How to Spot a Crypto Scam: 3 Signals That Should Stop You Cold

By ChainClarity Editorial Team · May 17, 20266 min read

Crypto losses to scams exceeded $9 billion in 2023 alone. Most victims weren't careless — they were enthusiastic, research-minded people who got targeted by projects sophisticated enough to look legitimate. The difference between a project worth your time and one designed to take your money usually comes down to three signals. Learn to read them and you can filter out the majority of bad actors before you invest a dollar.

Signal 1: The Whitepaper Is Missing, Vague, or Plagiarized {#signal-1-the-whitepaper-is-missing-vague-or-plagiarized}

A whitepaper is a technical document that explains what a project does, how it works, and why that design was chosen. It's not a marketing brochure — it's the engineering specification. Legitimate projects publish them because they need to attract developers, validators, and informed investors who will stress-test the architecture.

When a whitepaper is missing, it tells you that the project either hasn't done the work to define what it's building, or doesn't want that work scrutinized. Both are disqualifying.

When a whitepaper exists but is vague — full of phrases like "AI-powered blockchain synergies" without a single diagram, formula, or specific mechanism — that's a red flag of a different kind. The language is designed to impress retail investors while remaining immune to technical critique. No real engineer needs to write that way.

The most brazen version is plagiarism. Projects have been caught copying large portions of the Bitcoin and Ethereum whitepapers, swapping in their own token names. Tools like Copyleaks or a simple Google search of unusual phrases from the document will surface these quickly.

What to do: Read the whitepaper. If you can't find it, stop. If you find it but can't follow even the high-level concept after 20 minutes of good-faith reading, ask why. If you find it and the technical claims don't hold up (promising consensus speeds that violate physics, claiming 100% decentralization with no validator requirements), treat that as a deliberate lie, not a mistake.

We cover how to read a crypto whitepaper in depth if you want a structured walkthrough of what to look for.

Signal 2: The Token Has No Real Utility {#signal-2-the-token-has-no-real-utility}

Tokens are economic instruments. In legitimate projects, they serve a function: paying transaction fees (ETH), staking to secure the network (SOL), governing protocol parameters, or accessing a service. The token's value is tied to demand for what the token actually does.

Scam tokens have a different economic structure. They're designed to generate buy pressure while insiders hold large, pre-mined allocations. When the price is artificially inflated — through paid influencer promotion, fake volume on obscure exchanges, or coordinated social media — insiders sell. This is the rug pull. The exit liquidity is retail.

The signals to watch for:

Circular token flows. The token is used exclusively to buy more tokens, fund liquidity pools, or earn "staking rewards" paid in the same token. Ask: where does the yield come from? In a legitimate DeFi protocol, yield comes from transaction fees, liquidation penalties, or real borrowing demand. In a Ponzi, it comes from new investors buying in.

Highly concentrated pre-mine. If 50%+ of the supply went to the team, advisors, or a "foundation" with a short unlock period, that's supply that will be sold into your demand. Legitimate projects publish vesting schedules and on-chain data confirms them. Check the tokenomics section of the whitepaper — if it's missing, see Signal 1.

No on-chain activity. A real network has users. Block explorers show real transaction volume, contract interactions, and diverse wallet activity. A ghost chain has low transaction counts, circular flows between a small set of wallets, and almost no smart contract usage. Etherscan and Solscan are your friends here.

Unlisted or very new exchanges. Projects launch on obscure DEXs first and make it hard to verify liquidity depth. Thin liquidity means insiders can move price dramatically with relatively small sells. Large, established DEXs and centralized exchanges have listing requirements that filter out the worst actors.

Signal 3: The Team Is Anonymous or Has a History of Rug Pulls {#signal-3-the-team-is-anonymous-or-has-a-history-of-rug-pulls}

Anonymity in crypto isn't automatically suspicious — pseudonymous contributors have built some of the ecosystem's most important infrastructure. But there's a meaningful difference between a developer who has contributed years of verifiable open-source code under a pseudonym and a "founder" with a LinkedIn profile created three months ago and no prior public work.

The question isn't whether the team uses real names. It's whether the team has a verifiable track record of delivering what they said they would.

What to check:

GitHub activity: are there real commits, open issues, merged pull requests? Or is the repo three files and a README?
LinkedIn and Twitter: how long have these accounts existed? Do they have a history of posts, or just recent promotional activity?
Previous projects: search "[name] rug pull" and "[name] scam." Communities document these patterns. If a founder's previous three projects all ended with liquidity being drained and social media accounts deleted, that is the most predictive signal available.
Doxxed or KYC'd team: large, legitimate projects often have founders who've done media appearances, conference talks, or submitted to exchange KYC processes. This isn't required, but its absence combined with the other signals above elevates the risk.

Ethereum was built by Vitalik Buterin, who had a years-long public track record in the Bitcoin community before proposing Ethereum. Solana was built by Anatoly Yakovenko, who had a decade of systems engineering experience at Qualcomm. The pattern holds across legitimate projects: the people behind them have something to lose by failing.

Editor's Checklist: Five-Minute Due Diligence {#editors-checklist-five-minute-due-diligence}

Before buying any token, run through this checklist:

Whitepaper exists and makes technical sense. You can describe the core mechanism in one paragraph.
Token utility is concrete. You can explain what the token actually does in the protocol, not just that it "powers" it.
Tokenomics are transparent. Supply schedule, team allocation, and vesting are published and checkable on-chain.
Team has a verifiable track record. You've found their prior work, not just their bios.
No rug pull history. You've searched "[founder name] scam" and "[project name] rug pull" and found nothing credible.
On-chain activity is real. Block explorer shows organic transaction volume from diverse wallets.
The yield source makes sense. If there are staking rewards, you can explain where the money comes from.

Five minutes of this will filter out the majority of obvious scams. An hour will catch sophisticated ones.

For deeper analysis, ChainClarity's project pages break down the whitepapers, tokenomics, and team background for hundreds of projects — so you can see what real due diligence looks like applied to legitimate protocols, and use that as a calibration point.

Walk Away: When the Right Move Is to Do Nothing {#walk-away-when-the-right-move-is-to-do-nothing}

The most consistent characteristic of crypto scams is manufactured urgency. "Presale ends in 48 hours." "Only 5% of the whitelist remains." "The next 1000x is about to launch." This is a sales tactic, not an investment signal.

Legitimate investment opportunities don't expire in 48 hours. If a project is genuinely building something valuable, it will still be buildable in a week when you've had time to read the whitepaper, check the team, and verify the tokenomics.

Walk away from any project that:

Pressures you to buy before you've had time to research
Promises specific returns ("guaranteed 10x in 30 days")
Relies primarily on influencer promotion rather than technical documentation
Cannot clearly answer "where does the yield come from?"
Blocks, removes, or abusively responds to critical questions in its community channels

The DeFi category has produced some of the most important financial infrastructure of the last decade. It's also where a large share of scams have originated. The same technology that enables open, permissionless finance also enables permissionless fraud. The distinction is in the details — which is exactly what checklists are for.

Browse whitepapers and due diligence breakdowns for 500+ crypto projects on ChainClarity. If you want to understand the technical foundations before investing, start with how to read a whitepaper and what tokenomics actually means.