Isn't the point of decentralization to be trustless?
There's already plenty of sites that values ICOs on various aspects, icobench is one.
they judge things like the team, idea, and such.
if people don't do their own research, they might end up joining a bad ico, and well, there's not much of regulation here yet, and it's likely they'll never see their money again if they join a bad ico.
it's a bit of darwinism, people who give out their private keys or doesn't take fundamental steps in protecting their crypto - they lose it.
same for those who simply fall into the ico scams saying "1000% in one week!".
sure, there's some legit-looking icos that even a critical person could fall for, but that's in a way part of the game, sadly.
aslong as the team exists, looks real - real names and such - they'd be risking much by straight out scamming.
however, dumping coins early and not clearly outlining the path of the project, is in some way illegal I'm sure(to manipulate the price?)
but there's waaay too many small crypto projects going on for anyone to properly stop that I think.
And beyond icobench(and other sites like that), a good sign in general is for example AmaZix - if they're present, they've investigated and judged the project to be safe,
as they don't want their name to go with a scam.
CoinMetro which is an exchange (not yet launched) will also have an ICO platform which will make both participating, and also launching, ICOs much easier - and safer.
(they take pride in being the first, or best or something - in terms of legal adoption).
worth mentioning is that I
wrote a thread here for analyzing icos before choosing them, maybe you have some input for that
it's how like the vast majority of bounties created here on this forum, never seem to reach any such site as icobench, yet everyone rushes to join those bounties, and are never paid, or the projects die.
this whole ICO wave is a bit too new, soon it'll probably get regulated and to participate in an ICO you have to send in blabla legal documents etc, any serious project already demands KYC..
so, you might wish for safety, but at what cost?