Reviewed by James Carter, Senior Crypto Analyst | Updated March 2026 | Affiliate Disclosure: We may earn commissions from links on this page.
Between 2017 and 2018, ICO scams defrauded investors of more than $100 million globally, with the cryptocurrency industry losing an estimated $1.7 billion to fraudulent token offerings during the peak ICO boom. As blockchain technology continues gaining mainstream adoption, understanding how these scams operated and recognizing warning signs remains essential for protecting your digital assets and investment capital.
What Are ICOs and How Token Fundraising Works
ICO (Initial Coin Offering) represents a blockchain-based fundraising mechanism that enables cryptocurrency startups to raise capital from investors through bourse de crypto-monnaies platforms. This crowdfunding method emerged in July 2013 when Mastercoin conducted the first recognized ICO, raising approximately 5,000 BTC. The concept drew parallels to traditional Initial Public Offerings, though with one fundamental distinction: ICO participants receive digital tokens rather than equity shares in a company.
The critical difference between ICOs and IPOs extends beyond asset type to regulatory protection. IPO participants benefit from extensive disclosure requirements, financial audits, and oversight from securities regulators including the SEC, FINRA, and state-level authorities. ICOs historically operated in regulatory gray areas with minimal investor protections. This oversight gap created conditions where fraudulent token sales, exit scams, and elaborate Ponzi schemes could flourish, ultimately stealing billions in investor funds between 2016 and 2019.
Regulatory Framework and Investor Protections
The regulatory landscape governing ICOs has transformed substantially since the 2017-2018 cryptocurrency fundraising boom. In the United States, the SEC applies the Howey Test, established by the 1946 Supreme Court case SEC v. W.J. Howey Co., to determine whether token offerings constitute investment contracts. Under this four-prong test, a token qualifies as a security if it involves an investment of money in a common enterprise with an expectation of profits derived primarily from the efforts of others.
Key regulatory bodies overseeing cryptocurrency offerings include:
- SEC (Securities and Exchange Commission) – United States federal securities enforcement with jurisdiction over token offerings classified as securities
- CFTC (Commodity Futures Trading Commission) – Oversees cryptocurrency derivatives, futures contracts, and certain digital assets classified as commodities
- FinCEN (Financial Crimes Enforcement Network) – Enforces Anti-Money Laundering (AML) and Bank Secrecy Act compliance for cryptocurrency businesses
- FCA (Financial Conduct Authority) – United Kingdom financial services regulator with crypto asset registration requirements since January 2020
- ESMA (European Securities and Markets Authority) – European Union securities oversight implementing MiCA regulations
- MAS (Monetary Authority of Singapore) – Singapore financial regulatory authority administering the Payment Services Act for digital payment tokens
Many ICOs marketed their offerings as “jetons d'utilité” to circumvent securities registration requirements. The SEC has rejected this classification in numerous enforcement actions, determining that token functionality does not automatically exempt offerings from securities laws. Since 2017, the SEC has brought more than 90 enforcement actions against ICO issuers, recovering over $2 billion in penalties, disgorgement, and prejudgment interest. Violators face civil penalties ranging from thousands to millions of dollars, disgorgement of ill-gotten profits, and potential criminal referrals to the Department of Justice for wire fraud and securities fraud charges.
Understanding how these fraudulent schemes operated helps investors recognize similar tactics in emerging cryptocurrency investment opportunities.
How Fraudulent ICOs Deceived Investors
ICOs were designed as capital formation tools enabling investors to acquire digital tokens representing future access to blockchain platforms, services, or ecosystems. Legitimate ICOs provided early-stage funding for projects like Ethereum, which raised $18 million in 2014 and now underpins a cryptocurrency ecosystem valued at hundreds of billions of dollars.
Traditional capital markets operate under stringent regulatory frameworks requiring audited financial statements, prospectus filings, lock-up periods, and ongoing disclosure obligations. These requirements deter fraud through transparency and accountability. The absence of equivalent ICO regulations attracted bad actors seeking to exploit investor enthusiasm for blockchain technology without facing traditional securities compliance costs.
ICO scammers employ sophisticated tactics designed to attract potential investors to non-existent or fundamentally flawed projects. Common fraud mechanisms include fabricated whitepapers describing impossible technology, fake team member profiles using stolen photographs, artificial social media engagement through purchased followers, paid celebrity endorsements without disclosure, and elaborate exit scams timed to coincide with maximum capital collection.
