The Most Common Solana Token Scams in 2025 (With On-Chain Patterns)
The Solana ecosystem has exploded in 2024-2025, attracting millions of traders seeking the next breakthrough opportunity. But beneath the surface of this innovation lies a stark reality: 98.7% of tokens launched on Pump.fun—Solana's most popular token launchpad—are either scams or failures. With over 7 million tokens created and counting, the odds are overwhelmingly stacked against retail traders.
The numbers are sobering. According to the FBI's Internet Crime Complaint Center, $10.7 billion was lost to investment fraud in 2024, with cryptocurrency-related losses accounting for $3.3 billion of that total. On Solana specifically, high-profile rug pulls like Luna Yield ($6.7 million stolen) and AVA AI (96% crash after insider dumps) have left thousands of investors devastated. The scam ecosystem has evolved far beyond simple "pump and dumps"—today's bad actors employ sophisticated on-chain manipulation, social engineering, and contract-level tricks that can fool even experienced traders.
But here's the empowering truth: most scams follow predictable patterns that can be detected with the right knowledge and tools. By understanding on-chain red flags, recognizing common scam types, and using automated security analysis, you can dramatically reduce your risk. This isn't about avoiding Solana or living in fear—it's about trading smarter with your eyes wide open.
In this comprehensive guide, we'll break down the most prevalent scam types, reveal the on-chain signatures that expose them, and give you a practical checklist to protect your capital. Whether you're a seasoned DeFi trader or just entering the Solana ecosystem, this knowledge could save you thousands—or more.
🎯 What You'll Learn
- The four major scam types plaguing Solana in 2025 and how each one operates
- Six critical on-chain red flags that expose fraudulent tokens before you buy
- Real case studies from Luna Yield, AVA AI, and other high-profile scams
- Automated detection tools that analyze security risks in seconds
- A step-by-step verification checklist to evaluate any token safely
The Scam Landscape: By the Numbers
Let's start with the hard data. The scale of token fraud on Solana is staggering, but understanding the statistics helps you grasp why vigilance is essential.
Pump.fun: The Scam Factory
Pump.fun revolutionized token launches by making it trivially easy to create and deploy new tokens on Solana. The platform has facilitated over 7 million token launches since its inception. However, research by Dune Analytics reveals that only 1.3% of these tokens maintain any meaningful value or legitimacy beyond their initial pump. That's a 98.7% failure rate—and the vast majority of these failures are deliberate scams rather than honest projects that simply didn't gain traction.
The platform has become so synonymous with scams that experienced traders now use "Pump.fun token" as shorthand for "extremely high risk." Yet new tokens continue launching at a rate of thousands per day, each one hoping to be the next BONK or WIF while statistically being just another rug pull waiting to happen.
The Broader Fraud Ecosystem
Solana isn't alone in facing this crisis, but its low transaction costs and fast finality make it particularly attractive to scammers. The FBI reported that $10.7 billion was lost to investment fraud in 2024, with $3.3 billion directly attributed to cryptocurrency scams. This represents a 53% increase from 2023, signaling that fraudsters are becoming more sophisticated and aggressive.
On-chain analysis by Chainalysis found that 93% of tokens launched on Raydium (Solana's largest DEX) between January and June 2024 exhibited characteristics of pump-and-dump schemes. These aren't necessarily full rug pulls where liquidity is removed, but coordinated efforts by insider wallets to inflate prices and dump on retail investors.
Evolution of Scam Techniques
Early Solana scams were crude: a developer would launch a token, buy up supply, create artificial hype, then dump everything at once. Today's scammers are far more subtle:
- Gradual liquidity removal that doesn't trigger immediate alarm
- Multiple interconnected wallet addresses to obscure insider holdings
- Professional marketing campaigns with fake partnerships and influencer endorsements
- Smart contract tricks that appear legitimate on surface inspection
- Impersonation tokens that mimic established projects with near-identical branding
The sophistication level has increased to the point where even blockchain explorers can't immediately flag certain scams without deep analysis. This is why automated security tools and manual verification have become non-negotiable for serious traders.
Common Scam Types Explained
Understanding the enemy is the first step in defending against it. Let's break down the four dominant scam types you'll encounter on Solana in 2025.
A. Honeypot Tokens
What They Are:
A honeypot token is a malicious smart contract that allows you to buy tokens but prevents you from selling them. The name comes from the classic trap: the promise of easy profits lures victims in, but once their capital is committed, there's no way out.
How They Work:
Honeypots exploit Solana's program architecture by implementing hidden restrictions in the transfer logic. When you attempt to buy tokens, the transaction succeeds normally. However, when you try to sell, the contract includes conditions that cause the transaction to fail—often with vague error messages like "0x1" or "custom program error."
