Home
Crypto News
How to Avoid Crypto Presale Scams: Complete Safety Checklist

How to Avoid Crypto Presale Scams: Complete Safety Checklist

Crypto Regulation & Policy Press Release Expert

Published 2026-05-13

Updated 2026-05-13

How to Avoid Crypto Presale Scams: Complete Safety Checklist

The Complete Presale Safety System: From Discovery to Contribution

Presale fraud costs investors hundreds of millions annually — and virtually all of it is preventable with systematic verification. The investors who lose money to presale scams are not less intelligent than those who avoid them; they simply skip or rush through the verification steps that would have protected them. This checklist makes skipping impossible.

The 7-Step Presale Safety Checklist

Step	Check	Tool	Time	Pass Threshold	Fail = ?
1	Honeypot test	honeypot.is / tokensniffer.com	2 min	Can buy AND sell	Instant exit
2	Contract verification	BSCScan/Etherscan	5 min	Source published, no dangerous owner functions	High risk flag
3	Audit report	Audit firm's official site	10 min	PDF exists, 0 unresolved Criticals	Pass or size down
4	Liquidity lock	dx.sale/locker or Unicrypt	5 min	80%+ locked 6+ months	High risk flag
5	Team verification	LinkedIn + reverse image	15 min	3 verifiable profiles, accounts pre-date project	High risk flag
6	FDV check	CoinGecko comparables	10 min	Under 2× comparable median FDV	Reduce size
7	Community quality	Telegram / Discord	5 min	Genuine discussion, not just bots	Reduce size

Rule: Steps 1-2 failures = DO NOT INVEST under any circumstances. Steps 3-5 failures = high risk, require extraordinary justification. Steps 6-7 = affect position size, not participation decision.

Scam Type Detection Reference

Scam Type	Detection Method	Time
Honeypot	honeypot.is sell simulation	1 min
Rug pull	LP lock verification on DxLock	3 min
Fake team	LinkedIn + reverse image search	15 min
Fake audit	Audit firm website search	5 min
Pump & dump	Team vesting lock check	5 min
Phishing site	URL character verification	30 sec
Bot community	Telegram scroll + technical question	5 min

The Non-Negotiable Rules

Never invest from unsolicited DMs — no legitimate presale requires cold outreach
Always type URLs directly — never click links for presale access
Never share your seed phrase — under any circumstances, to anyone
Run honeypot check first — before any other research step
Complete all 7 steps — no exceptions regardless of time pressure

Monthly Security Maintenance

Revoke approvals: revoke.cash (10 min)
Verify MetaMask extension ID: nkbihfbeogaeaoehlefnkodbefgpgknn (1 min)
Check held presale project activity (10 min)
Review and remove unknown browser extensions (5 min)

Glossary

Honeypot: A token contract that allows purchases but prevents all sales — immediate total loss for every buyer.
Rug Pull: Removal of liquidity by the project team causing immediate token price collapse.
Social Proof Attack: Manufacturing the appearance of widespread legitimate investment to trigger FOMO-based decisions.

Disclaimer

This checklist significantly reduces but cannot eliminate presale fraud risk. Sophisticated scams can pass multiple verification steps. Never invest more than you can afford to lose. Not financial advice.

Previous Next

Yara Fernandez Crypto Regulation & Policy Press Release Expert

521+ articles

1 Year experience

Regulation specialty

Yara Fernandez dives into NFT drops, Latin American crypto art, and GameFi projects that bridge culture and blockchain. As a respected name in crypto journalism, she delivers valuable insights on NFT and Web3 topics from around the world. Her work blends deep research with simplicity, making it easy for readers to understand the fast-moving world of crypto. She focuses on topics related to NFT and Web3 reporting and regularly covers emerging trends, technology updates, and community stories.

Read All Articles By Yara Fernandez

✍️ WHAT'S YOUR OPINION?

Your Name

Your Opinion

Frequently Asked Questions

Have questions? We have answers!

What is the single most effective way to avoid crypto presale scams?

Running every token contract through a honeypot checker (honeypot.is or tokensniffer.com) before contributing anything eliminates the most dangerous category of presale fraud in under 2 minutes. A honeypot contract allows purchases but blocks all sales — confirmed total loss for every buyer. This one check costs 2 minutes and prevents the most common and most costly presale scam type. After honeypot testing, the next highest-ROI check is team verification: 50% of presale fraud involves fabricated teams; 15 minutes of LinkedIn verification eliminates most fraudulent projects.