A project qualifies as fraudulent when evidence demonstrates that funds raised during the token sale were misappropriated, project leadership abandoned communication with investors, promised development milestones were never attempted, and forensic analysis reveals premeditated intent to defraud. According to research from Satis Group published in 2018, approximately 78% of ICOs conducted that year were identified as scams, while only 8% reached the trading stage on cryptocurrency exchanges.
Notorious ICO Scams That Devastated Cryptocurrency Investors
1. The Opair and Ebitz Project (Loss of 2.9 Million US Dollars)
The Opair and Ebitz schemes represented interconnected fraud operations orchestrated by an individual using the pseudonym “Wasserman,” who has never been identified or apprehended by law enforcement. The combined operations extracted approximately 388 Bitcoin from unsuspecting investors across multiple jurisdictions.
Opair marketed itself as a decentralized debit card service utilizing a proprietary XPO token for peer-to-peer financial transactions. The project presented professional-looking marketing materials and detailed technical documentation. Community investigators on BitcoinTalk forums discovered that LinkedIn profiles for purported team members used photographs stolen from unrelated professionals, exposing the first fraud indicators. Following this revelation, the Opair website and all associated communication channels disappeared within 48 hours. Forensic analysis of blockchain transactions indicated investor losses totaling approximately 190 BTC from the Opair operation alone.
Amateur blockchain investigators organized by defrauded investors subsequently uncovered connections between Opair and a second project called Ebitz. Technical examination revealed that Ebitz mail servers contained MX records redirecting data to Opair domain infrastructure. Further investigation determined Ebitz was a cloned codebase of the ZCash privacy coin with superficial modifications and rebranded marketing. The Ebitz founders, presenting themselves as “a group of ethical hackers,” announced plans to raise 500,000 Bitcoin during their ICO launching November 28, 2016.
Within 48 hours of the Ebitz ICO launch, BitcoinTalk community members publicly documented the Opair connection through domain registration records and server infrastructure analysis. The Ebitz website was immediately taken offline, but the operators had already collected approximately 200 BTC before the exposure. Combined losses from both operations totaled 2.9 million US dollars at contemporary Bitcoin valuations, affecting investors across dozens of countries.
2. The Benebit Project (Loss of 2.7-4 Million US Dollars)
Benebit represented one of the most professionally executed ICO scams of 2018, combining sophisticated marketing with elaborate deception techniques. The project claimed to develop blockchain-based loyalty program infrastructure targeting the aviation and hospitality industries, promising to unify fragmented reward systems through interoperable digital tokens.
The fraudulent operation invested heavily in creating legitimacy signals that would satisfy casual due diligence efforts. Marketing expenditures exceeded $500,000 for advertising campaigns across cryptocurrency publications, social media platforms, and industry events. The project maintained an active Telegram community exceeding 9,000 members, with responsive administrators answering technical questions and fostering investor engagement. Professional-quality video content featured apparent team members discussing development progress and partnership announcements.
Skeptical community members conducting deeper verification discovered that all photographs of Benebit project team members had been stolen from publicly accessible UK university staff directories. Reverse image searches using TinEye and Google Images matched team photos to legitimate academics with no connection to blockchain technology or the Benebit project. Additionally, passport images provided as identity verification contained fabricated details that did not match any government-issued documents.
Once the fraud exposure gained momentum across cryptocurrency forums and social media, Benebit operators executed a coordinated disappearance. Within 24 hours, the official website was deleted, all social media accounts were deactivated, Telegram channels were closed, and all project documentation was removed from online storage. Expert analysis estimates total investor losses between $2.7 million and $4 million, with funds distributed across multiple cryptocurrency wallets that were subsequently laundered through mixing services.
3. The Plexcoin Project (Loss of 15 Million US Dollars)
Plexcoin achieved notoriety as the subject of the SEC’s first emergency action against an ICO issuer, demonstrating regulatory willingness to intervene aggressively against cryptocurrency fraud. The SEC obtained an asset freeze on December 1, 2017, halting the fraudulent token sale and preserving $15 million in investor funds collected since August 2017.
Quebec resident Dominique Lacroix, operating through PlexCorps, marketed Plexcoin as a revolutionary cryptocurrency investment opportunity promising returns of 1,354 percent within 29 days. The promotional materials claimed Plexcoin would appreciate from $0.13 to $1.76 within one month of the token sale conclusion, presenting specific percentage projections as guaranteed investment returns rather than speculative possibilities.
SEC investigators determined that Lacroix had previous regulatory violations, including a 2011 Quebec securities commission order prohibiting him from engaging in securities activities. Despite this prohibition, Lacroix raised funds from approximately 22,000 investors across multiple countries by misrepresenting the nature of the investment opportunity and his own background.
