Potential ICO investors are one of the biggest targets of cyber thieves according to a report by Kaspersky Lab. In the first 6 months of 2018, company’s products have prevented over 100 thousand attempts to redirect users to fraudulent cryptocurrency wallets and exchanges, according to the company.
The report notes that during the past year, cyber thieves have managed to steal over $10 million dollars, or at least 21 000 ETH (ETH/USD). Kaspersky Lab however, adds that although the methods may be well known, thieves are playing on the human factor of people which is difficult to counteract.
In order to avoid any losses of funds, the report suggests being skeptical of any extremely lucrative offers, check information on ICO’s with care, hyperlink addresses, and avoid transferring into a cryptocurrency wallet through unknown websites.
What to be weary of?
- Thieves have a variety of tools at their disposal aside form attacks on the webpages. Cryptojacking tools, smart contract vulnerabilities and exploiting weaknesses in third party software. Kaspersky Lab notes that rather often “classical methods of social engineering” are used.
- Criminals can also collect e-mail contact details of of those seeking to invest in an ICO and would distribute a fake e-mail, allegedly from the team behind the start-up, that would have the wrong addresses for transfers.
- Another popular method is using pages that imitate pages of ICO’s. The document provides an example of one such phishing website which copied OmiseGo ICO, managing to steal over $1 million. Similarly, when it came to rumors of an upcoming Telegram ICO, hundreds of fraudulent web-pages appeared.
- Also, scammers use fake accounts of celebrities, asking to transfer a given amount in order to receive back even more at a later date. Likewise, fake giveaways are announced on behalf of large token issuers.