Buzz off ICO phishing scams…
The anticipated BeeToken Initial Coin Offering, which is taking aim to disrupt AirBNB and other home sharing platforms, has suffered a phishing attack with a reported loss of over US$1M in Ethereum.
Malicious actors obtained ghe BeeToken participant’s email addresses and have been sending a communication directly to those people who had signed up for the BeeToken ICO. The phishing email providing them with an Ethereum address and QR code purporting to be from BeeToken. The several address in question are of course not under the control of BeeToken and these fake addresses have taken funds from at least 165 people. The accounts have been labeled as scam addresses on Etherscan.
BeeToken’s Twitter account confirmed the attack:
EthNews reported a conversation with the CEO of BeeToken, Jonathan Chou, who apparently said:
“We are not at risk of exposing all of our customers’ data in one go if there is a security breach,”
While the planned platform’s decentralisation might assist in that mission, it appears the centralised database of BeeToken participant’s email addresses has been compromised, at least according to many on Reddit.
This is yet another cautionary tale for those participating in ICOs to check, double check and triple check the address (including on the ICO website itself and Etherscan) before sending any funds.
It doesn’t take much effort to check this and be safe from scammers.
Disclosure: The author holds cryptocurrencies and advises blockchain companies. He does not hold, is not advising and is not participating in the BeeToken ICO.
