Cielo Documentation
  • Overview
  • Quick Start Guide
  • Getting Started
  • Feed
    • Filters
  • Wallet Discovery
  • Public Lists
  • Insights
  • My Wallets
    • New Trade Alerts
    • Token Filters
    • Lists
    • Bulk Edits
    • Bulk Import
  • Custom Alerts
    • Multiple Wallet
    • Token Swap
  • Settings
  • Subscribe
  • Cielo Web Extension
  • FAQ
  • Discord + Telegram Bots
    • Introduction
    • Telegram
    • Telegram Private Bot
    • Telegram Groups + Channels
    • Discord
      • Migrating Your Discord Bot
    • Feedback
      • Privacy policy
  • GUIDES
    • Copy Trading
      • Risks and Considerations
      • Strategies
      • Finding Good Wallets
      • Monitoring and Refining
      • Risk Management
      • Fees and Other Costs
      • Quick Start Copy Trading Guide
      • Glossary
    • Understanding Pump.fun
    • Scam Tokens
Powered by GitBook
On this page
  • What Are Scam Tokens?
  • How Do Scam Tokens End Up in Wallets?
  • Red Flags to Identify Scam Tokens
  • Risks Associated with Scam Tokens
  • How to Handle Scam Tokens
  • Tools and Methods for Scam Token Detection
  • Staying Safe
  • Conclusion
  1. GUIDES

Scam Tokens

What Are Scam Tokens?

Scam tokens are commonly found on all blockchains but they’re particularly prevalent on Solana due to the volume of new tokens launched there. In the case of pump.fun, scam tokens are fraudulent digital assets created and launched on the Solana blockchain with the intent to deceive or exploit traders. While pump.fun makes it easy for anyone to mint and trade new tokens, this accessibility has led to a flood of scam tokens, with reports indicating that a high proportion of tokens launched on the platform are either rug pulls or pump-and-dump schemes.

Because anyone can launch a token on pump.fun with minimal cost and effort, the platform has become a hotspot for these scams. As a result, most tokens created there quickly collapse in value, and only a tiny fraction retain any real liquidity or legitimacy.

These scammers often use tactics such as:

  • Imitating Legitimate Projects: Copying names, symbols, or branding to trick users into thinking they are buying into a real project.

  • Artificial Hype: Using wash trading, volume bots, or microbuys to create fake trading activity and inflate token value, luring unsuspecting buyers.

  • Rug Pulls: Suddenly withdrawing liquidity or selling large amounts of tokens to crash the price, leaving genuine investors with worthless assets.

  • Clone Attacks: Exploiting delays in token listings to launch fake versions of trending tokens, hoping to catch investors off guard.

Next to this you also have tokens that are unsolicited or malicious digital assets sent to crypto wallets, typically as part of fraudulent schemes such as scam airdrops, honeypots, or rug pulls. These tokens are often designed to mimic legitimate cryptocurrencies by copying their names, symbols, or branding, and are created with the intent to deceive or defraud investors.

Common tactics include distributing tokens as free airdrops, running fake promotions, or presenting tokens with unrealistic values to entice users into interacting with them. Once you engage, you may be tricked into connecting your wallet to a malicious site, providing personal information, or investing in worthless assets, often resulting in financial loss or compromised security.

How Do Scam Tokens End Up in Wallets?

Scammers exploit the openness of public blockchain addresses by sending scam tokens directly to users through airdrops or fake promotional rewards, making it easy for these malicious assets to appear in unsuspecting wallets. Many of these tokens contain embedded links that lead to phishing websites where users are tricked into entering sensitive wallet credentials, ultimately risking the loss of their funds.

Solana Launch Markets: Platforms like Pump.fun and Raydium have become hotspots for scam tokens, especially memecoins. Due to low transaction fees and fast settlement, scammers can quickly deploy and promote fraudulent tokens. Common scams include honeypots, soft rug pulls, and fake launchpad clones that trick you into connecting wallets or funding fake sales.

Ethereum Launch Markets: Similar scams occur on Ethereum, where fraudulent projects launch tokens on DEXs like Uniswap. These tokens are promoted through social media and fake communities, often with promises of high returns or exclusive access. Scammers may engineer smart contracts to restrict selling, drain liquidity, or require you to approve malicious transactions, compromising wallet security.

Red Flags to Identify Scam Tokens

Scam tokens often arrive unexpectedly in wallets without any legitimate transaction or context, making their sudden appearance a key warning sign. These tokens typically have unknown origins, lacking any traceable or reputable source, which makes it difficult to verify their legitimacy.

Many display unrealistic values due to manipulated liquidity pools, giving the false impression of significant worth and luring you into further engagement. Suspicious airdrops are common, with tokens often featuring tempting names or links to unfamiliar websites designed to entice into interacting with potential scams.

Scam tokens also tend to exhibit low liquidity and high volatility, making them difficult to trade and prone to dramatic price swings that can trap unsuspecting investors. Additionally, their smart contracts may contain red flags such as hidden fees, unrestricted minting capabilities, or ownership controls that allow scammers to manipulate or lock funds.

Red Flags

Here is a clear, actionable list of red flags that can help you spot scam tokens:

  • Unrealistic Price Movements: Sudden, sharp price spikes or pumps that don’t align with any credible news or broader market trends.