What is the complete 7-step presale safety checklist?

Complete presale safety checklist: (1) Honeypot test — tokensniffer.com or honeypot.is (2 min); (2) Contract verification — source code published on BSCScan/Etherscan, no dangerous owner functions (5 min); (3) Audit report — findable PDF on audit firm's official website, zero unresolved Critical findings (10 min); (4) Liquidity lock — verified on DxLock/Unicrypt for 6+ months, 80%+ of LP locked (5 min); (5) Team verification — 3 key members with LinkedIn profiles older than project, reverse image search passes (15 min); (6) FDV reasonableness — calculate and compare to 3 sector comparables (10 min); (7) Community authenticity — genuine discussion in Telegram, not all bots (5 min). Total: 52 minutes. No exceptions.

How do I verify a liquidity lock is real and not faked?

Liquidity lock verification: go to dx.sale/locker or app.unicrypt.network/services/liquidity-scanner; paste the LP token contract address (not the regular token contract); confirm that: a significant percentage (80%+) of LP tokens is locked; the lock duration is at least 6 months; the lock was set by the project team wallet (not a random address); and the contract locking the LP is DxLock or Unicrypt (not a custom 'lock' contract the team controls). Red flags: only 1-5% of LP locked while 95%+ remains with the team; lock duration of 3-7 days expiring just after the presale closes; or LP locked in a contract the team deployed themselves.

What phishing tactics do scammers use to steal from presale investors?

Common phishing tactics in the presale space: fake claim portals — DMs or posts sharing 'claim your tokens' links that drain wallets instead; fake support accounts — impersonating project team members offering help in exchange for seed phrase; fake presale websites — clones of legitimate launchpad sites with slightly different URLs; airdrop phishing — 'you qualify for free tokens' requiring wallet connection to a drainer contract; fake exchange listing announcements — 'token now on Binance, deposit here' with a fraudulent address; and search engine ad phishing — sponsored links appearing above legitimate project websites. Protection: always type URLs directly; never click DM links; never share seed phrase with anyone.

How do I detect if a presale Telegram group is fake?

Fake Telegram community detection: check the group creation date (should be months before the presale, not days); look at member profile pictures — are they diverse real people or obviously generated images?; read the last 24 hours of messages — does anyone ask substantive questions about the project?; try asking a specific technical question — genuine communities answer; look for patterns: 15 messages all posted within 5 minutes suggests bot activity; and check if the admin/team accounts have histories in crypto discussions before this project existed. Genuine communities: members argue about project details, question roadmap timelines, and discuss technical implementation — not just price predictions.

What are the most dangerous presale scams that are hard to detect?

Hard-to-detect presale scams in 2026: (1) Slow rug — team gradually sells tokens over weeks rather than a single dump, making the decline look like 'market conditions'; (2) AI-generated teams — deepfake photos and AI-written profiles that pass reverse image searches; (3) Legitimate-looking audits from fake audit firms — scammers create fake audit companies with professional websites and issue fake reports; (4) Partial rug — team removes 80% of liquidity leaving enough for ongoing trading, reducing immediate legal/detection risk; (5) Time-delayed honeypot — contract allows selling during the presale but a time-locked function activates blocking sells after launch. Defense: multi-source verification and community confirmation from experienced investors.

Is there a scam database I can check before investing in a presale?

Scam databases and fraud verification resources: BSCheck.eu — BSC-specific scam token database; RugDoc (rugdoc.io) — BSC project risk ratings and scam documentation; CoinGecko 'Warning' tags — some known scam tokens are flagged; ScamAdviser — domain reputation checking; DeFi Rekt (rekt.news) — documented DeFi hacks and exploits; DeFiLlama hacks tracker — on-chain confirmed exploits; PeckShield Alert Twitter — real-time rug pull documentation; and SlowMist Hacked database — comprehensive crypto security incident records. Search the project name across these databases before investing — previous scam patterns from the same team address often appear in these records.

What should I do if I suspect a presale is a scam mid-way through my due diligence?

Mid-investigation scam suspicion protocol: do not contribute any funds until suspicion is resolved; if you've already contributed, do not contribute more 'to average down'; share your specific concern in reputable crypto communities (not the project's own channels) and ask if others have noticed the same issue; contact the project team directly with specific questions about the red flag you identified (legitimate teams answer specific security questions immediately); run the contract through all available safety scanners regardless of what you've already checked; and if you can't resolve the specific concern with verifiable evidence, pass the investment. The cost of passing on a legitimate project is far lower than the cost of investing in a fraud.

