Once my smart contract is active on the Ethereum, what prevents me from modifying the contract for my own benefit? Let's say I created a crowfunding dapp which users can use on my site www.crownfunding.com. Once users are using that dapp, as a malicious guy, I could link a new smart contract to that site sending investor's money to my own account instead of using that money for the crownfunded project?
It is true? If so, what are the safeguards?