Common implementation techniques include:
- Blacklist functions that silently add buyer addresses to a "no-sell" list
- Transfer restrictions that only allow specific whitelisted addresses to sell
- Fee manipulations that set sell fees to 99%, making sales economically impossible
- Timestamp locks that prevent sales until a date that never arrives
Real Examples:
In March 2024, a token called "SolGold" appeared on Pump.fun with impressive marketing materials and influencer shoutouts. Within hours, it had attracted over $200,000 in buy volume. Traders who attempted to take profits found their transactions failing repeatedly. On-chain analysis revealed that the contract had a hidden _beforeTokenTransfer hook that checked a private whitelist—only the deployer's addresses could sell. The liquidity was quietly drained over 48 hours.
Detection:
Honeypots are difficult to spot without specialized tools. Manual detection requires:
- Checking if the contract has unusual transfer restrictions
- Reviewing recent transaction history to see if ANY successful sells have occurred
- Testing with a small amount in a sandbox environment (advanced users only)
Automated scanners like TokenSniffer and GoPlus check for known honeypot patterns and can flag suspicious transfer logic.
B. Rug Pulls
What They Are:
A rug pull occurs when developers or early insiders suddenly remove all liquidity from a token's trading pool, causing the price to crash to zero. It's called a "rug pull" because it's like having the rug yanked out from under you—one moment you're standing, the next you're on the ground.
How They Work:
Most tokens on Solana are traded through automated market makers (AMMs) like Raydium or Orca. These platforms require liquidity pools where users deposit pairs of tokens (e.g., SOL/TOKEN) to facilitate trading. When a developer creates a new token, they typically provide initial liquidity by depositing their tokens along with SOL.
In a rug pull, the developer uses their liquidity provider (LP) tokens to withdraw this entire pool at once. Since there's no longer any liquidity to trade against, the token becomes worthless. Sophisticated rug pulls often:
- Wait for maximum buy volume before pulling (creating false confidence)
- Remove liquidity gradually to avoid detection
- Use multiple wallets to obscure the withdrawal pattern
- Time the pull with major announcements to maximize confusion
Real Examples:
Luna Yield ($6.7 Million):
Luna Yield positioned itself as a yield farming protocol on Solana with impressive APY promises. After attracting $6.7 million in total value locked (TVL), the team executed a perfectly timed rug pull in January 2024. They announced a "migration to a new contract" via their official channels, then removed all liquidity within minutes. The new contract they promoted was a honeypot. By the time investors realized what happened, the funds were gone.
Soft Rug Pulls:
Not all rug pulls are instant. Some developers engage in "soft rugs" where they gradually dump their holdings over days or weeks, depressing the price while maintaining plausible deniability. Gen Z Quant, a token promoted by a teenage influencer in February 2024, followed this pattern. The developer held 60% of supply and systematically sold into every buying pressure spike over three weeks, eventually crashing the token 99% while claiming "market volatility."
Detection:
Rug pull risk can be assessed by checking:
- Liquidity lock status: Is the liquidity locked in a time-lock contract?
- LP token ownership: Who controls the LP tokens that can withdraw liquidity?
- Liquidity amount: Is there at least $1,000 in locked liquidity?
- Lock duration: Is the lock substantial (30+ days) or just a token gesture?
C. Pump and Dump Schemes
What They Are:
A pump and dump is a coordinated effort to artificially inflate a token's price through misleading hype, then sell large holdings at the peak, causing the price to crash. Unlike rug pulls where liquidity disappears, pump and dumps leave the trading mechanism intact—but retail investors are left holding worthless bags.
How They Work:
Modern pump and dumps on Solana follow a predictable playbook:
- Stealth Launch: Deploy token with low initial liquidity
- Insider Accumulation: Team and connected wallets buy up 40-60% of supply at floor prices
- Marketing Blitz: Paid influencers, fake partnerships, telegram/discord campaigns
- Artificial Volume: Wash trading between insider wallets to create appearance of demand
- The Pump: Retail FOMO drives price 10x-100x in hours or days
- The Dump: Insiders systematically sell into the buying pressure
- The Crash: Price collapses 90%+ as retail tries to exit
Statistics:
Chainalysis research found that 93% of tokens on Raydium displayed pump-and-dump characteristics in the first half of 2024. The typical lifecycle of these tokens is:
- Launch → pump peak: 2-7 days
- Peak → 90% crash: 12-72 hours
- Average retail loss: 85% of invested capital
Real Examples:
AVA AI (96% Crash):
AVA AI launched in December 2023 with claims of being an "AI-powered trading assistant" for Solana. The marketing was professional, complete with a polished website, whitepaper, and paid influencer endorsements. The token pumped 2,400% in the first week, reaching a market cap of $45 million.
