Recognizing Token Scams and Rug Pulls (Smart Contract)

There are some techniques to keep in mind that can make you understand that a token is scam. Obviously even if there is none of this feature is not said that the smart contract is legit but certainly is more difficult to attack. Let's see some alarm bells.

OBFUSCATED CONTRACT

"0x" is the initial of all Ethereum tokens and those compatible with it (e.g. Binance Smart Chain). Contracts whose address reads a long series of letters without any number (which comes only to the seventh letter) prevent you from reading the contract and its owner. It is therefore impossible to see the tokens owned by the dev team. Of course, contract obfuscation is a feature that developers can legitimately use, so SCAM is not always behind a contract with obfuscated code.

MODIFIED CONTRACT

There are also other variants with modified contracts that will make it impossible to read the content.

OWNERSHIP NOT RENOUNCED

This is about decentralization and giving up ownership of the same. By burning most of your tokens and giving up most of the influence over them, the token becomes the property of the market itself and the owners will put themselves on the same footing as other investors. The lack of renunciation can turn on a warning light because it makes it easier to operate a RUGG PULL

TOP HOLDERS

In addition to the amount owned by the dev team, it is also important to check the top holders (which can be verified on Etherscan or Bscscan by writing name or contract of the token) by going to holders.
Clearly large quantities above 5% are a big red flag. To have 10% supply of a token with 30 million dollars of market cap (that is a very low market cap) means that someone owns 3 million dollars of that token! So the dump risk is obvious.

LIQUIDITY NOT BLOCKED

If liquidity (LP) is not blocked there is a high risk of Rug Pulls (removal of all liquidity from a dex). Liquidity could be hidden and divided in more wallets.
But without getting too deep into complicated analysis, there are online tools like https://tokensniffer.com and https://rugdoc.io.
Both tools are very valid and provide a check of all the warnings of a possible SCAM going also to attribute a score.

BURN

As we know many tokens work through burn: they burn part of the supply. Often it can happen that the promised quantities are not actually burned (or blocked). Burns happen at these addresses: 0x0000000000000000000000000000000000000000000000000000000000000000dead

HONEYPOT

It is the impossibility to sell a token. It's possible to buy it but not to sell it! Only the dev team can sell it as and when they want so, before buying a token, it's always useful to check if there are many transactions also outgoing.
These are "lures" (traps). For curiosity I report some episodes that have happened in which to be scammed were the scammers themselves. It is enough to create a wallet with a token that can not be withdrawn if not paying the fees. Think of any Bep20 or especially Erc20 (which need Bnb and Eth as gas to move the tokens). Basically this wallet contains a token, without gas to move it. Then just post your private key (or seed) giving it to a scammer who will obviously enter the wallet, finding maybe thousands of dollars (think Minereum that is airdropped free from time to time on Ethereum). At that point what will you do? It will send Ethereum to that address.
At this point the trap is triggered: a smart contract automatically diverts to another wallet all Ethereum transactions coming to that bait wallet.
In this way dishonest people are, in turn, cheated, the Ethereum destined to pay the transaction will never arrive.
The "honey pot" (Honeypot) used to attract the bees is used (remember that Minereum is a worthless token that can not be exchanged nor sold, even if you read a balance of thousands of dollars) to cheat criminals.

FOLLOW WEBSITES AND SOCIAL NETWORKS

A scam token normally has a low-traffic and sometimes poorly maintained website with newly created social network profiles. Successful projects heavily curate social media channels and community engagement.
In addition, cryptalk is an encrypted messenger that protects investors from scams through access to a variety of documentation, including KYC, charts, audits and more.

This is the second post in a series dedicated to how to defend yourself from scammers in the cryptocurrency world, if you haven't already read it check out my previous post.

Thanks for reading.

PREVIOUS POST

1. What Are Rug Pulls? Crypto, DeFi and Exit Scam

Posted Using LeoFinance ^Beta