A Different Approach to Fighting Investment Scams
We asked this crucial question from
Sentinel Protocol, which is a company trying to solve this specific problem. As
they are security specialists, we wanted to get the solution according to their
expert opinion. Here it is!
Though the rate of ICO fundraising
has slowed down lately, ICOs are still an important matter in the area of
cryptocurrency investments. In 2018, the project funding rate and the size of
the average funding round were the highest till now.
ICOs are considered identical to
hype and danger. When ICO happens, usually the project is at the very initial
stage.
At this point, it is just trying to validate its promising team and
consultants, tokenomics, and the reason why they even need the blockchain
technology.
From the investment point of view,
it is difficult to differentiate between a great and a good project, and a good
and bad project. The bad projects may also be called as scams by the ones
getting hit by the shabby returns.
However, the scam that we are
referring to in this post is of a very different category. It is regarding the
inspection of the validity of the information that is exchanged between the
investor and ICO project.
Why people become easy scam targets
In a centralized setup, people have
security institutions to protect them against frauds, where they can complain
about fraudulent activities to the police.
However, in decentralized setups,
this responsibility falls upon the individuals themselves to look out for
themselves.
In the real world, if your credit
card gets stolen, you can always call and block it and restrain any misuse of
your card. But this is not the case in the crypto world. Once your crypto is
stolen, it is out in the open beyond your control.
The main problem that causes all
this scam is that most of the crypto individuals do not validate the
authenticity of the transaction data. Secure online behavior is a skill that is
learned over time. This cautious behavior is learned through repeated practice
or specific education.
Those who have never been a victim
of any malicious activity are less likely to check whether the website they are
dealing with is a phishing site or not, or that the wallet address is secured
or not.
The other main issue is that usually, the crypto individuals do not do a proper security check
due to their lack of experience in this regard.
For a well-designed scam that
is cautiously and carefully designed by the malicious actors, these average
crypto individuals do not have the capability to check them on their own. Like,
if there are tips roaming about in the community to check for the SSL
certificate of every website.
This can be done by most of the crypto
individuals. But if it requires some specific code or checking for spoofed
emails, most of the people do not have knowledge and capability to do such deep
security checks by themselves.
ICO Projects a Major Target for Scammers
Though it is not revealed very
openly, ICO projects are no exception to scamming targets. We also witnessed
various scams when we got our ICO for Sentinel Protocol
And these are not just
simple scams where a careless ICO participant might go for the wrong wallet
address, fall for a giveaway scam on Twitter or visit a phishing site.
It is a part of the ICO lifecycle
to get personal messages from the consultant on Telegram, and emails from the
sites with ICO review and listings. Therefore, it is easy to impersonate
telegrams and emails from similar domains.
Some malicious groups try to
disrupt the sales or fake KYC submissions. As we are a security company with
in-house security experts who are doing digital forensic and risk researches
all the time, so, we were able to block these efforts successfully.
But what about those who do not
have the resources to hire a full-time security expert team. Those who do not
have individuals to discriminate between the malicious data and legitimate
information, then go through the same experience what would they do.
The ICO projects are constantly receiving
queries from their investors about such impersonator scams who pretend to be
the ICO project official.
In such a situation, the team members also need to be
very careful as these scams can also target the project team. No doubt, most of
these security breaching attempts occur from the inside, so the crypto
companies should also be careful.
Simple Solution but Tough Implementation
Because of the critical nature of
these threats, it is necessary that an approach must be adopted that integrates
contribution from various parties, offering their perspectives and expertise.
However, this complicated solution must not make the individual users confused
by its advanced sophistication.
This solution in itself is very
complicated for the following reasons:
1.
It has to be a realistic, practical and direct solution
for the scam problems detected most often.
2.
It requires the basic root knowledge of these
scams and also about how they can be solved.
3.
The experience of users should be easy and
fluent for everyone to adapt, especially the new ICO investors.
Accessible and Comprehensive Threat Database
These scams and malicious attempts
are going on everywhere in the world constantly. To get a complete collection
of comprehensive threat data it is necessary that we use collective
intelligence.
As we are a team of cybersecurity
experts that have extensive industry knowledge, we have understood that to
build a decentralized threat database by using this collective intelligence, is
not going to be possible without the help of blockchain technology.
These ideas made the backbone of Threat Reputation Database (TRDB)
that is developed to collect as much information and data about these scams and
malicious activities as possible.
The system counts on the “The Sentinels”, the network of security experts, which are dispersed globally and are incentivized
to use their expertise for the token economy.
To enhance our team and kickstart
the procedure of populating the database, we still require the pre-existing
knowledge and expertise.
The purpose of hiring “Pre-Sentinels”, after
interviewing them and verifying their security expertise, is to lay a the foundation of these threats upon which the others can build a token economy.
Together they are building a list of authentic
ICO data, as well as of malicious ICO data. This will be used to display what
authentic information can be safely accessed by the ICO participants.
To make sure that individuals are
able to distinguish between scams without getting hit by them, it is extremely
important to establish an easy-to-use solution that can be used as the golden
standard while dealing with crypto scams out there.
Therefore, the first iteration of
our product was chosen to be a chrome extension. The extension double checks
that the site being visited is authentic and the wallet address is correct or
not. Tapping into this extension reduces the chances of sending the
contribution to a wrong address.
Reducing Security Threats Globally
To invest in an ICO project takes a
lot of research to find a great project. So it is important to make sure that
the resources one is putting into it are used legitimately without the risk of
any kind of scam in the process.
A security program like TRDB makes
sure that the knowledge by the expert crowd is applied to the general public to
help them access the authentic platform and data.
With the advancement in blockchain
applications comes the advancement in scamming and fraudulent threats. The
provided solution should be so friendly user that every common person can get
benefit from it.
Today, cybersecurity is becoming more and more rampant with
the increase in cyber-terrorism. To fight against these cyber-attacks, we have
to make sure that we work together and protect each other from these mischievous
actors.
Summary
Sentinel Protocol is the first ever
crowd-sourced threat intelligence platform that is built on the blockchain base.
It gathers and evaluates the information from original hacks, frauds, and scams
to develop and improve the security of crypto assets.
Using a decentralized
Threat Reputation DataBase (TRDB), this intelligence is shared with crypto
exchanges, payment services and wallets.
Comments
Post a Comment