On-chain analysis revealed that 15 interconnected wallets held 52% of the supply. These wallets began selling in coordination, creating steady downward pressure while maintaining just enough buy support to keep retail from panicking. Within two weeks, the token had crashed 96% from its peak. The insider wallets had extracted an estimated $8 million in profits.
Detection Patterns:
Pump and dump schemes leave distinctive on-chain signatures:
- Concentrated holdings: 10 wallets holding >40% of supply
- Simultaneous purchases: Insider wallets buying within the same block
- Coordinated sells: Multiple large sells within minutes of each other
- Wash trading: Tokens moving back and forth between the same wallets
- Volume spikes: Artificial volume that doesn't correlate with unique traders
Tools like GMGN.AI and Bubblemaps can visualize wallet connections and flag suspicious clustering patterns.
D. Impersonation Tokens
What They Are:
Impersonation tokens (also called "fake tokens" or "spoofed tokens") are fraudulent tokens that masquerade as legitimate projects by copying their names, logos, social media presence, and branding. They rely on confused traders mistakenly buying the wrong mint address.
How They Work:
Solana's permissionless nature means anyone can create a token with any name and metadata. Scammers exploit this by:
- Copying metadata: Using identical names, symbols, and logo images
- SEO gaming: Creating websites and social profiles that rank alongside legitimate projects
- Paid promotion: Buying ads and influencer promotions using the victim project's branding
- Marketplace confusion: Listing on aggregators where users sort by name, not mint address
- Social engineering: DMing users with fake "official" announcements and links
The scammer's goal is to capture a percentage of users who don't verify the contract address before purchasing.
Real Examples:
Squid Game Token (Multiple Versions):
When the original Squid Game token famously rug-pulled in 2021 (on BSC), the story generated massive media attention. Within weeks, 47 different "Squid Game" tokens appeared on Solana, each claiming to be the "official" or "legitimate" version. Some had near-identical websites. Several accumulated over $100,000 in volume before being exposed as impersonations.
BONK Impersonators:
BONK, the legitimate Solana dog coin that achieved significant success, has been impersonated dozens of times. In December 2023, a fake BONK token briefly appeared in DexScreener's trending list with $2 million in reported volume. The fake token's contract address was just two characters different from the real one. Traders who didn't double-check lost an estimated $300,000 before the fake was delisted.
Detection:
Impersonation tokens are the easiest scams to avoid with basic verification:
✅ Always verify the official contract address from the project's website or CoinGecko/CoinMarketCap listing
✅ Check social media accounts for verification badges and follower counts
✅ Compare deployment dates: Real token first, copies came later
✅ Review marketplace listings: Legitimate tokens have verified checkmarks on major platforms
Never trust a token based on name alone. Mint address is the only source of truth on Solana.
On-Chain Red Flags to Watch For
Now that you understand the scam types, let's discuss the specific on-chain indicators that should trigger immediate caution. These red flags aren't definitive proof of fraud—some legitimate projects may have one or two—but multiple red flags together indicate extremely high risk.
🚨 Mint Authority Not Renounced
What It Means:
The mint authority is a privileged role that allows unlimited creation of new tokens. When a token is deployed, the creator holds this authority by default. If this authority is not "renounced" (set to null/burned), the creator can mint infinite new tokens at any time.
Why It's Dangerous:
Unlimited minting allows the creator to:
- Dilute existing holders by flooding supply
- Dump newly minted tokens on the market
- Maintain permanent control over tokenomics
- Change supply unexpectedly
Acceptable Exceptions:
Some legitimate projects maintain mint authority for specific reasons:
- Gaming tokens that mint rewards
- Stablecoins that need supply flexibility
- Projects with transparent multi-sig controls
How to Check:
On Solscan or Solana Explorer, navigate to the token's mint address and check the "Mint Authority" field. It should display null or show a multi-signature wallet with public documentation explaining why it's retained.
Risk Level: 🔴 CRITICAL if held by a single wallet with no explanation.
🚨 Freeze Authority Enabled
What It Means:
The freeze authority can freeze token accounts, preventing specific addresses from transferring or selling their tokens. This is another privileged role that should be renounced on community tokens.
