal this money. In this regard, there’s the necessity to inform clients about the most convenient and protected method of communication, and to list out the basic rules for using it. For instance, one of the Golden Rules – do not open any links from emails – should be known by the investors from day one of cooperation. You have to prepare the set of basic rules regarding the method of communication and hand it over to investors such that they are not deceived.
The first method might be pretty effective, but in this case, there is no overprotection, you just can’t care too much about it. Thus, one of the most effective ways is to let professionalwhite-hathackers check you project to find fake replicas. Modern anti-phishing services like the ones represented by Hacken, might be completely affordable for those small and medium entrepreneurs, and they will find a specialized approach to your information system. Thus, the Hacken team will be monitoring the web to detect a phishing website of your project and eliminate it as soon as possible to protect your investors. Also, all the challenging emails and other messages will be captured before your workers have the chance to open them and do something horribly wrong. And it makes the situation safe for investors who believe that access to their money shouldn’t be provided to everyone who wants it. If you really care about them, it’s enough to make a single step towards better safety.
One of the most convenient and available online tools to determine the authenticity of any email, is our good old DMARC. It’s a real lifesaver, but you will have to do a lot to teach all your staff to use it.
More than 90% of all hacker attacks on the organizations start with phishing, and it’s rather alarming for owners of ICO businesses and their investors. Spending money on cybersecurity by asking the professionals to have concern about it, is always better than dropping the business and losing all the money. It’s better to protect investors from the risk of fake websites than to lose them and income because of a lacking in the needed measures.
https://www.darkreading.com/endpoint/91--of-cyberattacks-start-with-a-phishing-email/d/d-id/1327704?
https://hacken.io/upload/55a6a2a0-hacken-white-paper.pdf
http://www.valuewalk.com/2017/09/how-to-avoid-ico-scams/
https://hub.hacken.io/sc-audit?utm_campaign=gSarticle
https://cointelegraph.com/news/exploits-hacks-phishing-ponzi-are-on-the-rise-on-ethereum
https://www.coindesk.com/70-million-far-kik-ico-kicks-off-small-scams-big-demand/
