Cybercriminals are increasingly using information about upcoming token crowdsales in order to target their phishing attacks on possible investors.

Cybercriminals not only steal cryptocurrencies via hacker attacks, but also use more sophisticated ways to make investors give away crypto assets by themselves, Kaspersky Lab's report titled "Spam and Phishing in the First Quarter of 2018" reads.

For example, the study describes the situation around the ICO project The Bee Token, which held crowdsale in the period from 31 January to 2 February. In order to participate in the crowdsdale, investors had to pass prelimenary registration on the project's website, indicating his email address. Scammers managed to steal a list of contacts of potential investors and at the right time to send out an invitation, claiming that the crowdsale would launch. The letters contained cryptocurrency wallet, where investors were invited to transfer their Ethereum tokens and which belonged to cybercriminals. As a result, investors lost about 123,3275 ETH (about $84,162.37).

A tremendous wave of various phishing attacks was caused by Telegram ICO. Against the rumors about the upcoming ICO, cybercriminals created dozens of fake sites, and by the end of the first quarter, they collected an amount that was supposedly comparable with investments in real TON presale.

Then there was a wave of phishing mailings to the owners of major Russian Telegram channels. Someone with the nickname Telegram (or similar in writing) sent a message to potential victims that suspicious activity was noticed on the part of their accounts, and in order to avoid blocking, it is necessary to confirm the ownerwhip of accounts. To do this, scammers offered to go to a link that led to a phishing site that masquerades as a website of the messenger.

According to Alexander Gostev, chief antivirus expert in Kaspersky Lab, in 2017, cyberattacks on ICOs, including hacer attacks, resulted in $300 million stolen, compared to $3.5 billion attracted via ICOs. In general, the company recorded two thousand phishing attacks on ICOs.