Why It's Dangerous:
With freeze authority, a malicious actor can:
- Freeze wallets that try to sell during a pump
- Selectively disable trading for certain addresses
- Create a honeypot-like scenario where only insiders can exit
- Blackmail holders by threatening to freeze their tokens
Acceptable Exceptions:
Freeze authority is sometimes legitimate for:
- Regulatory compliance tokens (security tokens)
- Corporate tokens that need legal control
- Tokens with explicitly stated governance freezing mechanisms
How to Check:
Similar to mint authority, check the "Freeze Authority" field on blockchain explorers. It should be null for community-driven tokens.
Risk Level: 🔴 CRITICAL for meme coins and DeFi tokens.
🚨 Low Liquidity (< $1,000)
What It Means:
Liquidity refers to the total value of assets in the trading pool that enables swaps. For a SOL/TOKEN pair, this is the combined value of SOL and tokens deposited by liquidity providers.
Why It's Dangerous:
Low liquidity creates multiple problems:
- High slippage: Your trades move the price significantly
- Easy manipulation: Small amounts of capital can pump or dump the token
- Exit risk: Not enough liquidity to sell your position
- Rug pull indicator: Developer hasn't committed meaningful capital
Tokens with less than $1,000 in liquidity are extremely high risk. Professional traders typically avoid anything under $10,000.
How to Check:
- DEX aggregators (DexScreener, Birdeye) show liquidity in USD
- Blockchain explorers show the raw pool balance
- Compare liquidity to market cap: healthy tokens have liquidity >5% of market cap
Risk Level: 🟠 HIGH below $1,000, 🟡 MEDIUM between $1,000-$10,000.
🚨 Concentrated Holdings (> 40% in Top 10 Wallets)
What It Means:
Concentrated holdings refer to what percentage of the total token supply is controlled by the largest wallet addresses. This includes team wallets, early investors, and insiders.
Why It's Dangerous:
When a small number of wallets control the majority of supply:
- Dump risk: Coordinated selling can crash the price
- Price manipulation: Insiders can orchestrate pump and dumps
- Lack of distribution: Token isn't truly decentralized
- Insider information: Those wallets have asymmetric knowledge
As a general rule, if the top 10 wallets hold more than 40% of supply (excluding locked/burned tokens), the token is at high risk of insider manipulation.
How to Check:
- Use blockchain explorers to view "Holders" tab
- Exclude known burn addresses (e.g., addresses starting with
1111111...) - Use tools like Bubblemaps to visualize wallet connections
- Check if top holders are identified (exchange wallets, locked staking, etc.)
Red Flag Patterns:
- Multiple wallets funded by the same source
- Top holders all created around the same time
- Wallets with only token holdings (no transaction history)
Risk Level: 🟠 HIGH if >40% concentrated, 🔴 CRITICAL if >60%.
🚨 New Deployment (< 3 Days Old, Unverified)
What It Means:
Tokens deployed very recently with no verification, audits, or established community presence.
Why It's Dangerous:
The first 72 hours are peak rug pull window:
- No track record of developer behavior
- No community validation or audit results
- Maximum information asymmetry
- Often targets FOMO traders chasing "next 100x"
Acceptable Exceptions:
Some legitimate tokens launch with immediate credibility:
- Backed by known teams with doxxed members
- Audited before launch by reputable firms
- Fair launch with transparent tokenomics
- Immediate CEX or major DEX listing
How to Check:
- Check token creation date on blockchain explorer
- Look for audit reports (CertiK, Hacken, Trail of Bits)
- Search for team information and social media history
- See if the token has any coverage on legitimate crypto news sites
Risk Level: 🟠 HIGH if <3 days old, 🟡 MEDIUM if <30 days without verification.
🚨 Suspicious Metadata (Changes or Missing Information)
What It Means:
Token metadata includes name, symbol, logo, description, and website links. Suspicious patterns include frequent changes, missing information, or copied branding.
Why It's Dangerous:
- Metadata changes often indicate impersonation or identity hiding
- Missing information suggests rushed scam deployment
- Copied branding is a hallmark of fake tokens
- Dead social links indicate abandoned or fraudulent project
How to Check:
- Verify metadata hasn't changed since deployment (check historical snapshots)
- Confirm social media links lead to active, legitimate accounts
- Ensure logo doesn't match an existing project
- Check that website is functional and not a template
Risk Level: 🟡 MEDIUM for minor inconsistencies, 🟠 HIGH for frequent changes or obvious copies.
Detection Tools and Methods
You don't need to be a blockchain forensics expert to protect yourself. A combination of automated security scanners and manual verification can catch the vast majority of scams before you lose money.
Automated Security Analysis Tools
#### 🛡️ RugCheck (Integrated with ScreenerBot)
What It Does:
RugCheck is one of the most comprehensive Solana token security scanners available. It analyzes:
- Mint and freeze authority status
- Top holder distribution
- Liquidity lock verification
- Contract code patterns
- Historical behavior
ScreenerBot Integration:
ScreenerBot automatically pulls RugCheck security data for tokens during filtering and evaluation. When you view token details in the dashboard, you'll see security scores and specific warnings directly from RugCheck's analysis. This real-time integration means you don't need to manually check each token—the bot handles it for you.
How to Use:
- Visit rugcheck.xyz and paste any Solana token mint address
- Review the color-coded risk assessment (🟢 Good, 🟡 Medium, 🔴 Risks)
- Check specific flags: authorities, liquidity, holders, metadata
- Export reports for your records
Limitations:
RugCheck can't predict future rug pulls or detect extremely sophisticated social engineering. It analyzes current on-chain state, not developer intent.
#### 🔍 TokenSniffer
What It Does:
TokenSniffer provides automated audits for tokens across multiple chains, including Solana. It focuses on contract-level analysis and known scam pattern matching.
Key Features:
- Honeypot detection algorithms
- Ownership concentration analysis
- Trading simulation to detect sell restrictions
- Scam database comparison
- Historical audit trails
How to Use:
- Visit tokensniffer.com and select Solana chain
- Input token address
- Review the overall score (0-100) and specific findings
- Check "Exploits" section for known vulnerabilities
Strength:
TokenSniffer is particularly good at identifying honeypots and transfer restrictions that other scanners miss.
#### 🔒 GoPlus Security
What It Does:
GoPlus offers enterprise-grade security API services with detailed risk analysis across multiple vectors.
Key Features:
- Real-time risk scoring
- Smart contract vulnerability detection
- Malicious address database
- Phishing site detection
- API access for automated workflows
How to Use:
- Visit gopluslabs.io/token-security
- Enter Solana token address
- Review comprehensive security report
- Check trust score and detailed risk breakdown
Unique Advantage:
GoPlus provides API access, meaning you can integrate it into your trading workflows or bots for automatic checking before any purchase.
#### 📊 GMGN.AI
What It Does:
GMGN.AI specializes in wallet analysis and insider trading detection. It's particularly useful for spotting pump-and-dump schemes.
Key Features:
- Wallet connection visualization
- Smart money tracking
- Insider wallet identification
- Transaction flow analysis
- Coordinated trading pattern detection
How to Use:
- Visit gmgn.ai and search token
- Review "Top Holders" with connection analysis
- Check for wallet clusters (multiple wallets controlled by same entity)
- Monitor smart money activity (wallets with high win rates)
Best For:
Identifying pump-and-dump schemes and understanding true token distribution beyond what's visible on basic explorers.
Manual Verification Methods
Automated tools are powerful, but manual verification adds a critical layer of human judgment. Here's your step-by-step process:
#### 1. Verify on Blockchain Explorers
Primary Explorers:
- Solscan (solscan.io): User-friendly, detailed token pages
- Solana Explorer (explorer.solana.com): Official, technical depth
- Solana Beach (solanabeach.io): Clean interface, good for quick checks
What to Check:
✅ Token creation date and deployer address
✅ Mint authority status (should be null)
✅ Freeze authority status (should be null)
✅ Total supply and circulating supply
✅ Number of holders (more is generally better)
✅ Recent transfer activity patterns
Red Flags:
❌ Recently created deployer wallet with no history
❌ Deployer wallet received funding from known scam addresses
❌ Suspicious transfer patterns (tokens moving in circles)
#### 2. Analyze Top Holders
What to Look For:
- Top 10 holders controlling less than 40% of supply
- Holder addresses with legitimate transaction history
- Identifiable holders (exchange wallets, known staking contracts)
- Distribution curve (should be gradual, not cliff-like)
Tools:
- Bubblemaps: Visual network graph of holder connections
- Solscan holder tab: Sortable list with percentages
- GMGN.AI: Wallet clustering analysis
Questions to Ask:
- Are top holders funded from the same source? (Sign of insider group)
- Do holder wallets have normal transaction history? (Real users have varied activity)
- Are there any burn addresses or locked vaults reducing circulating supply?
