Rugpulls Horror Stories – Biggest Crypto Scams and How to Avoid One!

Graphics below shows some of the biggest DeFi scams in the last 10 years

How to avoid – Checking the smart contract

Source Code Review:

Obtain the smart contract's source code. You can usually find it on blockchain explorers like Etherscan for Ethereum-based tokens.

Analyze the code for readability, quality, and security practices. Look for well-documented and well-structured code.

Pay attention to the presence of known vulnerabilities, such as reentrancy, overflow, or underflow bugs.

Verify the Contract Address:

Ensure the contract address provided matches the one on the official website or announcement channel. Scammers often create fake websites and provide fake addresses.

Ownership and Renunciation:

Check if the smart contract owner has renounced ownership. Reputable projects often renounce ownership to make the contract immutable.

Be cautious if the owner has the ability to mint or burn tokens at will. This can be used maliciously.

Token Supply and Distribution:

Examine the token supply and distribution. Be wary if a significant portion of tokens is allocated to a single address or the project team.

Check if there is a vesting schedule for team tokens, ensuring that they cannot sell large quantities immediately.


Look at the functions provided by the smart contract. Be cautious if there are functions that allow arbitrary transfers of tokens, especially without proper access control mechanisms.

How to avoid – Free tools, resources and project tracking directories

TokenSniffer (

RugDoc (

Wallet Highlighter (

TokenView (

DeFi Watch (

Honeypot (

Rug Check (

Rekt (

Crypto Scam List (

DeFiSafety (

How to avoid – Use common sense

Community and Social Proof:

Research the project's online presence, community engagement, and social proof. Scam tokens often lack a genuine following.

Ask Questions:

Don't hesitate to ask questions in the project's community channels. Scammers often avoid direct questions or provide vague answers.

Audit Reports:

Some legitimate projects undergo security audits by reputable firms. Look for audit reports and assess their findings.