Get Tangem

How to Detect a Honeypot Crypto Scam

38_201.png

The word honeypot dates back to the 16th century when it was used to refer to a pot of honey. Its figurative use, however, began much later.

In a figurative sense, honeypots were used to describe something highly attractive but potentially dangerous in the early 20th century. The term was first applied in espionage and security, where a honeypot referred to an alluring trap used to gather intelligence or catch adversaries. For example, in espionage, it referred to a situation where an agent might be seduced or lured into compromising positions.

In computer security, honeypot was adopted in the 1990s to describe decoy systems set up to detect and study cyber attackers. This usage has since been extended to crypto scams where "honeypot" refers to deceptive opportunities that trap users by making withdrawals impossible.

In this article, we examine honeypots in more detail, including their methods, identifying aspects, and extensive protection strategies.
 

What is a honeypot scam?

A honeypot scam is a deceptive smart contract created to lure unsuspecting users with promises of large profits or unusual services. These scams initially appear legitimate and profitable but contain a hidden mechanism that generates coins for the exploiter and drains the pool.

How does a honeypot work?

Honeypots are carefully planned and executed to fool even the most cautious investors. Understanding how these scams work can help you identify and protect your assets. Let's break down the stages of a honeypot attack and explain the details involved in each step.

  1. Creating a fake smart contract

    A fraudster deploys a malicious smart contract or launch a fake coin that looks like a legitimate investment opportunity. The contract is designed to allow users to invest funds but contains hidden rules that prevent withdrawals.

  2. Luring victims with attractive offers

    To make the scheme appealing, the asset offers unusually high returns, discounted coins, or the appearance of strong growth potential. It could be tied to DeFi, staking, or other popular investment models. Sometimes, the scheme is marketed through social media, forums, or even fake websites to build credibility. 
    To build up, celebrities and KOLs are hired to discuss or advertise the honeypot, and wash trading is used to boost trading volume.

    The honeypot’s creator can also drive traffic using various promotion techniques. They might use search engine optimization, paid ads, and fake accounts to generate engagement. The goal is to spread links and information about the fraudulent platform as widely as possible.

  3. Victims invest money

    Investors, attracted by the promise of high returns, buy tokens or deposit funds into a fraudulent platform or liquidity pool. The smart contract may allow deposits and show positive results, creating the illusion of a legitimate, profitable project.

    In most cases, the contract starts with allowing small transactions and withdrawals to create a sense of security and trust with users. Victims see some returns and get comfortable with the honeypot. Once users are satisfied with small transactions, they invest larger sums.

  4. Funds become trapped

    The key trap of this honeypot is that while users can deposit funds, they cannot withdraw them. The smart contract contains hidden functions or bugs that block withdrawal attempts. In some cases, only the creator’s account can withdraw funds, or there may be a fee structure that drains user balances on attempted withdrawals.

    A honeypot may show high returns on investment, but when the user tries to sell or transfer their coins, the transaction fails due to hidden logic in the contract. Meanwhile, the scammer can withdraw their share or move the funds into another wallet.

  5. Thieves drain users' funds and disappear

    Once enough money is invested, the fraudsters disappear, preventing victims from retrieving their funds. Recovering the stolen funds is almost impossible because smart contracts are autonomous and cannot be reversed once deployed on the blockchain.

Honeypot schemes effectively exploit crypto users by making the scam appear legitimate and profitable.
 

Honeypot crypto scam: example

The Squid Game honeypot in 2021 is one of the most infamous examples. It capitalized on the massive popularity of the Netflix series Squid Game and lured investors into a fraudulent cryptocurrency that ultimately resulted in a rug pull. Let’s break it down in detail.
 

— Squid Game coin (SQUID) launched on October 2021

The SQUID cryptocurrency was inspired by the hit TV show Squid Game and marketed as the native currency for an upcoming play-to-earn game based on the show's themes.

It quickly gained traction due to the show’s viral success, and the coin was promoted across social media and major crypto news outlets, further fueling its hype.
 

— Rapid price surge and FOMO (Fear of Missing Out)

SQUID prices skyrocketed in just a few days after launch, attracting many retail investors. The price surged from a few cents to over $2,800 in less than a week. The fear of missing out caused by the rapid price increase pushed even more people to invest despite some early warnings from experts within the crypto community.
 

— The honeypot mechanism kicks in

While investors could easily buy the Squid Game coin, they soon discovered that selling or transferring it was impossible. The scammers had embedded a honeypot mechanism into the smart contract, which allowed investors to buy but blocked them from selling or cashing out their profits.
 

