While ICO scams have made headline news, some enterprising thieves have made fake websites that imitate real projects to siphon money from their victims. According to Nikolay Shkilev, an advisor for a number of ICOs, about $4.5 million (7,513 ETH) has been stolen by such thieves.
“At the time of this writing, Etherscan says there are 92,945 ERC20 token contracts deployed on mainnet. And that’s only ERC20. That doesn’t include any of the more recent standards. Many of these token contracts had a token sale associated with them. If they gained even a modest amount of traction, scammers certainly tried to spoof them,” he wrote in a LinkedIn post.
Shkilev’s data shows that some of these sites had domain names like “omisegotoken.com,” or “etnerscan.io,” which is a misspelling of “Etherscan,” leading some people to believe that this is a token sale by the famous blockchain explorer.
Looking through the list, we find many such imitations of real projects that can be convincing to the unversed observer. There’s even one that imitates the blockchain cloud service called “DADI,” using “dadi-cloud.net” as its domain. That’s not a far cry from “dadi.cloud,” the real URL.
Some of these fake ICOs managed to attract the attention of unfortunate victims who poured significant amounts of money into their tokens. The fake OmiseGO token site got 194.8431 ETH (~$93,000) from one person.
A visit to the fake site shows a convincing carbon copy of an older version of the official OmiseGO site.
Some of these websites are now defunct, but that still shouldn’t bring any comfort to investors.
In fact, scams are still a major part of the ICO market, according to a recent study by the Wall Street Journal. People willing to throw their money into a project should first exercise the necessary due diligence to ensure that they’re not entering a fake predatory site set up for the purpose of riding on the coattails of successful ICOs.