#### 3. Examine Liquidity
Metrics to Check:
- Total liquidity: Minimum $1,000, preferably $10,000+
- Liquidity lock: Should be locked in time-lock contract
- Lock duration: 30+ days minimum
- LP token holder: Should be locked or burned, not held by deployer
Where to Check:
- DEX analytics (DexScreener, Birdeye)
- Liquidity pool page on DEX (Raydium, Orca)
- Blockchain explorer showing LP token holder
Red Flags:
❌ Unlocked liquidity (can be removed instantly)
❌ Short lock duration (1-7 days)
❌ LP tokens held by single wallet
❌ Liquidity < 5% of market cap
#### 4. Review Social Presence and Community
What to Verify:
✅ Official website is functional and professional
✅ Social media accounts have real engagement (not bot followers)
✅ Team members are doxxed or pseudonymous with reputation
✅ Community activity is organic (not coordinated shilling)
✅ Project has clear roadmap and value proposition
Red Flags:
❌ Anonymous team with no previous projects
❌ Social media created same day as token
❌ Engagement consists of bot-like repetitive comments
❌ Promises of guaranteed returns or "next 1000x"
❌ Pressure tactics ("buy now before it's too late!")
Resources:
- Twitter/X for team presence
- Discord/Telegram for community activity
- GitHub for code repositories (if claiming to be tech project)
- LinkedIn for doxxed team verification
Protecting Yourself: Practical Checklist
Knowledge means nothing without action. Here's your step-by-step checklist to evaluate ANY Solana token before investing a single dollar.
✅ Pre-Purchase Security Checklist
Step 1: Verify Token Identity
☐ Obtained contract address from official source (not random links)
☐ Confirmed token name and symbol match claimed project
☐ Checked token is not an impersonation of known project
☐ Verified official social media accounts and website
Step 2: Run Automated Security Scans
☐ Analyzed on RugCheck (rugcheck.xyz) — no critical red flags
☐ Scanned with TokenSniffer (tokensniffer.com) — score above 60/100
☐ Checked GoPlus (gopluslabs.io) — trust score acceptable
☐ Reviewed GMGN.AI (gmgn.ai) — no insider dumping patterns
Step 3: Check Critical On-Chain Flags
☐ Mint authority = null (no unlimited minting)
☐ Freeze authority = null (no account freezing)
☐ Liquidity ≥ $1,000 (preferably $10,000+)
☐ Liquidity is locked for 30+ days
☐ Top 10 holders < 40% of supply
☐ Token age > 3 days with verified history
Step 4: Analyze Distribution and Holders
☐ Checked top 20 holder addresses on blockchain explorer
☐ Verified holders have legitimate transaction history
☐ Used Bubblemaps to check for wallet clustering
☐ Confirmed no massive concentrated holdings in new wallets
☐ Identified any known addresses (exchanges, staking contracts)
Step 5: Validate Liquidity and Trading
☐ Verified liquidity pool exists with substantial depth
☐ Checked LP tokens are locked or burned (not held by deployer)
☐ Reviewed recent trades for successful buy AND sell transactions
☐ Confirmed no unusual sell failures or transaction errors
☐ Examined volume vs. liquidity ratio (should be reasonable)
Step 6: Assess Project Legitimacy
☐ Reviewed project website for professionalism and completeness
☐ Verified team is doxxed OR has strong pseudonymous reputation
☐ Checked for audit by reputable firm (if claiming to be audited)
☐ Evaluated whitepaper/documentation for realistic claims
☐ Assessed community engagement for organic vs. bot activity
Step 7: Risk Management
☐ Only investing amount I can afford to lose completely
☐ Setting stop-loss or exit strategy before buying
☐ Not buying based on FOMO or social media hype
☐ Diversifying rather than going all-in on one token
☐ Documenting purchase reason and exit criteria
🛑 Absolute Deal-Breakers (Never Buy If Present)
These red flags should immediately disqualify a token from consideration:
❌ Mint or freeze authority held by single wallet with no explanation
❌ Unlocked liquidity that can be removed at any time
❌ Top 5 wallets holding >50% of supply
❌ No successful sell transactions in recent history (honeypot sign)
❌ Token created <24 hours ago with no verification
❌ Anonymous team making unrealistic promises (100x guaranteed, etc.)
❌ Failed security scans on multiple platforms (RugCheck, TokenSniffer)
❌ Evidence of coordinated insider trading on GMGN.AI
If even ONE of these is present, walk away. No matter how compelling the marketing or how urgent the FOMO, these flags indicate near-certain loss.
📊 Case Studies: Learning from Losses (2024-2025)
Theory is valuable, but real-world examples drive lessons home. Let's examine four major scams that devastated Solana traders in the past year.
Case Study 1: Luna Yield — The $6.7M Professional Rug Pull
Timeline: January 2024
Scam Type: Liquidity removal + Honeypot migration
Amount Stolen: $6.7 million
The Setup:
Luna Yield launched in late December 2023 as a "yield optimization protocol" for Solana DeFi. The project had a professional website, detailed tokenomics, and a whitepaper explaining their auto-compounding strategies. They offered 300-500% APY on staked tokens.