The federal court sentenced Lacroix to prison and imposed a $100,000 fine on PlexCorps. Approximately $810,000 remained held by payment processor Stripe, which had frozen transaction processing before the SEC action. The remaining frozen assets were distributed across cryptocurrency wallets controlled by Lacroix. The SEC action established precedent for aggressive enforcement against fraudulent token offerings and demonstrated that securities laws apply regardless of the technological medium used to conduct offerings.
4. The PonziCoin Project (Loss of 250 Thousand US Dollars)
PonziCoin represents a unique case study in cryptocurrency fraud psychology, demonstrating that investors will sometimes ignore explicit warnings when potential profits appear attractive. The 2017 iteration of PonziCoin was marketed transparently as “the world’s first legitimate Ponzi scheme,” openly acknowledging that early investors would profit at the expense of later participants.
The original PonziCoin launched in 2014 as a satirical project with approximately $7 million in trading volume equivalent before the operator disappeared with investor funds. Despite this documented history, a cloned version emerged in 2017 using identical branding and the same blockchain address format. The 2017 operator explicitly stated in marketing materials that the project was designed as a Ponzi scheme and that participants should expect losses.
Remarkably, investors deposited approximately $250,000 worth of cryptocurrency into the openly fraudulent scheme within days of launch. When the operator executed the expected exit scam, victims expressed surprise despite the transparent fraud disclosure. Behavioral economists cite PonziCoin as evidence of “greater fool” investment psychology, where participants believed they could profit by exiting before inevitable collapse regardless of the acknowledged fraud structure.
5. The REcoin and DRC Projects (Loss of 300 Thousand US Dollars)
REcoin (Real Estate coin) and Diamond Reserve Club (DRC) represented parallel fraud operations conducted by Brooklyn businessman Maxim Zaslavsky, resulting in the first SEC enforcement action specifically charging an individual with defrauding ICO investors. Zaslavsky marketed both projects as asset-backed cryptocurrencies, claiming tokens were collateralized by real estate investments and diamond reserves respectively.
Zaslavsky’s promotional materials claimed the startups had assembled experienced legal, financial, and real estate professionals, established partnerships with institutional investors and retail businesses, and developed sophisticated asset management infrastructure. Marketing documents referenced specific properties and diamond inventories backing the token values, presenting detailed financial projections suggesting guaranteed appreciation.
SEC investigation revealed that neither project possessed any actual assets, operational infrastructure, or blockchain technology. REcoin and DRC had no tokens created, no blockchain development activity, no real estate holdings, and no diamond reserves. The entire operation consisted exclusively of marketing materials promoting non-existent investment opportunities. Zaslavsky had fabricated all claims regarding team members, business partnerships, and asset backing.
Federal authorities arrested Zaslavsky on September 29, 2017, charging him with securities fraud and wire fraud. The SEC complaint documented that Zaslavsky raised approximately $300,000 from investors, though he claimed in communications that total investments exceeded $2 million. Zaslavsky pleaded guilty in November 2018 and was sentenced to 16 months in prison, demonstrating criminal consequences for ICO fraud beyond civil penalties.
Trusted Cryptocurrency Exchanges Comparison
Selecting a regulated cryptocurrency exchange with established security practices and transparent operations represents the foundation of safe digital asset investing. The following comparison highlights platforms with verified regulatory credentials, insurance protections, and security certifications:
| Échange | Honoraires | Min Deposit | Regulation | Rating |
|---|---|---|---|---|
| Coinbase | 0.5% – 4.5% | $2 | SEC, FinCEN, FCA | 4.8/5 |
| Kraken | 0.16% – 0.26% | $10 | FinCEN, FCA, FINTRAC | 4.7/5 |
| Binance | 0.1% | $10 | Varies by region | 4.6/5 |
| Gémeaux | 0.5% – 1.49% | $0 | NYDFS, SOC 2 | 4.5/5 |
| eToro | 1% spread | $50 | FCA, CySEC, ASIC | 4.4/5 |
Regulated exchanges implement critical investor protections distinguishing them from unregulated platforms. These safeguards include segregated customer funds maintained separately from operational accounts, insurance coverage for digital assets held in custody (Coinbase maintains $320 million in crime insurance coverage), mandatory Know Your Customer (KYC) and Anti-Money Laundering (AML) verification procedures, regular third-party security audits and penetration testing, and cold storage policies keeping 95-98% of customer assets offline. These protections substantially reduce risks of fund loss from fraud, hacking incidents, or exchange insolvency.