— Red flags and warnings appear

Several warning signs became apparent as SQUID became more popular, but they were largely overlooked due to the excitement surrounding it:

  • No affiliation with Netflix: Despite using the Squid Game name and themes, it had no official connection with Netflix or the show's creators.
  • Unverified team: Its developers were anonymous, with no verifiable information about their identities.
  • Unprofessional website: The website contained grammatical errors, limited details, and vague information about the project.
  • Buy but no sell: Early users warned that they could not sell their coins and were often dismissed by others caught in the hype.
  • Expert warnings: Crypto watchdogs and forums such as CoinMarketCap raised concerns, labeling the cryptocurrency as suspicious and warning investors of potential fraud, but this did not stop the massive influx of buyers.
     

—The Rug Pull

On November 1, 2021, after SQUID reached its peak price of around $2,861, the developers pulled the rug and suddenly withdrew all liquidity. This event caused its value to plummet to nearly zero within minutes, leaving investors with a worthless cryptocurrency. Scammers made off with approximately $3.38 million.
 

Aftermath

The Squid Game honeypot left thousands of investors with significant losses, further reinforcing the need for caution when investing in new and unverified cryptocurrency projects.

Major media outlets and crypto commentators used this incident to highlight the prevalence of honeypots and the need for better due diligence.
 

Honeypot crypto checker Solana

A honeypot attack typically works on an Ethereum Virtual Machine (EVM) blockchain. On the Solana, dApps run as precompiled binaries, so there is no way to view their source code. This makes it much easier to deploy malicious contracts. 

Honeypots on Solana often include a contract with the ability to freeze your assets, but the end result is the same: you lose everything. These types of contracts typically block your wallet from selling or transferring funds to another wallet after you purchase them. 


You should check is whether the asset's contract has the mint function enabled and liquidity unlocked. These two features are commonly found in the "honeypots". You can also use a honeypot checker like solsniffer or detecthoneypot before buying a token.
 

How to get out of honeypot crypto

We saw this post on reddit and decided to give some insight.

I’m in a honey pot token and it’s worth a lot now. Is there anyway I can get out of it or someone get me out of it. Im willing to compensate anyone who can help me!!!!

First, no one can help you. "Once the honey goes into the pot, it stays there". Secondly , do not interact with anyone promising to help. Ignore messages like these: 

Yes sure, if you give me 10 Solanas I'll get it out for you. Message me at abcdefghijklmnop@gmail.com  Dw I'll send  DMs right now. We'll sort it out for you.

The first rule to investing in volatile assets like cryptocurrencies is Do Your Own Research before investing. Second rule is never invest more than you can afford to lose. 
 

How to protect yourself from honeypots: checklist

Honeypots can be difficult to detect, but following these best practices can minimize your risk of falling for such fraudulent schemes. Here’s a checklist of how you can protect yourself:

  • Thoroughly investigate any project before committing funds. This includes checking its whitepaper, verifying the development team, and reviewing its community presence.
     
  • Look for reviews. Search for independent reviews or discussions about the project in trusted crypto forums like Reddit’s r/Cryptocurrency or Bitcointalk. Negative reviews or widespread concerns can be early warning signs.
     
  • Check for complaints. Fraudsters often create short-lived projects, so past victims might have already reported issues. Websites like Token Sniffer may highlight problems with a project.
     
  • Check for legal registration. Verify if the project is registered with any legal authority, especially if it claims to be regulated. While this is rare for decentralized projects, it’s a helpful check for centralized ones. Avoid investing in projects with anonymous or unverified developers, as these often lack accountability and may vanish with your funds.
     
  • Check certificate validity. A valid SSL certificate ensures the website has encrypted communication between your browser and the server, reducing the risk of being scammed. Look for HTTPS in the site’s URL and ensure it shows as “Secure” in your browser.
     
    Fraudulent sites often have invalid or absent SSL certificates. Tools like SSL Labs or Qualys SSL Test allow you to check the security certificate status of a website. If a crypto-related website lacks a valid SSL certificate, it’s a major sign that the platform could be fraudulent or compromised.
     
  • Check liquidity before investing in any asset. Low liquidity or difficulty cashing out are key indicators of a potential honeypot. Use tools like DEXTools or Uniswap analytics to see the liquidity pools supporting the asset. If the liquidity is low or controlled by a few wallets, this is a potential red flag.
     
  • Test the sell button. If you can’t easily sell the asset or if you notice that its price is highly manipulated, it is a honeypot. You can use analysis tools such as PooCoin to check for suspicious patterns. Illiquid assets, where only certain wallets can sell or where buy orders are filled but sell orders aren’t, are strong signals of honeypots.
     
  • Be skeptical of celebrity endorsements for crypto projects. Scammers often fake endorsements or hack popular accounts to promote their scam crypto. Verify the authenticity of any endorsement and see whether the celebrity has publicly confirmed their involvement with the project.
     
  • Check for hacked accounts. Sometimes, celebrity or verified social media accounts are briefly hacked and used to promote scam coins. Always verify if the promotion is legitimate by looking for official announcements. In 2021, scammers briefly hacked high-profile Twitter accounts to promote fake giveaways and airdrops. Always double-check promotions through multiple sources.
     