The Red Flags (In Hindsight):
- Team was anonymous with no verifiable previous projects
- APY rates were economically unsustainable
- Token vesting schedule was opaque
- Only 15% of liquidity was locked (rest was "team-managed")
The Execution:
On January 18, 2024, Luna Yield announced a "V2 migration" due to "smart contract optimizations." They provided a new contract address and urged users to migrate their tokens within 48 hours. Many users complied immediately.
Within 3 hours of the announcement:
- All liquidity was removed from the V1 pool ($6.7M in SOL)
- The V2 contract was deployed with honeypot mechanisms
- Users who "migrated" found they couldn't sell their new tokens
- Team wallets went dark, social media deleted
The Aftermath:
Over 3,400 wallet addresses lost funds. The largest individual loss was $147,000. Law enforcement investigations are ongoing, but recovery is unlikely.
Lesson:
Migration announcements from anonymous teams should trigger maximum scrutiny. Always test new contracts with minimal amounts before committing capital.
Case Study 2: AVA AI — The 96% Coordinated Dump
Timeline: December 2023 - January 2024
Scam Type: Pump and dump with coordinated insider selling
Market Cap Peak: $45 million
Crash Percentage: 96%
The Setup:
AVA AI marketed itself as an "AI-powered trading assistant" that would provide alpha signals for Solana traders. The token launched with massive influencer marketing across Crypto Twitter and YouTube. Professional graphics, an interactive website, and a "beta" web application gave the appearance of legitimacy.
The Pump:
The token pumped 2,400% in the first week after launch. Volume was impressive—over $8 million in daily trades. The project gained significant attention, and FOMO drove retail investors to buy in.
The Red Flags:
On-chain analysis (which most retail traders didn't conduct) revealed:
- 15 wallet addresses funded from the same source held 52% of supply
- These wallets bought during the first block after launch
- The "AI assistant" was a simple ChatGPT API wrapper with no unique functionality
- No GitHub repository or actual AI development evident
The Dump:
Starting January 5, 2024, the insider wallets began coordinated selling. They sold in carefully timed tranches to maintain enough buying pressure to keep retail from panicking. Over 12 days, they methodically exited their entire positions.
By January 17, the token had crashed 96% from its peak. The insider wallets extracted approximately $8 million in profits.
The Aftermath:
The team vanished. The website went offline. Social media accounts were deleted. Thousands of retail investors lost an average of 85% of their invested capital.
Lesson:
Analyze holder distribution before buying into trending tokens. Tools like GMGN.AI can identify coordinated wallet clusters that indicate insider control.
Case Study 3: Gen Z Quant — The Teenager's Soft Rug
Timeline: February 2024
Scam Type: Soft rug pull (gradual dumping)
Perpetrator: 16-year-old influencer (later doxxed)
The Setup:
A teenage crypto influencer with 300,000 followers launched "Gen Z Quant," supposedly a "quant trading fund token" that would share profits with holders. The influencer's age and "success story" narrative attracted significant attention, especially from younger traders.
The Mechanism:
The developer held 60% of the total supply at launch, claiming it was for "treasury management" and "marketing." Over three weeks, the developer systematically sold into every price pump:
- Week 1: Sold 15% of holdings during initial hype (+400% pump)
- Week 2: Sold 20% more as influencers promoted the token
- Week 3: Dumped remaining 25% as price started declining
The Red Flags:
- Single person holding majority of supply with no vesting
- No actual quant trading strategy or results shared
- Promises based on personality rather than product
- Continued selling despite public "HODL" messaging
The Aftermath:
The token crashed 99% over three weeks. The influencer was eventually doxxed and faced significant community backlash but faced no legal consequences as a minor. Estimated $2.3 million was extracted from retail traders.
Lesson:
Never trust projects where a single individual holds majority supply, regardless of their social media following or age. Personality-based tokens almost always end badly.
