There is a level of personal transparency that is needed when crafting an engaging Kickstarter. By revealing some of your personal life with backers you will build trust, putting your reputation on the line should you fail to fulfill your promises. Some will even back, or increase their pledge, simply to support you personally. 

This transparency, which builds trust, comes at a price.

That price is a vulnerability that scammers can exploit. 

Your successful Kickstarter is a big spotlight for thieves that essentially says, “Hey! I’m about to have a substantial amount of money deposited in my bank account!”.

Accessing these funds or mimicking your identity becomes a priority for malicious actors. The very information you have used to build confidence with backers can be used against you. If someone can pretend to be you, they can access your resources or leverage your reputation for financial advantage. 

This is not just theory, we have personally been attacked by criminals pretending to represent our Crowdfunding Nerds marketing agency, alongside individuals purporting to be law-enforcement, which leveraged some of our most intimate private details in order to illicit funds (see episode 222 of the Crowdfunding Nerds Podcast below). 

Here are some steps you can take to safeguard your online identity and make it harder for attackers to interrupt your crowdfunding business. 

Use Multiple Emails

The internet is forever, is a sound maxim to live by. 

You should assume that at some stage a company you submit your email to will suffer a data breach.

In fact, you can use https://haveibeenpwned.com/ to see if your email has been compromised.

By diversifying your emails for various services you prevent malicious actors from copying your email and password from one account and using it elsewhere.

This means you should have an email and different password for your Kickstarter, another for your Meta account, another for Google, etc. 

How To Craft Strong Passwords 

Apart from your passwords being unique, they should also be strong.

Acronyms can be a useful way to generate seemingly random letters which improves your password strength.

Let's use the following MacBeth quote as an example: "O, full of scorpions is my mind, dear wife" (Act 3, Scene 2). 

When turned into an acronym it would produce: “OFOSIMMDW(A3S2)”.

The use of special characters, such as the parentheses, also strengthens the password. You can even add extra characters to the start and end, or between words/sentences, to further enhance your password. Example: *[OFOSIMMDW(A3S2)]*

It was the WWII cryptographer, Leo Marks, who said mixing languages in plaintext before applying an encryption process is "excellent security". Mixing languages is something that can be easily done on a Windows machine. 

Hit the Windows key to search, and type "Language Settings”, under "Preferred Languages” hit “Add a language”. 

If you add a language with a different alphabet such as Greek, Hebrew or Russian you can mix English letters with substituted letters of other characters.

For example by hitting the Windows key on my keyboard and the space bar I can switch between English, Greek and Hebrew and transform a simple English phrase into a complex password: 

Crowdfundingnerds = CROWDΦΘΝΔΙΝΓמקרגד (English, Greek, Hebrew)

Write down or print out your complex passwords and keep them in a safe should you need to recall them.

Safeguard Your Date of Birth 

The first thing a bank will do to verify your identity is ask that you confirm your date of birth. For this reason the only institution that should have your real date of birth should be your bank or government entities.

Use a fake date of birth for all other online services. This will prevent bad actors from leveraging your DOB if seeking to access your bank account. 

Safeguard Your Name

You should also consider spelling your name in different ways on different platforms. For example my name “Sean” can be spelt in many different ways: Shaun, Shawn, Séan, etc. 

If someone was trying to mimic my identity using a variation of my name that I only use on Linkedin, for example, I would be able to pinpoint where the attack is coming from and take the appropriate actions to mitigate further attacks. 

Safeguard Your Biometrics 

A password can be changed, your face cannot. 

In the hands of a scammer, your biometrics are incredibly dangerous.

For these reasons never submit biometrics online, such as facescanning or fingerprinting. A data breach is inevitable and biometrics can’t be changed, unlike a password. 

If a corporation says they will delete your biometrics after the verification process, you still have to trust the company to do this, which is too much of a risk to take. Unless the software is open-source and independently audited, you have no real idea how your data is being used.

Be Careful What You Share Online

Everything you post can, and will be used against you. Therefore share only what is necessary in achieving your goals.

Ask these important questions before making a personal post on social media: 

• What is this post communicating?
• How could this information be used against me?
• How does it help me achieve my crowdfunding goals?  

Taking this small precautionary step prevents oversharing information an attacker could leverage against you. 

Have A Codeword

With the rise of Generative AI and improvements in voice replication, scammers have mimicked family members in distress via phone calls to elicit fake ransomes. 

For this reason, it is important that you form a codeword or sentence among your family members that you can request to verify their identity if such a traffic event were to happen to you. 

Try to make it something random, that is not related to pop culture or could be easily guessed. An inside joke or private nickname, for example. 

We interviewed a privacy expert who outlines even more tips to safeguard yourself and your community online: