How to Tell if a Crypto Project Is a Scam Before You Buy

This guide is about buying a specific token on an exchange or a swap site, not about romance scams or fake job offers. The scam types you can screen for before you click buy are:

• Rug pull: the team launches a token, gets people to add money, then drains the trading pool and disappears. The price goes to near zero in one transaction.
• Honeypot: the contract lets you buy but quietly blocks you from selling, or charges a 90 to 100 percent fee when you try to sell. The chart looks like it only goes up because almost nobody can get out.
• Pump and dump: insiders hold most of the supply, hype the token, and sell into the buyers they attracted.

One phrase worth knowing: a smart contract is just the program that controls the token. "Read the contract" means look at what that program is allowed to do, especially what the creators can do to you.

For background on how tokens and chains work underneath all this, see blockchain basics and crypto explained.

Here is the whole routine before you spend a cent. Each step is expanded later. Do them in order and stop the moment something fails badly.

1. Copy the token's contract address (not its name; names are not unique).
2. Paste it into a scam scanner for that chain and read the risk score.
3. Open a block explorer and check that the contract is verified.
4. Look at liquidity: how much is in the trading pool, and is it locked.
5. Look at holders: does one or two wallets own most of the supply.
6. Run a honeypot check to confirm the token can actually be sold.
7. Check the team and the socials for the cheap fakes.
8. If everything passes and you still want in, consider a tiny test buy first.

The single most important habit is step 1. Scammers launch fake tokens that copy the name and logo of a real project. The address is the only thing that cannot be faked. Get it from the project's official site or a major data site, never from a reply in a comment section.

Free scam scanners read the contract for you and flag common tricks. Which one depends on the chain:

• Ethereum, BNB Chain and similar: Token Sniffer gives a score from 0 to 100 (higher is better) plus a separate pass or fail badge that simulates a real buy and sell. GoPlus Security powers checks inside many wallets.
• Solana: RugCheck flags liquidity that is not locked, risky authorities, and concentrated holders. Paste the mint address; no account needed.

How to read the result: a low score or any red "honeypot" / "sell disabled" flag is a stop. A high score is not a green light. As tool makers themselves warn, a token can score 100 on launch day and still be drained a week later if the team waits and then uses a hidden function nobody flagged. The score is a snapshot of the code right now, not a promise about the future.

What does NOT work: searching the token name on social media and counting likes. Likes are bought. The scanner reads the actual code; a hype thread reads whatever the team wants you to see.

A block explorer is a free public website that shows everything happening on a chain. For Ethereum it is Etherscan; BNB Chain uses BscScan; Solana uses Solscan or the explorer built into the scanners above. Paste the contract address into the search box and you land on the token page. Three things to look at:

1. The Contract tab. Look for a green check that says the source code is verified. As Etherscan describes it, verifying a contract publishes the source code and confirms it corresponds to the program running on-chain, so what you read is what runs. An unverified contract hides its own behavior. For a brand-new token asking for your money, unverified is a reason to walk away. One caveat worth holding onto: verification proves transparency, not safety. It only confirms the code is what it claims to be, so code can be verified and still hold a bug or a backdoor.
2. The Holders tab. This lists the wallets that own the token and their percentages. More on this below.
3. The transactions list. A real token has many different wallets trading at irregular times. A line of identical buys seconds apart, all similar sizes, is often fake activity made to look like demand.

You do not need to understand the code line by line. The verified badge, the holder split, and the shape of the transaction list already tell you a lot.

To trade a token on a swap site there has to be a pool holding both the token and something real like ETH or a stablecoin. That pool is the liquidity. It matters for two reasons.

Amount. A pool with a few hundred dollars in it means you cannot sell any meaningful amount without crashing the price yourself. Thin liquidity is also easy for the team to yank.

Locked or not. This is the core of the classic rug pull. If the team controls the pool, they can remove it and vanish. "Locked" liquidity means those pool tokens are held by a separate locker service (names like Unicrypt or Team Finance appear here) or sent to a dead address, so the team cannot pull them for a set time. On Solana, RugCheck shows lock status directly; on Ethereum you can see it via DEXTools' pair view or by checking who holds the LP tokens on the explorer.

Read the release date on the lock, do not just see the word "locked." Liquidity locked for 14 more days is a very different signal from liquidity locked for two years. A short lock that expires soon is a countdown, not protection. No lock at all on a new token is one of the clearest rug-pull setups there is.