Essential Due Diligence Before Participating in Token Sales
Protecting yourself from ICO fraud requires systematic verification procedures that examine technical claims, team credentials, and regulatory compliance. The SEC’s educational resource HoweyCoins demonstrates common fraud tactics and helps investors identify warning signs before committing capital.
Fraudsters continuously develop sophisticated deception techniques, requiring investors to maintain vigilant skepticism toward all cryptocurrency investment opportunities. Hasty investment decisions driven by fear of missing out (FOMO) or artificially created urgency frequently result in permanent capital loss. Successful cryptocurrency investing requires deliberate analysis and emotional discipline.
Before participating in any cryptocurrency ICO or token sale, complete the following verification procedures:
- Examine the whitepaper critically for technical accuracy, realistic timelines, clear tokenomics, and original content. Use plagiarism detection tools like Copyscape to verify documentation originality
- Evaluate whether the project addresses genuine market problems with technologically feasible solutions. Question why blockchain technology is necessary for the stated use case
- Verify team member identities through LinkedIn professional history, GitHub contribution records, academic credentials, and previous project involvement. Contact project founders directly with technical questions that require specific expertise to answer accurately
- Conduct reverse image searches on team photographs using Google Images, TinEye, and Yandex to detect stolen profile images from stock photo databases or unrelated individuals
- Research community sentiment on independent forums including Reddit cryptocurrency communities, BitcoinTalk forum archives, and Telegram discussion groups. Verify that positive reviews come from established accounts with authentic engagement history
- Confirm the legitimacy of any escrow arrangements, third-party audits, or smart contract reviews. Verify that auditing firms have verifiable reputations and the claimed audit reports are authentic
- Check independent ICO rating platforms including ICOBench, ICODrops, and ICO Marks for professional evaluations. Absence of any independent ratings for a well-promoted project indicates potential fraud
Verify all technical claims against evidence before committing funds. Legitimate blockchain projects maintain active code repositories on platforms like GitHub with documented commit history, multiple contributors, and transparent development progress. Projects claiming advanced blockchain technology with no public code samples, no developer activity, and no testnet deployments are almost certainly fraudulent.
Additional fraud indicators include absent whitepapers or documentation consisting only of marketing language, missing project roadmaps with specific development milestones, no patent filings or intellectual property documentation for claimed proprietary technology, excessive focus on token price appreciation rather than utility development, and artificial social media engagement from purchased followers or bot accounts. Professional scammers invest heavily in creating legitimacy signals, making thorough verification essential for protecting your cryptocurrency investments.
Red Flags and Warning Signs of ICO Investment Fraud
Recognizing common fraud indicators enables investors to identify suspicious opportunities before committing capital. The following warning signs appear consistently across documented ICO scams:
Guaranteed returns or specific profit projections represent the most reliable fraud indicator. Legitimate investment opportunities never guarantee returns because cryptocurrency markets are inherently volatile and unpredictable. SEC guidance explicitly states that promises of guaranteed profits or specific return percentages constitute securities fraud. If any ICO claims investors will receive 100%, 500%, or 1,354% returns like Plexcoin, this represents clear fraud regardless of other legitimacy signals.
Anonymous or unverifiable team members indicate either deliberate deception or insufficient professional credibility. Legitimate blockchain projects are typically founded by individuals with documented professional histories in software development, cryptography, finance, or relevant industries. Team members should have verifiable LinkedIn profiles, GitHub accounts with contribution history, academic credentials that can be confirmed with institutions, and professional references. Complete anonymity in project leadership, while common in some legitimate DeFi protocols, should trigger enhanced scrutiny of all other project elements.
Low-quality or plagiarized whitepapers indicate lack of original technical development and often signal fraudulent intent. Authentic blockchain projects invest substantial resources in documentation explaining novel technology, comprehensive tokenomics, detailed architecture specifications, and realistic implementation timelines. Whitepapers containing grammatical errors, vague technical descriptions, plagiarized content from other projects, or missing sections on security considerations suggest fraudulent or incompetent operators.
No working product, prototype, or demonstrable development progress should concern potential investors significantly. While some legitimate ICOs raise funds before completing products, they typically demonstrate tangible progress through public code repositories with active commits, beta versions available for testing, technical demonstrations at industry events, or partnerships with established technology companies. Projects claiming revolutionary technology with no evidence of development activity are likely vaporware designed to extract investor funds.
Pressure tactics creating artificial urgency represent deliberate manipulation designed to prevent due diligence. Phrases like “limited time offer,” “exclusive presale ending soon,” or “final opportunity before public launch” are designed to trigger impulsive investment decisions. Legitimate projects provide adequate time for investor evaluation and welcome scrutiny rather than discouraging it through artificial deadlines.