How to spot scam mirror websites (an open checklist)

Fake mirror websites are widespread during token launches.

It is common for scammers to trick investors by designing a website by copying another one that has already existed. Following scam links, users lose money by investing in a scam project instead of the real one.

disBalancer Token Launch Protection service is now on the way to deliver to businesses that suffered scams. As well as we aim to protect promising projects against fraud, we care about individual users’ security who have spotted a project that seems to be dubious. Having scam websites list kindly delivered by disBalancer community members within the beta testing, we are pleased to introduce our first checklist on identifying scam token launches. We are calling you in to complete it along with the disBalancer team!

Typosquatting

It is common for scammers to register domains that are very similar to well-known web addresses, differing by a typo, misspellings, wrong domain extensions, alternative spellings, added hyphens, or incorrect domain ending.

See the difference between original and fake links below:

Be aware of a difference from the original project name as one of the common frauds.

No SSL certificate

SSL certificate is a digital certificate that provides authentication for a website and enables an encrypted connection.

Be sure to check whether its protocol is HTTPS, not HTTP while visiting any token sale websites. The difference between the two protocols is that HTTPS uses TLS (SSL), a more secured connection, to encrypt HTTP requests and responses. HTTPS is the single measure that can help mitigate threats and attacks.

Unfortunately, there is no 100% guarantee that an SSL certificate verifies website credibility. Nowadays, fraudsters can get SSL certificates even for a fake mirror website, but they often do not bother with it.

Invalid Team Page

Team Page could also be helpful when it comes to scam detection. When investing, you should know the team stays behind the project launching its token. So, there are a few ways to identify a fake:

No Project Info Defined

The lack of information on a project can also be a red flag, defining scam activity. Instead of the project story and description, a scam website may contain public sale data entirely where you can connect your wallet to buy tokens right away. It may indicate that some wicked people did not manage to make the site interface as close to the real one as possible.

To avoid getting caught out by fraudsters, be sure you follow the link on the public sale website using the authentic website.

Fake Social Media Accounts

Be sure to check them out in the footer. There are a few scenarios that can have a place in here:

Endless Countdown Timer

to the end of a public sale. Usually, it indicates less than 24h or 1h when the offer with an attractive price ends to manipulate and rush you to buy and don’t miss the opportunity.

If you see a countdown timer, try to reload the page and check out the time again. You will see on scam websites that the countdown timer usually starts from the same time point.

Bad Website Design

Scammers have succeeded in copying website design as well too.

The good news is that to make a well-copied website design that would look like an authentic one is not that easy. For instance, scammers can place corporate design elements like logos or graphics into a web page that looks different, so there is a lack of design integrity. You can see how it looks on the pic below: a logo in a mid-century style doesn’t match the website design and looks like it is out of place.

Lack of corporate style integrity is one of the scam red flags.

Have you ever come across any type of token launch scam?

Leave your tips on detecting scam mirror websites in disBalancer Telegram group, so we add them to the checklist. Do not hesitate to share this article so that as many crypto enthusiasts as possible get to know about easy ways to scam protection.

👺 No impersonators will have a chance to fraud people.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
disBalancer

A decentralized cybersecurity solution that performs stress testing to identify DDoS vulnerabilities and protect projects against fraudsters.