As in any other booming industry, the decentralized finance (DeFi) and crypto space has attracted its fair share of scammers and bad actors, seeking to lure investors into fake projects known as rug pulls — only to run away with their money.

But this doesn’t mean that rug pulls and hoaxes can’t be avoided with a measured investment philosophy and due diligence. Crypto veterans often encourage people to DYOR — do your own research — but what exactly does that mean, and what should one do to avoid getting scammed? What are the tell-tale signs of rug pulls and how can you weed out the bad actors?

We’ll cover some of the biggest red flags in crypto projects and how to avoid them, so you can survive the next version of the Squid Game rug pull with your capital and dignity intact. This Forkast.News explainer will explore:

What is a rug pull and how does it happen?

A developer creates a cryptocurrency or DeFi project and attracts investors to it. Once investors have allocated enough capital to the project, a crooked developer may cash out and abandon the project. This is known as a rug pull.

These are generally low-effort projects, orchestrated by people with malicious intent and whipped together in a matter of days, Sometimes they are slightly modified replicas of other cryptocurrencies.

Let’s first take a look at the three main types of rug pulls and how they happen.

  1. Stealing liquidity

To make a cryptocurrency tradeable, developers need to create a liquidity pool that holds an amount of the currency to make it possible for investors to buy and sell. In most known rug pulls, the developer created a liquidity pool with his newly minted scam token and a legitimate cryptocurrency, say, Ether.

As people are taken in by the scam crypto’s value proposition, they start buying it in exchange for their ETH, which remains locked up in the liquidity pool for a defined period of time. As more investors buy the fake token and it starts increasing in value, more and more ETH is poured into the liquidity pool.

At the time of his choosing, the malicious developer will pull the ETH from the liquidity pool, leaving just the worthless token instead. Investors are unable to trade back their now-worthless tokens, while the developer takes his money in legit ETH and makes a run for it.

  1. Disabling the ability to sell tokens

The end result of this scam is the same as liquidity stealing, above, but the process is different. In this scam, the developer adds a bit of code that will make investors unable to sell their coins back to the exchange. 

Breaking this down: Investors are able to buy the scam coin, but because of the fraudulent piece of code, only the developer is able to sell his coins. As the price rises to the point where people start trying to cash in to sell their coins, they will realize that they can’t sell the asset. At some point, the scammer will deem the price high enough, and he will sell all his scam tokens, running away with the value of the investments that had been poured into it.

  1. Developers cashing out 

This doesn’t sound like a scam in a free market, but it qualifies as one if the project is created for this sole purpose. Much like in the previous two scams, the malicious developer creates a project with an overblown value proposition. The promise usually involves a token feature or platform that is in development and will be released soon.

But in reality, the developer just mints a worthless token, giving himself a large part of these tokens from the beginning, or buying them in the market at a low cost. As the promise of the revolutionary product makes investors buy the worthless token and the price surges, the developer will cash out his shares. He can do this all at once or over time so the rug pull isn’t as obvious. Either way, this leaves investors holding the worthless token, and their investment capital erased.

Common signs of a rug pull

The project appeared overnight

Rug pulls usually pop up out of nowhere, whereas legit cryptocurrencies or DeFi projects take a long time to develop. These fake projects usually are often accompanied by a lot of hype, capitalizing on recent cultural memes that are already popular. If a project claiming to revolutionize the world of crypto appeared overnight and seems too good to be true — that’s probably the case.

Anonymous developers

While Bitcoin, the first and largest cryptocurrency, was developed by a pseudonymous developer known as Satoshi Nakamoto, anonymous developers of a crypto or DeFi project should be a big red flag that something might be amiss. Today’s most successful cryptos like Ethereum and Solana have a team of well-known leaders who are propelling their growth. If the developers of a cryptocurrency or DeFi project choose not to associate their name with it and remain in the shadows, they may have good legal reasons for this, and you should most likely steer clear of that token.

Low liquidity

When it comes to DeFi projects, you can’t always verify the liquidity, but with a cryptocurrency you can always do so. Low liquidity means that it is difficult to convert the token to cash, which may be because the developer had a limited amount of funds to create the token. The lower the liquidity, the easier it is for the developer to manipulate the token’s price.

The best way to check the liquidity of a cryptocurrency is by looking at its 24-hour trading volume. Scam tokens have emerged with as low as US$10,000 trading volume, compared to a legitimate decentralized platform like PancakeSwap that has a US$301 million trading volume, at the time of writing. A general rule of thumb employed by seasoned crypto investors is that the trading volume should be at least 10% to 40% of the coin’s total market capitalization.

Unlocked liquidity

To build trust and bolster public perceptions of their legitimacy, developers of notable cryptocurrency projects will often renounce their control of the liquidity pool by locking it within their blockchain or with a trusted third party. This is called locked liquidity, and it prevents developers from transacting any of the tokens in the pool and therefore makes it impossible to steal the tokens or dramatically reduce liquidity. The longer the pool is locked away, the smaller the chances of a rug pull.