Case Study 4: Pump.fun Statistics — The 98.7% Failure Rate
Timeline: Ongoing (2024-2025)
Platform: Pump.fun
Tokens Launched: 7+ million
Success Rate: 1.3%
The Reality:
Pump.fun revolutionized token launches by making it trivially easy to deploy new tokens. However, this ease of creation has resulted in the platform becoming essentially a scam factory. Research by Dune Analytics found:
- 98.7% of tokens fail or are scams
- Average token lifespan: 11 hours
- Median maximum market cap: $287
- Percentage that reach $10k market cap: 4.2%
- Percentage that reach $100k market cap: 0.8%
Common Patterns:
- Token launches with $100-500 initial liquidity
- Developer buys up 40-70% of supply at launch prices
- Marketing push on Telegram/Twitter for 2-12 hours
- If token gains traction, developer dumps
- If token doesn't gain traction, developer abandons
- Either way, liquidity eventually goes to zero
Notable Sub-Scams:
- Bundle Bots: Developers using bots to buy multiple wallets worth instantly
- Rug Racing: Competing to create similar-named tokens simultaneously
- Reply-Guy Tokens: Creating tokens referenced in replies to viral tweets
Lesson:
Pump.fun tokens should be considered extremely high-risk gambling, not investing. If you choose to trade them, use only disposable amounts and expect total loss. Never hold overnight.
🎓 Key Takeaways: Your Protection Strategy
Let's distill everything into core principles you can apply immediately:
1. Verification Over FOMO
Never let fear of missing out override due diligence. The next opportunity is always around the corner—but lost capital is gone forever. Take 15 minutes to run your checklist before any purchase.
2. Authorities Must Be Renounced
For any community token, meme coin, or DeFi token, both mint and freeze authorities should be null. No exceptions unless there's a transparent, documented reason with multi-signature controls.
3. Liquidity Tells the Truth
Low liquidity (<$1,000) is a flashing red light. Unlocked liquidity is a death sentence. Always verify that liquidity is locked for a meaningful duration (30+ days minimum).
4. Distribution Reveals Intent
When top holders control >40% of supply—especially if those wallets are interconnected or newly created—you're looking at coordinated insider control. This is pump-and-dump territory.
5. Tools Are Your First Line of Defense
Use RugCheck, TokenSniffer, GoPlus, and GMGN.AI as standard practice. If you're using ScreenerBot, the security analysis is already integrated. Never skip automated scanning.
6. Impersonations Are Everywhere
Always verify the official contract address from the project's website or verified social media. One character difference in an address means a completely different (likely fake) token.
7. Anonymous Teams Require Extra Scrutiny
Anonymous or pseudonymous teams aren't automatically scams, but they require higher standards of proof. Look for code audits, locked liquidity, renounced authorities, and established reputation.
8. Marketing Intensity Doesn't Equal Legitimacy
Professional websites, paid influencers, and aggressive marketing are often signs of a pump-and-dump operation. Real projects let their product speak for itself.
9. If It Sounds Too Good to Be True, It Is
300% APY, "guaranteed 100x," "can't lose" promotions—these are scam markers, not opportunities. Realistic, sustainable returns are modest and clearly explained.
10. Start Small, Scale Up
When entering a new token, start with a test amount. Verify you can buy AND sell successfully. Check slippage and fees. Only scale up after confirming everything works as expected.
Conclusion: Knowledge Is Your Best Defense
The Solana ecosystem is simultaneously one of the most exciting and dangerous places in cryptocurrency. With 98.7% of new tokens being scams or failures, the odds are statistically against any random purchase. But this isn't a reason to avoid Solana entirely—it's a call to trade smarter.
Every scam follows patterns. Honeypots reveal themselves through transfer restrictions. Rug pulls show red flags in liquidity management. Pump and dumps leave insider wallet signatures. Impersonations can be caught with basic verification. By understanding these patterns and using the right tools, you shift the odds dramatically in your favor.
Security analysis is no longer optional—it's the foundation of responsible trading. Tools like RugCheck (integrated directly into ScreenerBot), TokenSniffer, GoPlus, and GMGN.AI have made sophisticated security analysis accessible to everyone. Combined with manual verification of liquidity, holder distribution, and project legitimacy, you have a robust defense against fraud.
The goal isn't to eliminate all risk—crypto will always be volatile and unpredictable. The goal is to eliminate predictable losses to known scam patterns. Every time you skip verification because you're in a hurry, you're gambling with your capital against adversaries who are counting on your impatience.
ScreenerBot's RugCheck integration automatically flags security risks during token filtering, so you can focus on trading opportunities rather than manual scam detection. But the ultimate responsibility lies with you. Use the checklist. Run the tools. Verify the authorities. Check the liquidity. Analyze the holders.
Trade with your eyes open, not your emotions leading. The difference between a profitable trader and one who loses everything often comes down to this: taking 15 minutes to verify before clicking buy.
Stay safe, stay informed, and never stop learning. The scammers are constantly evolving their tactics—your knowledge must evolve too.
Have questions about token security analysis or ScreenerBot's filtering features? Visit our Discord community or check out the Security Features documentation.
Disclaimer: This article is for educational purposes only and does not constitute financial advice. All trading involves risk, and you should conduct your own research before making investment decisions.