10 Red Flags That a Presale Token Might Be a Scam
23-Sep-2025
Common Scam Tactics in Presale Marketing
Hype is the camouflage. Scammers combine fake endorsements, deepfakes, doctored audits, and confusing tokenomics to rush you into funding.
The 10 Red Flags That a Presale Token Might Be a Scam
- Unverified or upgradeable contracts with hidden admin powers
Look: Token contract not verified; proxy pattern with undisclosed admin; owner can mint, pause, blacklist, or change fees.
Why it’s dangerous: Insiders can print supply, freeze wallets, or swap logic after you buy.
How to verify: On Etherscan/Basescan/Solscan → open token → Contract tab → check Contract Source Code Verified. If it’s a proxy, click More Info → Read as Proxy to see implementation and admin. In source, search for owner, mint, setTax, pause, excludeFromFee.
On‑chain tells: Proxy admin owned by an EOA (single wallet), not a timelocked multisig; upgrade events shortly after TGE.
Mitigate: Only fund projects with verified contracts, publicly documented upgrade paths, and timelocked multisig control.
- Liquidity theater (LP not truly locked or controlled by team)
Look: “Liquidity locked” banner, but LP tokens sit in a team wallet or a revocable locker; LP ownership concentrated.
Why it’s dangerous: Team can pull liquidity (classic rug), collapsing price/exit routes.
How to verify: Find the AMM pair address (from project or DEX router). Open the LP token (UniswapV2/CL LP or equivalent) → Holders. Check whether LP tokens are burned (sent to 0xdead) or locked with a reputable locker (e.g., Unicrypt/Team.Finance) with a non‑revocable lock and clear unlock date.
On‑chain tells: Large LP token holder is deployer/team; frequent RemoveLiquidity txs; locks to contracts owned by team.
Mitigate: Require LP burn or third‑party time‑lock; avoid pools where insiders hold >10–20% of LP.
- Tokenomics designed to dump on buyers
Look: 40–70% insider/treasury, short cliffs (<3–6 months), heavy unlocks in months 1–6; emissions dwarf plausible demand.
Why it’s dangerous: Continuous sell pressure overwhelms organic demand and liquidity.
How to verify: Read the vesting contracts on‑chain (beneficiaries, cliff, duration, releasable). Cross‑check with third‑party unlock calendars. Compute daily unlock value vs daily volume.
On‑chain tells: Multiple insider wallets receiving linear unlocks; frequent transfers to exchanges/routers around vest dates.
Mitigate: Favor 36–48‑month vests, ≥6–12‑month cliffs, and emissions tied to usage. Size smaller if unlock/volume ratio > 0.5.
- Borrowed credibility (fake audits, partnerships, or endorsements)
Look: “Audited” by unknown firms; partner logos without links; celebrity/KOL shills.
Why it’s dangerous: False assurances mask unaudited or exploitable code.
How to verify: Click through to the full PDF on the auditor’s own domain; read findings + remediation. Email/tag the partner to confirm. Search for public disavowals.
On‑chain tells: None directly—treat as disclosure risk.
Mitigate: Prefer audits by reputable firms, plus a bug bounty. No PDF on auditor site = treat as unaudited.
- Wallet‑drainer style mint/claim pages
Look: Off‑domain wallet popups; broad permit/Permit2 approvals; setApprovalForAll for unknown NFTs; opaque typed‑data signatures.
Why it’s dangerous: Grants unlimited spend or signs malicious messages that drain assets later.
How to verify: Use a tx simulator / allowance viewer before signing; read the exact spender and amount. Verify domain TLS and that links originate from the official site/GitHub.
On‑chain tells: Immediately after “mint”, approvals to unfamiliar addresses; Permit2 approvals with unlimited allowance.
Mitigate: Approve exact amounts; interact via hardware wallet; avoid search‑ad links; revoke stale approvals monthly.
- No working code or testnet (deck‑only projects)
Look: Slick pitch, no repos, no changelogs, no testnet endpoints.
Why it’s dangerous: Zero evidence they can ship; presale funds become runway for experiments that may never ship.
How to verify: Check GitHub orgs; look for meaningful PRs/issues, releases, audits tied to commit hashes; public testnet with explorers.
On‑chain tells: N/A pre‑TGE; post‑TGE, empty repos and no contract updates.
Mitigate: Require MVP/testnet before funding; prefer builders who ship weekly updates.
- Anonymous unilateral control of treasury/upgrades
Look: Pseudonymous team holds upgrade keys and treasury; multisig signers are all team; no timelocks.
Why it’s dangerous: Single point of failure + no accountability.
How to verify: Open the proxy admin and treasury multisig (e.g., Safe) → check threshold (e.g., 2/3, 3/5) and signers (EOAs vs exchanges/custodians); confirm timelock contracts govern upgrades.
On‑chain tells: EOA owns admin; Safe signers share funding sources; no scheduled delay before upgrades.
Mitigate: Look for independent signers, published key policies, and timelocks (≥24–48h).
- Exchange‑listing pressure & fake volume/liquidity
Look: “Major listing tomorrow” to rush buyers; wash‑traded volume; bots dominate order books.
Why it’s dangerous: Manufactured FOMO precedes insider exits into thin liquidity.
How to verify: Ignore banners; check order‑book depth at ±1–2% on Pro interfaces; compare DEX vs CEX volumes; watch slippage for $1k/$10k/$100k.
On‑chain tells: Sudden spikes with little LP growth; transfers from insider wallets to exchanges ahead of “news”.
Mitigate: Trade after listings stabilize; size by real depth, not headlines.
- Aggressive or mutable tax/fee logic
Look: 10–99% sell taxes; owner can change tax rates or fee wallets freely.
Why it’s dangerous: Team can trap exits or siphon value.
How to verify: In verified source, search tax, fee, setTax, setFee, maxTx, maxWallet. Confirm caps, events, and immutability post‑renounce.
On‑chain tells: Owner calls to setTax/setFee around volatility spikes; large flows to team fee wallets.
Mitigate: Avoid tokens where fees are owner‑mutable without caps/timelocks.
- Marketing over substance (no docs, no audits, no shipping)
Look: Heavy KOL spend, spaces, memes; light documentation; missing audits; roadmap slides with no owners/dates.
Why it’s dangerous: Attention can be rented; utility cannot.
How to verify: Require docs, whitepaper, audit links, weekly changelogs; confirm integrations on partner sites.
On‑chain tells: Low real users/transactions despite social buzz; thin LP; bot‑heavy flows.
Mitigate: Pass or size trivially until shipping outpaces shilling.
Two‑minute triage: Contracts verified? Proxy admin documented? LP burned/time‑locked? Insider vests ≥36–48 months? Multisig + timelocks? If any answer is No, don’t fund.
How To Verify the Team and Roadmap
Identity & track record. Cross‑check LinkedIn/Twitter/GitHub. Look for past shipped products, open‑source contributions, references you can verify. Pseudonymous founders aren’t an immediate fail—but they can’t hold unilateral upgrade/treasury control.
Governance & keys. Require a multisig with independent signers (not all core team), plus timelocks on upgrades and large treasury moves. Publish emergency powers and their limits.
Roadmap realness. Replace buzzwords with deliverables: testnet dates, contracts to be audited, integrations to ship, with owners and deadlines. After TGE: weekly changelogs > monthly hype threads.
Economic design. The token must do verifiable work (fees, collateral, governance with cost). Model supply schedule, utility, and who captures value. If value comes only from “number go up,” stop there.
Social Media Hype vs. Real Utility
Separate signal from sizzle. Followers and Spaces don’t settle transactions. Real traction shows up in on‑chain activity, revenue/fees, integrations, and user retention. Audit the routing (which DEX/router?) and check pool depth for realistic trade sizes. For a broader threat model—including deepfakes used to pump schemes—study how fake news & deepfakes power P&D scams and the 2025 threat roundup in how to spot and protect against crypto scams.
Quick‑Glance Red‑Flag Table
| # |
Red Flag |
How to verify fast |
Risk level |
Action |
| 1 |
Unverified/upgradeable contracts with hidden admin |
Explorer → Contract/Proxy tabs; search owner, mint, pause |
Critical |
Do not fund |
| 2 |
LP not burned / revocable lock |
Check LP holders & locker contract |
Critical |
Pass |
| 3 |
Insider‑heavy, fast unlocks |
Read vesting contracts; unlock calendars |
High |
Size tiny or avoid |
| 4 |
Fake audits/partners |
Verify PDFs on auditor site; partner confirmations |
High |
Avoid |
| 5 |
Drainer‑style approvals |
Read permit scope; simulate tx |
High |
Close site |
| 6 |
No code/testnet |
GitHub/testnet endpoints |
High |
Pass |
| 7 |
Anonymous unilateral control |
Verify multisig signers; timelocks |
High |
Avoid |
| 8 |
Listing pressure, fake volume |
Compare depth & spreads |
Medium |
Ignore hype |
| 9 |
Changeable tax logic |
Read fee functions; owner caps |
Medium |
Avoid |
| 10 |
Marketing over substance |
Docs/audits/changelogs absent |
Medium |
Pass |
Examples of Past Scams and What To Learn
Liquidity‑rug: Team seeded a pool, pumped with KOLs, then withdrew LP, collapsing price. Tell: LP tokens owned by deployer; “renounced” with proxy admin still active. Defense: Verify LP lock/burn; avoid team‑controlled LP.
Mint‑rug: Hidden mint() or upgrade path let insiders print tokens and dump. Defense: Confirm verified implementation contract; search source for mint/owner functions; require timelocks.
Tax‑flip: Sell tax switched from 0–5% to 99% post‑TGE so only insiders could exit. Defense: Reject owner‑mutable tax logic without caps.
Deepfake‑driven P&D: Fabricated partner videos and “news” spiked price before insiders unloaded. Defense: Call partners, verify press releases on official domains, treat viral clips as untrusted until proved. See the loss landscape in $4.6B lost to crypto scams….
—
Keep this checklist handy:
- Contracts verified; proxy admin & owner powers documented
- LP burned or third‑party time‑locked
- Insider vests ≥ 36–48 months; unlock chart public
- Multisig with independent signers; upgrades on timelocks
- MVP/testnet live; weekly changelogs
- Auditor PDF on auditor’s site; fixes verified
- Depth/spreads OK; test buy + test sell
- No broad/infinite approvals; exact‑amount approvals only
Further reading to level up your scam radar: the 2025 threat overview how to spot and protect yourself and the role of misinformation in deepfake‑powered pump‑and‑dumps.
The post 10 Red Flags That a Presale Token Might Be a Scam appeared first on Crypto Adventure.
Also read:
Dogecoin giảm 17,68%, dòng tiền lớn đổ vào meme coin mới nổi
