So with all the craze on Cryptos , we have seen a new frenzy hit town; Initial Coin Offering (ICO). According to Investopedia, an ICO refers to "an unregulated means by which funds are raised for a new cryptocurrency venture" Source; https://www.investopedia.com/terms/i/initial-coin-offering-ico.asp .
The key takeaways in the definition are the terms "unregulated" and "funds". There are lots of ICO's already done and still being done that one need a counter/tracker to keep track of them. The funds and regulation are not part of this post so we shall revisit that latter; Let us look at ICOs, Data, Scammers and Privacy and how to stop.manage this
Data and Theft are the main reasons for this story. Almost all ICO's ask you to sign up to their Website(ICO Site) to perform some actions such KYC and identification in addition to having contact information to maintain communication between them and yourself. Nothing wrong with this. Some even ask you to share you Ether or any Wallet Address to "Whitelist" you.
The problem giving this folks data is they have no proper data/privacy mechanism and anyone from their team/employees can get hold of your data and do the heck they want to do with it. Remember as we said "unregulated"? Yes you sure cannot do much. Woe onto the FOMOs and FUD users who rush to ICO's and have limited crypto-sphere knowledge nor technical knowledge to fend off spammers, phishing and scammers, that abound in the ICO-Sphere.
Simple and Lazy Security Measure
A simple and lazy security mechanism would involve you creating a new email account for each ICO you sign up/in with your email. This way you sort of restrict them to only communicate with your through that dedicated email (like a VPN :-) ). But creating and managing many email accounts is cumbersome and somehow it may end up screwing your security in the long run. This is because you need to manage multiple passwords (means you write down some and expose yourself, offline or online) or use a simple/single password and as well expose yourself. Zero Sum Game.
Thief Knot Measure
I have a simple trick available within Gmail to catch scammers and I have used it to catch some of this ICO scammers. I participated in the SONM ICO and like everyone else , I signed up with my normal and only email account I have( a Gmail account) . I however always use a special trick that turns my single gmail account into multiple and unique accounts for each service I sign up online with. I like to call this trick, " the thief knot" measure to your email.
The trick involves adding a plus sign plus some prefix just before the "@gmail.com". Foe example, if my gmail account is [email protected], and I want to sign up to Bad Guy ICO, I will sign up for the ICO with my email address as [email protected] or anything. The trick is, if I add the "+" and anything just before the "@gmail.com", any email system will treat that as anew email but gmail will simply deliver the same to my same inbox.
So the Bad Guys ICO will be sending emails to [email protected] because that is the email I gave them but the email will end up in my inbox at [email protected]. The best part is; the "To" part in the email field will show the modified email address as [email protected]. See below;
Now with this trick, I sign up to many ICO's and other services with a unique email to each of them and I can afford to secure my one account very well with strong passwords and 2 FA
How I Caught SONM Team for Selling My Data/Having their Data Stolen
As I said, I took part in the SONM ICO and O Signed up with my modified gmail account and even got communication from them as shown below;
I however recently noticed that I have been getting lots of emails/scams from ICO's I did not know about. All this were using my modified SNM email. I knew at nice that the scammers had got my emails from SONM team either in a good or bad way. That besides the point, I was angry SONM allowed my data to be used by scammers to target me for some ICOs. See how many I have got from them and how clever this guys are.
They even targeted me to the very high security allegedly ICO, Quantstamp.com that you need to verify and get KYC to participate in their ICO and it is not open to US, China and Russian citizens. Check their site. I was pleasantly and ironically surprised how they spoofed and forged the QSMP domain email seeing this guys are working on "the Protocol for Securing Smart Contracts." Haahahahha poetic, I know right.
Of course I had to email the CEO to let them know how they could fix this simple "security" lapse before they get scammed and I hoped to get a bounty while at it. :-)
Parting Shot
So if you have seen an ICO and would love to participate and you need to sign up, use your unique and modified Gmail account that has what I like to call a "thief knot" to keep track of the scammers and thieves. But as I said, remember the key term "unregulated"
Congratulations @oslee! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here
If you no longer want to receive notifications, reply to this comment with the word
STOPDownvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Congratulations @oslee! You have received a personal award!
Click on the badge to view your own Board of Honor on SteemitBoard.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Congratulations @oslee! You have completed the following achievement on Steemit and have been rewarded with new badge(s) :
Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word
STOPDo not miss the last post from @steemitboard:
SteemitBoard and the Veterans on Steemit - The First Community Badge.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Congratulations @oslee! You received a personal award!
You can view your badges on your Steem Board and compare to others on the Steem Ranking
Vote for @Steemitboard as a witness to get one more award and increased upvotes!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit