Common token scams

  • Updated

Scam tokens are common in crypto. You might see an unfamiliar token in your wallet, or notice a new token transaction in the Recent Activity tab that you don’t recognize.

This article explains:

  • What scam tokens are.
  • Common token scam patterns.
  • How to spot warning signs before you interact.
  • What to do if you already approved a suspicious request.

What are scam tokens

Scam tokens are cryptocurrencies created to trick people into taking actions that put their funds at risk. They often look legitimate, but they are designed to:

  • Get you to buy the wrong token.
  • Get you to connect your wallet to a fake site.
  • Get you to approve a malicious transaction or token allowance.

Because wallet addresses are public, anyone can send tokens to your wallet. This is similar to how anyone can put mail into your mailbox. Receiving a token does not mean you bought it.

In many cases, scammers airdrop tokens to wallets and rely on confusion, urgency, or curiosity to get you to interact.

Common types of token scams

Fake token airdrops

Scammers send tokens to your wallet that include instructions in the token name or metadata, such as a link to “claim” rewards. These links often lead to phishing sites that ask you to connect your wallet and approve a malicious request.

Scammers also target people who recently bought a trending token. They can scrape onchain data to identify token holders, then mass-airdrop lookalike tokens to those addresses.

What scammers want you to do

  • Buy the fake token by mistake. This often happens when someone searches by name instead of verifying the contract address.
  • Interact with the token. Attempting to swap, sell, or send it may trigger an approval request that puts your wallet at risk.

Pump-and-dump tokens

In a pump-and-dump scheme, scammers promote a token using hype and misleading claims, often on social media. Once enough people buy in and the price rises, scammers sell their holdings. The price drops quickly, leaving other holders with tokens that may be difficult to sell.

Honeypot tokens

A honeypot token lets you buy, but prevents you from selling. The contract is designed to trap buyers.

Some honeypots use restrictions like:

  • Only certain wallets can sell.
  • Selling is blocked unless you meet hidden conditions.
  • Selling fees are set extremely high.

Rug pulls

In a rug pull, scammers create a token or project, attract buyers, and then remove liquidity or abandon the project after taking funds. This is common with new tokens that promise high returns or promote limited-time opportunities.

Impersonation tokens

Impersonation tokens copy the name, logo, or branding of a real token or well-known project. The goal is to get you to buy the wrong asset.

This often happens when:

  • A token name is similar to a legitimate one.
  • The token uses a familiar logo.
  • A fake site claims a partnership or endorsement.

How to identify scam tokens

You can’t always spot scams from appearance alone, but the signs below can help you assess risk before you interact.

Red flags in token details

Look for:

  • Unrealistic claims. “Guaranteed returns” or “risk-free rewards” are common scam language.
  • Unclear team or ownership. Legitimate projects usually provide verifiable information about who is building them.
  • Suspicious distribution. If one wallet holds a large share of the supply, the token may be vulnerable to manipulation.
  • Minting risk. Some contracts allow unlimited token creation, which can damage value and signal poor design or malicious intent.

Fake community hype

Scammers often manufacture credibility on X, Telegram, and Discord.

Watch for:

  • New accounts with low engagement.
  • Repeated or copy-pasted comments.
  • Offers that require you to connect your wallet to “verify” or “claim.”

Low-quality websites or documentation

Poor formatting, vague language, and missing details are common in scam projects. Look for:

  • Broken links or missing contact information.
  • Roadmaps with no technical detail.
  • A heavy focus on rewards with no clear product.

Use explorers and token analysis tools

Before you interact with a token, verify the contract or mint address using a trusted source, such as CoinGecko or a blockchain explorer:

For a walkthrough, see How to use blockchain explorers to avoid crypto scams.

Scam detection warnings in Phantom

Phantom may flag suspicious tokens with a warning such as “we believe this account is malicious.” Phantom uses third-party detection tools to help identify and flag potentially malicious tokens.

A warning does not always mean the token is harmful, but it is a strong signal to pause and verify before you interact.

How to avoid interacting with scam tokens

The safest approach is to verify first and avoid rushing into approvals.

Verify contract addresses before you swap or connect

  • Use the official contract address from a trusted source, such as a verified project page or CoinGecko.
  • Avoid searching by token name alone, especially for trending tokens.
  • Be cautious with links shared through token metadata, DMs, or replies on social media.

Ignore unsolicited tokens

If you receive a token you didn't expect:

  • Don't select any links in the token name or description.
  • Don't try to swap, sell, or send the token.
  • Hide and report it in Phantom.

Receiving a token doesn't harm your wallet on its own. Risk usually comes from approvals and signed requests.

Use a separate wallet for higher-risk activity

For new or unverified projects, consider using a separate wallet or account with limited funds. This helps protect your primary wallet if you approve something you didn't intend to approve.

What to do if you interacted with a scam token

If you think you approved something suspicious, act quickly.

Step 1: Stop interacting

Don't approve additional requests, and avoid revisiting the site or app until you verify it is safe.

Step 2: Revoke connections and approvals

Revoke any suspicious app connections and token allowances.

  • In Phantom, disconnect apps you don't recognize.
  • On Ethereum and EVM networks, you can also use a revocation tool such as Revoke.cash.
  • On Solana, you can use a Solana revocation tool such as Famous Fox’s Revoker.

For more details, see How to use blockchain explorers to avoid crypto scams.

Step 3: Move funds to a new wallet if needed

If you believe your wallet may be compromised:

  1. Create a new wallet in Phantom.
  2. Transfer your assets to the new wallet.
  3. Don't transfer the suspicious token.

Some scam tokens are designed to trigger actions when you interact with them, including sending.

For more information, see How to move assets when you need to start over with a new wallet.

Step 4: Report the scam

Reporting helps protect other users:

  • Hide and report the token in Phantom.
  • Report malicious apps or phishing attempts.
  • Contact Phantom Support with any links and transaction details.

Learn more in How to report a scam.

Step 5: Review your security setup

After you address the immediate risk:

  • Keep your Phantom app updated.
  • Use strong security protections on accounts tied to your crypto activity.
  • Review your wallet activity for unfamiliar approvals or transactions.

Keep your recovery phrase secure

Your recovery phrase is the key to your wallet. If someone gets it, they can access your funds. Never share it with anyone, and never enter it into a site you don't fully trust.

Was this article helpful?

12 out of 17 found this helpful
Can't find what you're looking for?

Start a chat