Security

General

The ICOtoInvest will announce any breaking security issues on this website's Security Announcements page. We suggest all users of ICOtoInvest readers to read the bellow information.

 

Security of your Personal Information

The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

 

What if ICOtoInvest Gets Hacked?

In the event the ICOtoInvest website is down or hacked, ICOtoInvest protocol has an alert system and currently a small set of people working for the ICOtoInvest control the keys to issue alerts. These will be sent to all nodes.

 

Phishing & Spam

A social engineering technique used by attackers aiming to receive the users’ personal data. Phishing attacks can provide an attacker with access to the following personal data:

  • Credentials for any electronic service (electronic wallets, mailboxes, payment services, social network and other accounts etc.);
  • Personal data to be further used in other types of attacks;

 

Methods used by attackers:

  • Personal e-mails (can have a particularly powerful psychological effect on a person);
  • Bulk spam mail (a widespread, cheap technology that can reach a large target audience);
  • Any online resources (efficiency stems from the carelessness of the visitors of web resources).

 

How to recognize phishing?

  • Use of brands and well-known trademarks with a slight difference from the original;
  • Similar links and copycat sites (use of similar interfaces or addresses);
  • Incorrect domain name of the mail server or mailbox name of the sender.

 

Countermeasures:

  • Careful handling of attachments and links in e-mails;
  • Scanning downloadable files and resources with VirusTotal;
  • Checking connection security.

 

DATA EXCHANGE VIA FILE-SHARING SITES AND FLASH DRIVES

Countermeasures:

  • Using trusted sources;
  • Scanning downloaded files (VirusTotal);
  • When uploading files to a file-sharing site, use password-protected archives and asymmetric encryption.

 

About Email

  • Account activity monitoring (IP address, time zone);
  • Two-factor authentication;
  • Creation of complicated passwords.

 

About the Browsers

  • Account activity monitoring (IP address, time zone);
  • Use of plugins;
  • Disabling the browser’s password auto-fill functionality.

 

About the Social Networks

  • Two-factor authentication;
  • A complicated password;
  • Responsibility for published posts