Holder concentration. On the Holders tab, add up the top wallets (ignore the liquidity pool address and known locker addresses, which the explorer usually labels). If one wallet or a small cluster holds 30, 50, or 80 percent of everything, that team can dump the price to zero whenever they like. Heavy concentration in a few hands is a standard pump-and-dump shape.

The honeypot test. A honeypot lets you buy and then traps you. Detection tools like Honeypot.is and Token Sniffer's swap badge work by simulating a buy and an immediate sell against the contract before you risk real money. If the simulated sell fails, or the sell fee comes back at 90 to 100 percent, the tool flags it. Run this for any low-cap token. A common trick: the sell fee starts low to pass early scans, and the owner raises it later. So a clean honeypot check is reassuring but, again, not permanent.

Worked example. Say you find "MoonX" trending. You copy its contract address from the project site, paste it into Token Sniffer, and see a score of 12 with a red honeypot badge. On the explorer, one wallet holds 91 percent and liquidity is not locked. Three independent stop signs. Total time, under three minutes, and you just avoided the loss.

Anonymous teams. An unnamed team is not automatically a scam; plenty of real projects use pseudonyms. But anonymity removes accountability. If nobody is identifiable, weight every other signal more heavily, and never accept "trust us" in place of a lock or a real audit.

Fake or fake-quoted audits. Scammers love to claim an audit by a known security firm. Two cheap checks: find the audit report on the auditing firm's own website, not a PDF hosted by the project; and confirm the audited contract address matches the one you are about to buy. A real audit also does not make a token safe to buy, it only checks the code for known flaws at one point in time.

Tokenomics red flags. Be wary of: a huge share of supply reserved for the team or "marketing," transfer taxes above roughly 10 percent (some honeypots sit at 100), a contract that can still mint new tokens (unlimited dilution), and on Solana an active freeze authority that can lock your wallet. RugCheck and Token Sniffer surface these directly.

Regulator red flags. The SEC and CFTC say the clearest fraud signals are promises of guaranteed or risk-free high returns, pressure to act now, and false claims that a government agency endorses the token. No real regulator endorses any token. If a project leans on "guaranteed profit" language, that alone is a hallmark of fraud.

Scams in 2025 increasingly used AI to manufacture trust. Chainalysis found impersonation scams grew more than 1,400 percent year over year, helped by AI tools, and that AI-assisted scams earned several times more per operation than older ones. So treat all of the following as decoration, not evidence:

• Follower counts and likes, which are bought in bulk.
• Celebrity or influencer "endorsements," including deepfake video and cloned voices.
• A flood of identical positive replies, often bots posting the same phrasing.
• Screenshots of other people's gains. Anyone can fake a screenshot.

Real signals are duller: a working product, a team that answers hard questions, code and locks you verified yourself, and time. If a token only exists as hype and a price chart, you are the product. For more on how these frauds operate, see crypto scams and fraud.

Suppose everything above passed. A sensible last step is a tiny test buy: purchase a small amount, then immediately try to sell a portion. If the sell goes through at a normal fee, the basic mechanics work. If it fails, you learned the truth for a few dollars instead of your savings. Never approve a token spend you did not initiate, and revoke old approvals you no longer use; a malicious approval can drain a wallet later.

Keep amounts small and keep your main holdings in a wallet you control. The habits in crypto security and wallets apply to every token, not just bitcoin.

If you have already sent money to a scam: stop sending more, including to anyone who promises to "recover" your funds for an upfront fee, which is almost always a second scam. Save every address, link, and screenshot. In the United States, report to the FBI at ic3.gov and to the FTC at reportfraud.ftc.gov; rules differ by country, so check your local crypto regulation. Realistic expectations matter; once funds move on-chain they are usually gone, as covered in crypto recovery.

Read primary sources rather than relying on summaries:

• FBI: Cryptocurrency and AI Scams Bilk Americans of Billions (IC3 2024 figures)
• Chainalysis 2026 Crypto Crime Report: Scams
• CFTC Investor Alert: Fraudulent Digital Asset and Crypto Trading Websites
• SEC Investor Alert: False Claims About SEC and CFTC Endorsements
• Etherscan Information Center: contract verification explained

Does a verified contract or a high scanner score mean a token is safe?

What is the single fastest red flag to check?

What does locked liquidity actually protect me from?

Is an anonymous team always a scam?

I already lost money to a crypto scam. Can I get it back?

Why are crypto scams getting harder to spot in 2026?