New TokenSwap Phishing Site Targets ICO Investors

Cryptocurrency ICO investors are being targeted again. Multiple MyEtherWallet phishing attempts have cost people a lot of money. There is now a new TokenSwap phishing attempt which tries to achieve a similar goal. ICOs remain prone to scamming attempts, which does not bode well for the industry as a whole.

Beware the New Cryptocurrency ICO Chat Scam

Anyone running a cryptocurrency ICO often relies on two communication tools to stay in touch with the community. One is Telegram, where people can ask a lot of questions and receive brief answers. The other is Slack, where more serious investors inquire about the technical side of things. Unfortunately, these Slack platforms have lately been attracting significant numbers of scammers and criminals. Anyone partaking in cryptocurrency ICO slack rooms knows all too well that things are getting a bit out of hand.

Slack chat rooms have been plagued by multiple Ethereum-related phishing attempts of late. The first wave of scamming attempts came in the form of fake wallets purportedly from the ICO team explaining how users needed to log into MyEhterWallet. Considering the popularity of this online Ethereum wallet solution, the criminals were largely successful in stealing money from users. They also did not just obtain ETH, as a lot of victims saw their ICO tokens get stolen as well. This phishing scam has targeted small and large ICOs alike.

Additionally, other cryptocurrency ICO investors have been tricked into depositing ether to the wrong address. These addresses were provided through either Telegram or Slack, or even the official website after being hacked briefly. The latter issue became apparent during the InsureX ICO not too long ago, yet the company issued tokens to all affected users regardless. This goes to show both investors and projects have taken the brunt of the financial damage associated with these scamming tactics.  Unfortunately, it appears the phishing attacks aren’t over just yet.

A new phishing scam has surfaced on Slack instructing users to visit a fake TokenSwap website. The message mentions recent Ethereum network attacks by black hat hackers and scalability issues forcing the developers to implement major protocol changes. They claim that EIP101 and EIP190 have been activated on the network, which means that all ERC20 tokens require an upgrade to the ERC21 standard. The scammers propose that this be done using a fake TokenSwap website provided in the message.

There is no such thing as a forced protocol upgrade, nor is it necessary to convert ERC20 tokens to ERC21. In fact, at present there is no ERC21 token standard at all. Whoever is responsible for this phishing attempt is trying to use fancy terms to make his or her offer appear legitimate, but their efforts will eventually be in vain. Anyone who knows better is aware that this is a clear phishing attempt, and it is most definitely not an actual message originating from the official ICO team.

Phishing attempts will continue to haunt cryptocurrency ICOs for quite some time. A lot of these projects have attracted dumb money and clueless investors. People with no knowledge of the cryptocurrency ICO ecosystem will often fall victim to these scams and suffer the consequences of doing so. It is unclear whether anyone has fallen for this TokenSwap phishing scam so far, but it is likely there will be some people losing out on good money.