How to tell if an ICO is a scam


By US-China Investment News contributor Prateek Sanjay

Recently, I got this mail in my inbox. A dozen things stood out immediately upon seeing the mail that made me say, “Serious red flag”.

While I do not want to accuse the organizers of any dishonest practices, they made some errors of judgment which would cause any blockchain developer or ICO participant to take a few steps back.

Here is what they did wrong:

  1. They contacted me through a mailing list: See the “via esputnik” at the top. In many countries, you are not allowed to cold mail a stranger for an investment opportunity. Even if you are, you are supposed to explain to the person how and why you got in touch with them. There has to be a reason for getting in touch. Mailing lists often obtain contact details of people through illegitimate means, and are a way for strangers to attempt to scam you.
  2. They are in a rush to raise money: Notice the “Last chance” and the “4 days remaining”. You can get into trouble with securities authorities if you put too much of a rush on people to take out their money and put it in your security. Any serious investment of money requires people to think through it patiently.
  3. The proposed business model has little to do with blockchain: These gentleman wish to operate a price comparison site. A very much legitimate business, but many price comparison portals exist all over the world which do not need blockchain. Why this one?
  4. They openly use the word ICO: An ICO is just an informal word. What it really is is a “token participation program”. Tokens in ICOs are not securities. ICO sounds too similar to IPO, which can automatically be a red flag for securities authorities to investigate you. Nowhere in the world are you allowed to sell securities not registered with the local securities authority. Which is why serious ICOs never call themselves an ICO or a securities offering.
  5. There is no GitHub or smart contract code link given: Since ICOs are an activity by developers for developers, usually they involve open source programming. The reason ICOs raise so much money is that other technology experts already verified the technology involved by having it publicly visible. But there is no link given to any coding that they do or use. Without proof of coding, there are no means to evaluate them.
  6. There is no size of issue mentioned: usually, an ICO mentions the size of the issue in terms of dollars, euros, BTC, or ETH they wish to raise. None of this sort is mentioned. Are they really open to raise unlimited amounts of money?

This – unfortunately – is an ICO that is very difficult to justify reading beyond even the invitation email (which should never have been sent in the first place).

While the above may just be a case of inexperience and naïvete on part of the organizers of the ICO, there have been scams that have been so sophisticated and intelligent, they seem more believable than the above.

Take for example the Ebitz scam.

Now this one actually looks a lot more sophisticated than the previous one. They have a well-written, neatly formatted paper. There was an actual fit for the business model with blockchain. It was announced on blockchain forums, rather than by cold-emailing unknown parties. They allowed a full month for their ICO, and did not put pressure to invest immediately. They even linked to their GitHub source code and provided an open communication channel through Slack. They clearly stated the size of the issue (237 BTC).

But this was one of the biggest ICO scams to have ever happened.

Even intelligent lawyers and technology experts were duped.

What were the warning signs here?

  1. They clearly said they would not use an escrow account for the sale: Bad, bad stuff. In any kind of fundraising, funds have to go into an escrow account first, and if the required amount is not raised, funds are returned to investors.
  2. The team remained completely anonymous: On the claim of being a group of “ethical hackers”, they demanded anonymity, and did not wish to make public their credentials. No LinkedIn profiles existed of the team. Unfortunately, when raising money for a business, you are supposed to attach your name to it. It is a sign that if things go haywire, your reputation will be at stake.
  3. They had money collected anonymously without verification: Whenever a large cross-border transaction of money is taking place, the sender is supposed to be identified with a full name, address, job title, and contact details. This is basic Know Your Client (KYC) procedure, and it is not a joke. Governments do not like unidentified people transferring a large amount of funds across borders Moreover, you are supposed to know from whom you collect money in order to get back in touch for any grievances.

People lost half a million dollars in the Ebitz scam, even though their paper was done so neatly and clearly and with a clear sign of in-depth knowledge of blockchain.

ICOs are an unregulated space, so it is important to do greater due diligence on them than a SEC-regulated security. We need to have user education in this space and should determine standards for when and how to participate in an ICO, and when to walk away.

As a summary, do not participate in an ICO if

  • There is no escrow
  • The people behind it are unknown
  • They do not verify you before collecting your money
  • They do not much mention how much money they need
  • There is no GitHub or communication channel for checking their claims
  • They claim to be an investment security
  • They are urging you to put money quickly
  • They don’t have a clear business model explained in a white paper that is actually connected to blockchain
  • They contact you without knowing who you are

Any other points? Let me know and I will update this article accordingly.

Screen Shot 2017-09-22 at 12.15.10 PM Screen Shot 2017-09-22 at 12.15.30 PM ico2