How to Avoid Scams & Identify Legit Tokens During Crypto Rally
The amount of financial loss has been accumulated over the years to go beyond billions of dollars since the inception of cryptocurrencies, indebted by scammers’ sweet melodies chirping of free money and high return on investment. The Federal Trade Commission (FTC) reported over $1 billion of losses among 43,000 people from January 2021 through June 2022.
Compared to any other asset, a digital asset sits on top of a complex web of computer science jargon that most people would neither understand nor care about. Everyday news shuffles a variety of articles from ‘Junky turned Cryptocurrency Millionaire’ to ‘I Lost Everything to It’ that pique the readers’ interest. If one tries to look into this rabbit hole from the wrong angle (greed), it becomes too late to realize that they slipped right into a scam.
However, tech-savvy investors know their way around this. There are many online tools and methods available that you can follow to find the true nature of the token and flag them red if they seem suspicious.
In this article, we’ll utilize the simplest, i.e., Bitquery.
There is no legal or right way to define the existence of fake crypto apart from the intent of committing cyber crimes. Perpetrators aim to target ill-informed groups of people against the promise of ROI imitating as the real token, and thus, the vicious cycle of fraud begins.
Multiple ways exist to identify malicious tokens amidst a large pool of look-alikes.
So, let’s save your funds.
Trading Volume Seems Fishy
This pie chart signifies that some of the tokens have less than 100 trades from 1 September to 29 November 2023 on Uniswap, which were extracted by querying the Ethereum data in the Bitquery IDE.
Least traded tokens for the period Sept-Nov 2023
Now, the scammers can name their crypto token anything, so what do you think they’ll use to persuade the targets?
Which also comes with high-market value. Cherry on the top!
In the above chart, you can see BNB. At first glance, you won’t know any difference, but let’s zoom in a bit.
Fake BNB Instance
Average Daily Trading Volume (Nov’23): 0
Does anything look weird?
Like the token name being an ugly mess of a Harry Potter character, a USA ex-president, and a meme coin.
Real BNB Instance
Average Daily Trading Volume (Nov’23): >65
Next time you find an excellent crypto asset for investment, check out their token trading info here so you don’t regret it later.
Watch Out for Holder Count
The second way you can be wary of a fraudster scheme is by looking at the number of holders for that token. The rule of thumb is to be skeptical if you find a token with a holder’s count <2000. Since it is infeasible (however not impossible) to have more than 2000 fake wallet addresses, the likelihood of manipulating the holder’s count diminishes significantly.
Fake v/s Real USDT Holders
Tether USD (USDT) is at the forefront of stablecoin economies worldwide.
A stablecoin is a cryptocurrency whose value is tied to a fiat currency, such as USDT being pegged to the US dollar.
It becomes challenging to distinguish the real cryptocurrency among so many counterfeits. Bitquery Explorer can help determine the volume and distribution of real/fake USDT within the Web3 ecosystem.
Comparing the above tables, an investor’s intuition should warn you about the left USDT token due to the following reasons:
- Hilarious Name
- Holder Count < 200 (<<<2000!)
That’s a sure sign of a scam right there.
Meanwhile, the table on the right belongs to the authenticated USDT token, also representing a vast number of token holders (approx. 5M).
Scammers will do anything to convince you that their funny-named token is a real deal to invest in. That’s why a token’s background check is essential before investing in cryptocurrencies.
So far, we have understood how trading volume, holder count, and funny name philosophy can alert you about fraud. Now, let’s get a bit technical and improvise our method.
Read Between the Lines — Smart Contracts Bytecode
We’ll use the same fake USDT token address to initialize a query on Bitquery IDE that extracts the bytecode for the USDT token smart contract.
Bytecode is the compiled output stored on the Ethereum network after deploying the smart contracts written in Solidity. It is alphanumeric and cannot be read by humans but only by a computer. Example:-
#Bytecode for Fake USDT
Many online tools can decompile bytecode to display the smart contract code behind the screen. A blockchain tech-savvy person can deduce multiple vulnerabilities and possible fraud schemes within the smart contract that contract creators keep hidden under the facade of a reputed token.
Buy This Coin or Bitcoin?
Let’s see an example of a potential scam of fake BTC (Buy This Coin) luring users in hopes of earning a hefty value appreciation profit from real BTC (Bitcoin).
Buy This Coin Address: 0x2e031426f3ef1b26b4fe4998346c4a4831c75c91
After extracting the bytecode for fake BTC and studying the code, a few vulnerabilities that flagged it as fraud were found.
Wallets can be blacklisted from being able to transfer, swap or sell this token
Whitelist feature enables unique users to bypass restrictions
These two functions can be easily exploited to manipulate the intended purpose of the smart contract. Users can also find a few smart contract statistics using the Bitquery Explorer without using bytecode.
Overview of smart contract stats for fake BTC token
This data implies that even if we combine all the given factors, it will still amount to only an insignificant fraction of true BTC. For November 2023, the transaction (Tx) count is less than a hundred. Considering the value of true BTC, it has a significant share in almost all crypto exchange platforms, such that it can never logically explain the above data if it were the real BTC.
Summarizing the main points to remember while looking out for a new crypto asset:
Don’t be fooled by the symbol; it could be a fake
Always search for an asset’s history before investing
Look out for low volume, high volatility, and low holder count to avoid being scammed
Tech-savvy people can do an in-depth smart contract code check by decompiling the bytecode as given in the article to make sure their funds are secure
Popular tokens = Traps (if left unchecked)
Guest blog written by Sarika
Subscribe to our newsletter
Subscribe and never miss any updates related to our APIs, new developments & latest news etc. Our newsletter is sent once a week on Monday.