One of the most anticipated ICOs of 2018 is off to an inauspicious start as it fell victim to an email phishing campaign.
Ever since the Bee Token ICO campaign was announced, over 100,000 individuals applied for whitelisting, and the ICO and crypto communities were abuzz with excitement on social media and the Bee Token Telegram channel.
However, all this excitement fell to pieces earlier this week when the campaign became a victim of an email phishing campaign that has so far stolen over $400,000 worth of Ether. The Bee Token team initial strategy has been denial, which in turn only angered the community.
The Bee Token sought to create a decentralized home-sharing platform based on the Ethereum network. Up until recently, the token development and ICO campaign have been a prime example of how to run an ICO. The team behind Bee Token ensured that the minimum amount of contribution is very low (starting at 0.1 ETH) to appeal to a diverse investing audience, the token was scrupulous with its whitelist and KYC verifications, and managed to excite a passionate and dedicated community of potential investors.
Their flawless campaign management was reflected in the numbers: over 100,000 individuals applied for whitelisting, a number which broke crowdsale records and forced the team to start denying applicants because demand was too high. The Bee Token Telegram Channel enjoys over 50,000 followers and its social media platforms are equally popular.
However, a few minutes managed to undermine months of the team’s hard work shortly after the sale commenced earlier this week. It appears that malicious attackers somehow managed to gain access to Bee Token’s email list, which included information such as contribution addresses and real names. Several individuals on this list were targeted and sent an email from someone claiming to be the Bee Token team.
The email requested that the investor pay their contribution to a false address. While the Bee Token was likely an irresistible target for hackers, the team’s handling of the attack did not improve matters. Instead of being honest with their audience and investors, the team severely downplayed the severity of the scam.
While they tried to pacify their investors with platitudes, more individuals on their email list was sent phishing emails:
In the victims’ and Bee Token’s defense, this scam was well-organized. Recipients received emails that addressed them using first names. While those with insider knowledge could easily spot that this email was fraudulent, thanks to the typo and fraudulent claims, new ICO investors were fooled. This is unsurprising as the 2018 ICO investor landscape is shifting to include more and more novice investors. The hackers used two separate cryptocurrency addresses which have so far gained over $400,000 and counting.
Despite the scam’s severity, the Bee Token sale decided to downplay it and even accused members on its Telegram Channel of perpetuating false information. The team made no attempt to reach out to their investors through any of its social media platforms, and the email gave little information as to the details of the phishing scam.
This has hugely impacted the token sale. While it was expected that the Bee Token would sell out in minutes, today’s activity has been sluggish at best. This implies that investors are wary after Bee Token’s rocky start. The team did not only fail to properly secure investor information, but they failed to address the situation sufficiently. This does not create a sound foundation for a successful startup.