How much time should I realistically spend on scam prevention for different investment sizes?

Scam prevention time allocation by investment size: under $100 — minimum 25 minutes (honeypot + contract + liquidity lock + basic team check); $100-$500 — minimum 45 minutes (full 7-step checklist); $500-$2,000 — minimum 90 minutes (full checklist + community verification + comparable analysis); $2,000-$10,000 — minimum 3 hours (full checklist + extended team verification + financial model + comparable analysis + AMA attendance); over $10,000 — minimum 8 hours or professional engagement (all of the above plus reference checks + legal structure review + direct founder interview). The correlation between research time and fraud avoidance is direct — every shortcut is a proportional increase in fraud exposure.

What are the signs that a project has passed all safety checks but is still likely to fail (non-fraud)?

Post-safety-check quality red flags (legitimate but poor investment): (1) Product-market fit unclear — can't identify who genuinely needs this; (2) All competitors are larger, better-funded incumbents with no clear differentiation; (3) Team competent but inexperienced in the specific domain; (4) Tokenomics technically valid but economically unsustainable (emission > burn, circular yield); (5) Community technically real but very small relative to raise size; (6) FDV reasonable but project's comparable protocol is already declining; (7) Timeline aggressive for the stated technical complexity. These risks pass safety checks but predict poor investment outcomes — the difference between 'not a scam' and 'good investment' is significant.

How do I stay current on new scam tactics that emerge in the presale space?

Ongoing scam tactic education: follow @PeckShieldAlert, @SlowMist_Team, and @certik on Twitter/X for real-time hack and fraud documentation; read the DeFi Rekt newsletter (rekt.news) monthly for detailed post-mortems; join crypto security-focused Discord servers (Blockchain Security Alliance community); subscribe to SlowMist's monthly security digest; and review BscCheck.eu new listings weekly to see what scams are being documented. The pattern: new scam tactics typically emerge, get documented by security researchers, and become widely known — there's usually a 2-4 week gap between a new tactic's emergence and widespread investor awareness during which early-discoverers lose money.

What is the most common reason experienced crypto investors still fall for presale scams?

Experienced investor scam vulnerability factors: (1) FOMO overriding process — 'I know this is rushing but the opportunity is too good' leads to skipping checklist steps; (2) Trust through familiarity — 'I know this team from a previous project' without verifying the NEW project's contracts; (3) Confirmation bias — completing due diligence but dismissing red flags that conflict with a desire to invest; (4) Social proof manipulation — seeing trusted crypto figures promote something and reducing personal scrutiny; (5) Sunk cost in research — 'I spent 3 hours on this, so it must be worth investing' without completing all steps. The solution: make the 7-step checklist non-negotiable regardless of experience level or investment conviction.

What is a 'social proof attack' and how does it work in presales?

Social proof attacks in presales: scammers create the appearance of widespread legitimate investment to trigger FOMO-based decisions. Mechanisms: buying fake Twitter followers and engagement for the project account; creating bot-filled Telegram groups with realistic-looking activity patterns; paying KOLs (Key Opinion Leaders) for promotions that appear organic; posting fake screenshots of 'early investors' discussing the project; and coordinating multiple fake accounts to create the impression of widespread due diligence having been completed. Detection: always conduct personal verification regardless of what others appear to be doing; check when community members joined crypto (accounts created within months of the project are suspicious); and verify that any named 'investor' actually participates in verifiable ways.

What is the '5-minute safety filter' for new presales discovered in Telegram DMs?

5-minute DM presale filter — apply this immediately when you receive an unsolicited presale recommendation: (1) Was this sent unsolicited via DM? If yes: 90% probability of scam — apply maximum skepticism; (2) Is the URL exactly the official launchpad domain (pinksale.finance, not pinksale.xyz, etc.)? Minor URL differences are almost always phishing; (3) Run honeypot.is immediately — any sell restriction = confirmed scam, stop immediately; (4) Is there a reason you specifically were contacted? Scammers mass-DM; genuine investment opportunities don't need cold outreach. If any of these 4 checks raises a concern: pass immediately without further investigation. No legitimate presale requires you to invest via an unsolicited DM.

Have Questions?

Our team will answer all your questions. We ensure a quick response.