On the other hand, if the liquidity is not locked, then nothing is stopping the developers from withdrawing it and making a run for it. Confirming whether the liquidity is locked is a somewhat complex process, however.

Low ‘total value locked’ (TVL)

TVL is another reliable metric to check the legitimacy of a cryptocurrency or DeFi project. This refers to the total amount invested in a particular project. PancakeSwap, for instance, has US$ 14 billion TVL, while scam projects could have a few thousand dollars in TVL. The newer the project and lower the TVL, the bigger the risk of a potential rug pull.

Disproportionate token distribution

Checking the token distribution of a project on sites like Etherscan will show you who holds the largest amount of tokens and how they are distributed. If a single wallet or two holds a large amount of the token supply — 5% or more — selling all at once is easy, making the risks of price manipulation or a rug pull higher. So the more distributed the token supply, the safer it is to invest in the cryptocurrency.

Low effort website and lacking social media presence

Scam tokens often have a basic, low-effort website that was copied or whipped together in a few days. Some of these fake projects have websites that say “work in progress” or “launching soon.” These projects will also have no social media accounts or accounts with a low following. If a crypto or DeFi project’s social media accounts lack genuine community engagement, that should also be a major red flag for investors.

This also applies to a project’s white paper. Scam projects will sometimes have a white paper that is either copy-pasted or very short. The Ethereum whitepaper has 36 pages, while Solana’s whitepaper is 32 pages. If a cryptocurrency that appeared overnight has a much shorter white paper, that is a sign that the project may not be legit.

No audits

The most notable cryptocurrency projects will have independent security audits or financial transparency reports that vouch for their authenticity. For instance, Cardano has undergone multiple audits and an independent source code audit to fortify its security. A project without a third-party audit isn’t necessarily fraudulent, but it means that you should research the project thoroughly before investing in it.

How to avoid rug pulls

Now that you know the most important signs of a rug pull, let’s break down some of the best practices you can apply to your crypto research, to avoid such scams.

There are online tools that can help detect a rug pull, and Token Sniffer is one of them. For starters, Token Sniffer lists all the latest hacks and scam coins, so if you find a project on its list, then you know it’s a rug pull. Second, the site offers an automated audit for tokens, analyzing their smart contracts, liquidity and how similar they are to other projects, offering users a risk score for each token.

Rug Doctor is another useful tool for spotting exit scams. The site analyzes the code of crypto projects, trying to identify the most common rug-pull strategies. Once Rug Doctor finds a high-risk token or DeFi project, it lists it on its website, adding a risk score and breaking down the red flags found in the project.

Finally, for a high level of scam detection you will need a blockchain explorer like Etherscan or Binance Smart Chain explorer. By searching for the token address of a cryptocurrency, a Token Tracker Page will appear, usually under the More Info section. The tracker will display the total supply, number of total holders and transfers, and you should be able to click on Holders to also display the wallets holding the largest amounts of the token. 

For new cryptocurrencies, if the top 10 wallets hold more than 20% of the token, or worse, a large percentage of the token is held in a single wallet, then this is a dangerous sign of a potential rug pull. If one or more of these top wallets sell all their tokens in an exit scam, the price of the crypto will crash.

Notorious rug pulls in crypto history

Note that the names of these scams may be similar to legitimate cryptocurrencies.


OneCoin was essentially a gigantic Ponzi scheme that is now known as the biggest crypto scam to date — stealing an estimated US$25 billion from investors. While authorities cracked down on OneCoin and arrested its leaders in 2017, some of its founders disappeared and the scam is still going on. And the worst part is that this Ponzi scheme never even had a cryptocurrency from the get-go.


In another multi-level, marketing-driven Ponzi scheme, BitConnect stole an estimated US$2 billion. The hoax project claimed to have an unparalleled trading algorithm to lure investors in. Moreover, as the project crashed in January 2018, its founders launched BitConnectX — a second ICO rug pull.

BitClub Network

BitClub Network went down as the biggest crypto-mining Ponzi scheme to date, using fraudulent advocates and pushy marketing tactics to attract capital. The value proposition was that investors would gain guaranteed returns from their Bitcoin mining efforts, but the footage of their mining rigs was proven to be stolen from a different company. The founders of the scam pulled an estimated US$722 million from investors in December 2019.

Squid Game Token

The Squid Game token was a recent high-profile rug pull, capitalizing on the hype around the hit Netflix series “Squid Game.” The SQUID token’s price surged over 230,000% in less than two weeks, and the investors’ ability to sell the token was disabled. On Nov. 1, 2021, the developers pulled an estimated US$3.4 million from investors, as the token crashed from US$2,861 to US$0.01 in just five minutes.

Bottom line

As the blockchain industry is growing bigger, rug pulls are becoming more common in crypto and DeFi, while scams have also started plaguing the NFT space. But with careful research and looking for obvious signs, investors can avoid them.