How Hacken helped Jibrel avoid major losses during an ICO phishing scam
November 17, 2017. Jibrel Network — the decentralized protocol for storing and transacting traditional financial assets on the Ethereum blockchain — began the public sale of its Jibrel Network Token (JNT).
And, as with many ICOs and token generation events, it garnered a lot of attention — not all of it the good kind, in this case.
Earlier that month, Jibrel announced that it was going to protect its assets with Hacken. Hacken is a tokenized marketplace that offers access to white hat, ethical hackers. It turns out that this was quite the prophetic move.
“Ten minutes before the token sale started, four phishing sites appeared,” Talal Tabbaa, cofounder at Jibrel Network, told VentureBeat. “These were either exact replicas or slight variations on our own site, with similar URLs.”
Each of these sites featured an Ethereum address that was owned by the scammers. Their hope? That unwitting investors would buy what they thought were JNT tokens, allowing them to make off with the funds and take that investment away from Jibrel.
There were a few things the scammers didn’t count on, however.
“Six months ago, you would have probably just invested,” Tabbaa said. “Now, thankfully, investors are smarter. In addition, we’re using and complying with ‘know your customer’ checks (KYC), which helps to ensure fraud is kept at a minimum.”
KYC is the process whereby a business identifies and verifies the identity of its clients, and it is used around the world as an anti-fraud mechanism and in anti-money laundering schemes.
The other thing the scammers didn’t count on was how quickly Hacken would spring into action.
“It took Hacken only six minutes to take down the first fake website,” Tabbaa said. “The response from the Hacken team was incredible, actually. It created a Telegram group that comprised six team members, who coordinated their actions and kept us up to date every five minutes.”
Within three hours, all of the fake websites had been taken down.
So, how did Jibrel find out about the phishing scam in the first place?
“Actually, my girlfriend called me,” Tabbaa said. “She told me that she’d found some strange sites via a Google search, and asked me if I was aware of them.”
In fact, the scammers were pushing the phishing sites to those searching for Jibrel’s event via Google AdWords. And that wasn’t the only place the scammers had made an investment in the phishing campaign.
“I used Etherscan to check the Ethereum addresses attached to the fake sites,” Tabbaa said. “It showed that one address had a balance of 80 Ether already, so I was worried we’d already lost out on potential investments. Then I realized that the Ether was put there by the creator to make it look as if it was active and had already received funds.”
The entire event has had an impact on Tabbaa.
“Imagine spending a year getting ready for your ICO event, only to have scammers try to ruin everything,” Tabbaa said. “The response from Hacken — especially the response time — was amazing and really helped to put our minds at ease. In fact, I’ve now personally invested in the Hacken project — they were that good.”
With the excitement that seems to follow every blockchain and cryptocurrency project right now, blockchain startups (and crypto-rich individuals) are being targeted daily by scammers trying to divert or steal Ethereum, Bitcoin, Litecoin, and more. In addition to using Hacken to protect against phishing attacks and perform site audits, Jibrel is using Cloudflare for protection against DDoS attacks.
The attacks won’t stop anytime soon, but as investors become smarter and better able to spot red flags — and with solutions like Hacken that make ethical hackers available to tackle adverse situations — maybe the blockchain universe will continue to prevail against phishing scams such as the one Jibrel had to deal with.