In 2025, $17 billion was stolen through crypto scams โ rug pulls, honeypots, and coordinated pump-and-dump schemes. The number isn't declining. It's growing.
The vast majority of these losses are preventable. Every rug pull leaves on-chain fingerprints before it happens. The problem is that most retail investors don't know what to look for โ and by the time the rug pulls, it's too late.
This guide covers the 5 most reliable rug pull red flags, explains what each means, and shows you how to check them in under 30 seconds using RegPilot's free token safety checker.
Before buying any token, paste the contract address into RegPilot's free checker. It takes 30 seconds and costs nothing. The alternative โ losing your investment to a rug โ costs everything.
What it is: Freeze authority is a Solana-specific token feature that gives the token creator the power to permanently freeze any wallet's ability to transfer or sell the token. If a developer retains freeze authority, they can trap your funds โ you can never move them.
Why it's the #1 risk: Unlike a rug pull (which you might catch early), freeze authority can be activated at any time โ even months after you buy, when you've already made profit and feel safe. Your tokens vanish from your usable balance instantly.
What safe looks like: Legitimate projects always renounce freeze authority before or immediately after launch. If freeze authority is retained, assume the worst.
The Ethereum/BSC equivalent is a blacklist function or transfer restriction in the smart contract โ code that lets the dev block specific wallets from selling. Always check for this in EVM token contracts.
What it is: Holder concentration measures how much of a token's total supply is controlled by the largest wallets. When a small number of wallets own most of the supply, a single sell decision can crash the price entirely.
The safe threshold: Top 10 holders owning less than 30โ40% of supply is considered healthy. Above 50% is a warning sign. Above 70% means one or two people control the token's price โ and your fate.
Why devs do it: On Pump.fun, developers use "bundle buying" โ dozens of wallets buying simultaneously at launch โ to accumulate large positions under the appearance of organic demand. Then they dump all at once.
What it is: When you buy a token on a DEX, you're trading against a liquidity pool โ a pair of tokens (e.g., SOL/TOKEN) that provides trading depth. If the developer can withdraw (drain) this pool at any time, they can drop the token price to zero in a single transaction.
What safe looks like: Liquidity locked for 6+ months via a reputable locker (e.g., Unicrypt, Team.Finance, Raydium). Less than 80% of LP tokens locked is a warning. No lock at all = run.
The expiry trap: Some devs lock liquidity for 30 days, creating false confidence. After the lock expires, they drain. Always check the lock expiry date, not just whether it's locked.
What it is: On Ethereum and BSC, smart contracts can be "verified" โ meaning the source code is publicly visible on Etherscan/BscScan. Unverified contracts hide their code from public inspection.
Why it matters: Scam contracts often contain hidden functions: maximum transaction limits that prevent selling, blacklist functions that block specific wallets, or backdoors allowing the dev to mint unlimited tokens. Without seeing the code, you can't know what's inside.
The copy-paste problem: Many rug pull contracts are slightly modified versions of previous scams โ same logic, different token name. RegPilot cross-references contract similarity against a database of known rug contracts.
What it is: The deployer wallet โ the address that created the token โ often reveals the developer's true intentions through its on-chain history and current holdings.
Red flags in the dev wallet:
Run through this before every purchase. RegPilot checks all of these automatically:
If not โ don't buy. No exceptions on Solana.
Higher than 50% = high rug risk. Check holder distribution.
Also check the lock expiry date โ not just whether it's locked.
Unverified = hidden code. Hidden code = hidden traps.
Check deployer history for previous rug pull patterns.
Failing 2+ of these checks = treat as high risk. RegPilot checks all 5 (plus 45+ more signals) in a single scan โ
Pump.fun tokens require extra scrutiny. 98.7% of tokens launched on Pump.fun are rug pulls (Solidus Labs, 2025). The platform's mechanics create predictable scam patterns that standard EVM token analysis misses.
Additional checks for Pump.fun tokens:
Check these 5 things: (1) Is freeze authority renounced? (2) Do top 10 holders own less than 40%? (3) Is liquidity locked 6+ months? (4) Is the contract verified? (5) Does the dev wallet hold under 5%? RegPilot checks all of these automatically in under 30 seconds โ free, no sign-up required.
In order of predictive reliability: (1) Freeze authority retained, (2) Top holders controlling 50%+, (3) Unlocked or expiring liquidity, (4) Unverified contract with suspicious functions, (5) Dev wallet with rug pull history. Any two of these = extreme caution.
Freeze authority is a Solana feature that lets a token creator permanently freeze any wallet's ability to move or sell the token. If a dev retains it, they can trap your funds forever. Legitimate projects always renounce it โ if it's retained, don't buy.
Paste any token contract address or Solana mint into RegPilot's free checker. No account, no sign-up. We analyze 50+ risk factors including all 5 red flags in this guide and return a trust score in under 30 seconds.
It eliminates the vast majority of risk. The on-chain indicators in this guide correctly predict rug pulls with very high accuracy. However, sophisticated scams (slow rugs, insider information) can sometimes pass initial checks โ this is why ongoing monitoring with Wallet Watchdog provides additional protection even after purchase.
Now that you know what to look for โ let RegPilot do the checking automatically. Free trust scores for every token, every chain.
Check Token Free โ Get Watchdog AlertsMore RegPilot Tools & Guides