  • Low or No Liquidity: Tokens with very little liquidity, or liquidity provided only by the contract creator, making it hard or impossible to sell your tokens.

  • Anonymous or Unverifiable Team: No information about the developers, no LinkedIn profiles, or a team that is impossible to verify.

  • Aggressive or Spammy Marketing: Excessive hype, shilling by influencers, or heavy promotion in Telegram/WhatsApp/WeChat groups, often without substance.

  • No Clear Purpose or Use Case: The project lacks a whitepaper, roadmap, or real explanation for why the token exists.

  • High or Hidden Transaction Taxes: Tokens with excessive sell taxes (sometimes set to 100%), or other hidden fees that prevent you from selling or drain your funds.

  • Honeypot Behavior: You can buy the token but cannot sell it or only the developer is able to sell.

  • Freeze Authority Not Removed (Solana): The token creator retains the ability to freeze transfers, meaning they can lock up your tokens at any time.

  • Not Listed on Major Trackers: The token is missing from reputable sites like CoinGecko or CoinMarketCap or only appears on obscure DEXs.

  • Unofficial Sales Channels: Offers to buy tokens through private messages or unofficial groups, often with promises of pre-sale discounts.

  • Limited or No Community Presence: The project’s online communities are filled with bots, spam, or lack genuine engagement.

  • Suspicious Token Metrics: Abnormal ratios between holders, price, market cap, and trading volume, or metrics that don’t make sense for a “popular” token.

  • No or Unlocked Liquidity Pool: The liquidity pool isn’t locked, or the creator has already removed liquidity, signaling a potential rug pull.

  • Phishing Links or Fake Launchpads: Fake websites or launchpads that mimic legitimate ones to trick you into connecting your wallet or entering your seed phrase

  • Mint Risk: The token creator retains the ability to mint new tokens, flooding the market making the token worthless.

  • Bundled launch: When a team sets up multiple wallets and uses them to buy their own newly launched token simultaneously at launch, creating the appearance of organic demand and controlling a larger share of the token supply, often to manipulate price or market perception.

Risks Associated with Scam Tokens

Interacting with scam tokens poses significant security risks as it can trigger unauthorized transactions or even lead to full wallet compromise, exposing your assets and sensitive data to scammers. Additionally, the presence of these tokens in your wallet can artificially inflate your portfolio’s value, resulting in financial distortion that undermines the accuracy of portfolio tracking. Additionally, scam tokens often have artificially manipulated prices and may be impossible to sell, trapping your funds. Always verify the legitimacy of tokens before trading to protect your assets.

How to Handle Scam Tokens

Always verify the contract address of unfamiliar tokens using trusted sources like CoinMarketCap or CoinGecko to ensure they are not associated with known scams.

Never interact with suspicious tokens. Avoid trading, transferring, or connecting your wallet to any sites linked to these assets, as this can expose you to significant security risks.

To protect yourself:

  • Verify Contract Address: Always check token contract addresses on trusted platforms like CoinMarketCap, CoinGecko, or the official project website to ensure legitimacy.

  • Never Interact with Suspicious Tokens: Avoid trading, transferring, or clicking on links associated with unfamiliar or unsolicited tokens as these actions can compromise your wallet.

  • Isolate Scam Tokens: Separate suspicious tokens from your main holdings by hiding or marking them in your wallet.

  • Stay Informed: Regularly update yourself on new scam tactics.

Tools and Methods for Scam Token Detection

  • Blockchain Explorer: Analyzes transaction histories, wallet movements, and token behaviors to identify suspicious activity.

It should be noted that even so-called honeypot checkers are unable to identify all scams and thus just because they give a token a clean bill of health doesn’t guarantee that it’s legitimate.

Staying Safe

Always begin by verifying token contract addresses on trusted platforms like CoinMarketCap or CoinGecko before interacting with any new or unfamiliar tokens. Avoid trading, transferring, or connecting your wallet to unsolicited or suspicious tokens, as doing so can expose you to significant security risks.

Utilize wallet security features such as two-factor authentication and leverage third-party tools designed to detect scam tokens and monitor transactions. Staying informed with online crypto communities allows you to learn about emerging scams and best security practices. Before investing, thoroughly research the project’s transparency, team credibility, and community feedback to avoid falling victim to fraudulent schemes.

If you happen to receive scam tokens, there is an option to burn them by sending them to a burn address but this does cost a gas fee.

Conclusion

It’s crucial to remain vigilant and proactively manage scam tokens to protect yourself from evolving threats.

By leveraging the built-in tools such as automated detection, custom filters, and contract verification you can more easily identify and handle scam tokens before they cause harm. Staying informed about the latest scam tactics and regularly updating security practices further strengthens protection.

PreviousUnderstanding Pump.fun

Last updated 3 days ago

: Scans smart contracts for exploits, performs audits, and lists known scams or honeypots.

: Reviews contract code, liquidity, and developer history to warn about potential rug pulls.

: Analyzes smart contracts for vulnerabilities and provides risk scores to assess potential threats.

: Detects honeypot traps by simulating buy and sell transactions and analyzing smart contract behavior

Token Sniffer
RugDoc
De.Fi Scanner
Honeypot.is