With hacks becoming more frequent and ETH becoming a viable competitor to Bitcoin, how does one avoid getting suckered into an Ethereum Scam?
In what will be forever remembered as a milestone in the history of cryptocurrency, CoinDash suffered a humiliating loss, just minutes into its ICO, when a hacker hijacked the company’s web page and altered its payment address. Approximately $7 million worth of Ether was funneled away before the token sale was shut down.
Armchair quarterbacks and Reddit warriors the world over will see this as an “I-told-you-so” moment, proclaiming that cryptocurrencies are universally suspect, Ethereum is a scam and that the whole market is unready or unqualified to operate in the real world.
But this is the real world, and it is populated by human beings, and if there’s one thing humans excel at, it is in finding ways to cheat the system and make money the easy way.
The CoinDash debacle was not a failure of Ethereum or of the blockchain. It was a lapse in security that left a website vulnerable. It was the website that was hacked, not the currency.
It brings to mind similar stories – the famous DAO theft, in which hackers exploited a coding weakness, as well as that of Bloomberg TV anchor Matt Miller who, in December, 2013, showed off a Bitcoin certificate’s QR code on national television and was immediately robbed of its value by a viewer with a cellphone camera. In this case, the amount “stolen” was only $20, and the thief returned it, along with a stern warning.
There are always wolves at the door, and many of them are smart and fast.
Before Ethereum or Bitcoin, they sent SQL injections into credit card windows on ecommerce sites – but that was not the internet’s fault; they sent out billions of phishing emails with misleading hyperlinks, but that was not email’s fault; and they make terrifying collection calls, pretending to be from the tax authorities – but you can’t blame the phone company for that.
Humans – or at least certain humans, will always find a way to cheat the system. It is up to each individual customer or investor to be aware of this. Trust no one and question everything. Above all, slow down and think before clicking.
Recently, everything has been about ICOs: initial Coin Offerings, in which investors looking for fast returns can buy into a company’s grand opening, using tokens of virtual currency. That’s what happened with CoinDash – people, including their best customers were invited to send over their ETH payment as soon as possible, in order to get in on this great deal.
The armchair quarterbacks will be right about one thing – unfortunate situations like CoinDash, or a more sinister Ethereum scam all exist because of a lack of centralized regulation, which in other markets, must step in to protect investors from their own impulses.
There have been bubbles and investment manias all through the past 500 years of world history, often fueled by inadequate information, a human desire for fast riches and an absence of a legislative guiding hand. A great book to read on the topic is Extraordinary Popular Delusions and the Madness of Crowds, by Charles MacKay – written in 1841 – a century and a half before the public internet, but full of valid lessons, especially when one replaces the word “ether” with the word “tulip.”
The best suggestions for avoiding the next Ethereum scam, or any type of scam, including phishing and certain types of affiliate marketing, start with two words: slow down.
If you are offered a chance to participate in an ICO, question it thoroughly. How much do you know about the company, its executives and talent? How much can you find out from external sources? How much equity do they have in the ICO? Is there more to their vision than a ghostwritten white paper?
What about the structure of the ICO? Are there voluntary caps on the total amount to be raised, or per individual? What happens to the tokens in relation to the product or service the company provides? When does the rubber hit the road in terms of a company’s viability?
Who is sending you the great ICO news anyway? Is it someone you know? If you are receiving an email invite or a Twitter DM, is it from the person you think it is, or a spoof account with a similarly spelled name?
Can you contact the company via another route? This is the same advice to give people who are being scammed by fake IRS collectors – if you want to know for sure, call the IRS directly, using the numbers you already have.
Do some due diligence on every part of the offering including the payment addresses, using sites like Etherscan.
Above all to avoid a potential Ethereum scam, do not rush. It is very tempting to want to purchase a cryptocurrency when the price is at rock bottom, or is climbing healthily, but if you are hearing about it on major media or social media, you are likely already too late. If you are being invited to an ICO, ask yourself – why me?
In fairness, there are many worthwhile startups and high-tech companies out there busily writing the future. The brilliant minds who developed Bitcoin, blockchain, graphene, 3D printing – many of them are real, good people worthy of financial support. The nature of digital currencies and centerless economies is appealing and exciting.
But any decision to part with your money requires careful review of the situation, using as many independently contacted reference points as possible. It is a human failing to act without thinking – it is based on an internal fight-or-flight drive and has been exploited by those with cooler heads for thousands of years.
So before you click, ask, “what’s my plan here?” If you can’t answer, or don’t want to answer, be prepared to meet the wolves. They’re right there on the other side of that mouse click.
In summary, there is no full proof defense against an Ethereum scam or any scam, but you can take steps to minimize the risk.