As initial coin offerings grow, so do cryptocurrency scams
Cybercriminals are finding new opportunities in blockchain investment scams.
Chainalysis, a New York-based firm that makes software to protect against cryptocurrency money laundering, released numbers this week saying that scams through initial coin offerings have pushed the total cost of cybercrime to $225 million this year. According to the company, there have been about 30,000 victims of cybercrime on Ethereum, a popular blockchain-based smart contract and computing platform.
Blockchain is the technology that underpins cryptocurrencies like Bitcoin. Described as a “distributed ledger”, blockchain creates a secure, public ownership list of an asset. Ethereum builds on the payment structure of Bitcoin and includes a programming language that furthers smart contracting and negotiations.
ICOs rose to prominence this year as cryptocurrencies and blockchain experienced increased acceptance and use. An ICO, like an IPO, an initial public offering, is a fundraising vehicle for new cryptocurrencies or businesses. By trading in a valuable cryptocurrency, like Bitcoin or a similar token or coin, the investor will receive a new coin with the promise of future value. Different from an IPO, the Economist points out that taking part in an ICO does not confer share ownership to a business.
Chainalysis’ report comes on the heels of a Securities and Exchange Commission Investor Alert warning potential investors that many ICOs are scams.
“Fraudsters often try to use the lure of new and emerging technologies to convince potential victims to invest their money in scams. These frauds include ‘pump-and-dump’ and market manipulation schemes involving publicly traded companies that claim to provide exposure to these new technologies,” reads the memo.
The SEC recently issued trading suspensions for four companies with ICOs or “coin/token-related news” that were a threat to “investors and the public interest.” Those companies are First Bitcoin Capital Corp., CIAO Group, Strategic Global and Sunshine Capital.
The Chainalysis report says that ICO-related cybercrime had previously been through high-profile hacks or exploits. In June 2016, the first major cybercrime incident on Ethereum saw bandits get away with $74 million.
Now, Chainalysis says, smart contracts are becoming more secure, which is leading to a rise in ICO phishing scams, a low-tech way to have a mark self-disclose personal information. The report says that ICO phishing scams work when investors “desperate to get early access to new token offerings have been tricked into providing their credentials to fake websites through targeted email campaigns, Twitter posts and slack messages. These credentials are then used to drain accounts.”
The SEC recommends that people considering an investment in an ICO should do their research, look for a company’s SEC filings in their EDGAR system and be wary of any ICO claiming to be “SEC-compliant” without explaining how the offering complies with securities law.