Crypto scams often rely on confusion, lookalike tokens, and malicious approvals. A few simple tools can help you verify what you're seeing before you connect your wallet, approve a request, or swap a token.
Quick checklist
Before you connect your wallet or approve a request:
- Confirm the token's contract or mint address.
- Research the token using trusted tools.
- Review wallet activity in a blockchain explorer if something looks wrong.
- Disconnect apps you don't recognize.
- Revoke approvals you don't recognize.
If you think your wallet is compromised, create a new wallet and move your assets to it. Avoid transferring suspicious tokens.
Start with the contract address
If you're unsure whether a token is legitimate, the contract address (or mint address on Solana) is the most reliable way to verify it. Use it to:
- Confirm you're looking at the correct token.
- Avoid copycat tokens that reuse familiar names or logos.
- Check third-party risk signals before you interact.
For steps, see Check a token's contract address before you interact with it.
Use a blockchain explorer to investigate activity
Blockchain explorers show public onchain activity for each network Phantom supports. They're useful when:
- A transaction is missing from your Recent Activity tab.
- You want to confirm whether a transfer completed.
- You want to review the exact tokens moved in a transaction.
- You want to check whether spam transactions are appearing onchain.
For steps, see View your wallet activity on a blockchain explorer.
What to look for when investigating a scam
When reviewing activity in an explorer, focus on:
- Unexpected approvals or permissions. These can allow future token movement by apps you no longer use.
- Transfers you don't recognize. Especially those that occurred after connecting to a new app.
- Lookalike token transfers. Scammers may send tokens with a similar name or logo to create confusion.
If you see activity you don't recognize, revoke permissions as soon as possible.
Revoke approvals and disconnect suspicious apps
Many scams rely on approvals. If you approve a malicious request, an app or contract can access your tokens even after you disconnect.
Disconnect apps in Phantom
- Select your profile avatar in the upper left.
- Go to Settings → Connected Apps.
- Disconnect any app you don't recognize.
Revoke approvals with external tools
Revoke.cash (Ethereum and EVM networks)
- Go to revoke.cash.
- Connect your Phantom wallet and view all active token and app permissions.
- Select the approvals you want to revoke and confirm.
Famous Fox's Revoker (Solana)
- Go to famousfoxes.com/revoke.
- Connect your Phantom wallet and review all active token approvals.
- Revoke any suspicious approvals.
Revoking approvals prevents future token movement by apps or contracts you no longer trust.
Use token analysis tools
Token analysis tools highlight common risk patterns such as suspicious ownership settings, unlocked liquidity, or honeypot behavior. No single tool can guarantee safety, so treat results as one input in your decision.
Tools by network:
- Solsniffer and RugCheck (Solana)
- Token Sniffer and Honeypot.is (Ethereum and EVM networks)
- Nexa Sui Bot on Telegram (Sui)
For steps, see Check a token's contract address before you interact with it.
Safer browsing tips
- Bookmark trusted apps and tools instead of relying on search results or ads.
- Avoid selecting links embedded in token names or descriptions.
- Use the Explore tab in Phantom to return to apps you trust.
- Verify a token's contract address before you swap, especially for trending tokens.