  • Turn off automatic permissions. Disable automatic permissions when connecting wallets to decentralized apps (DApps). Always manually review and approve permissions, especially for smart contracts. Use tools like Etherscan or BscScan to verify the permissions the DApp requests. If a contract asks for full access to your funds or tokens without a valid reason, it’s a serious red flag. 
    Use tools like Revoke.cash to review and revoke unnecessary permissions to DApps after interacting with them.
     
  • Use cold storage. Store most of your crypto in cold storage (hardware wallets) instead of keeping large amounts in hot wallets or exchanges. Cold wallets are offline and immune to online hacks, phishing attempts, and malicious contracts. Devices like Tangem Wallet allow you to secure your assets offline.
     
  • Enable Two-Factor Authentication (2FA). Activate 2FA on all your exchange accounts and wallets for an added layer of security. This makes it harder for scammers to gain access, even if they manage to steal your login credentials. Use apps like Google Authenticator or Authy rather than SMS-based 2FA, which is more prone to SIM-swapping attacks.

 

What to do if you’ve fallen victim to a honeypot scam

Falling victim to a honeypot can be a devastating experience. But acting quickly and responsibly can help mitigate the damage and protect others from falling into the same trap. Here’s what you should do:

  • Report the fraud to crypto exchanges and law enforcement
    If the scam occurred on a known exchange or if you used an exchange to transfer funds into the honeypot, immediately report the fraudulent activity to that platform. While many decentralized projects are harder to track, centralized exchanges may help to flag the scammer’s wallet or freeze any suspicious accounts.

    If the scam was listed on platforms like CoinMarketCap or CoinGecko, consider reporting the token as fraudulent to get it delisted, helping to prevent others from becoming victims.
     

  • File a report with law enforcement
    Depending on your jurisdiction, you should file a report with local or national authorities, especially those specializing in cybercrime. In the U.S., this could be through organizations like the FBI’s Internet Crime Complaint Center (IC3) or Europol’s Cybercrime Centre for European citizens.
    While recovering funds through law enforcement is difficult, it creates an official record and can contribute to larger investigations.
     

  • Notify blockchain analytics firms
    Services like Chainalysis or CipherTrace track suspicious activity on blockchains. Reporting to these firms can help with blacklisting scammer's wallets or identifying larger fraudulent networks. Before reporting, collect evidence—transaction logs, wallet addresses, screenshots—to strengthen your case.

  • Secure your remaining assets
    Stop all further interactions with the suspicious wallet or contract. If you continue interacting with them, fraudsters may use phishing tactics or insert malicious code to drain more funds from your accounts.

    Transfer your remaining assets to a trusted, secure wallet. Consider moving them to a cold wallet like Tangem Wallet. Tangem is an offline hardware wallet with strong security measures. If you’re using a compromised software wallet, consider creating a new wallet and transferring your remaining assets to prevent further losses.
     

  • Revoke contract permissions
    If you interacted with a malicious smart contract, the fraudster may still have access to your wallet. Use tools like Etherscan’s Token Approval Checker to revoke any permissions granted to malicious contracts or addresses. Many platforms and wallets have tools that allow users to revoke permissions for DApps they’ve interacted with, preventing potential access to their funds. Learn more about revoking permissions here.
     

  • Raise awareness on social media
    Use platforms like Twitter, Reddit, or Telegram to share your experience with the wider crypto community. The more people know about the scam, the fewer victims the fraudsters can deceive. Share details about the scam, including the project’s name, the wallet addresses used, and how the honeypot functioned to prevent others from falling into the same trap.
     

Conclusion

Honeypots pose a significant threat to cryptocurrency investors. To avoid falling victim, you must remain vigilant, conduct thorough research, and use protective measures outlined in this article. Always approach new projects cautiously, especially when they involve anonymous teams, sudden price surges, or questionable endorsements. These best practices can protect your crypto assets and help create a safer crypto environment.

FAQ: Honeypot Crypto  

1. What is a honeypot scam?

A honeypot scheme is a type of fraud where attackers create a seemingly legitimate and lucrative cryptocurrency-related opportunity, such as a coin, trading platform, or smart contract, to lure unsuspecting investors. Once victims invest or interact with the system, the scheme traps the funds and makes it impossible to withdraw or retrieve them.

2. How does a honeypot scam work?

Honeypot scams often involve sophisticated tactics, such as:

  • Deploying malicious smart contracts that allow deposits but block withdrawals.
  • Offering assets with attractive incentives, like extremely high returns or discounts, to entice investors.
  • Using fake trading platforms or exchanges where deposits are accepted, but withdrawals fail under false pretenses.

Victims only realize they’ve been scammed when they attempt to withdraw funds and discover the restrictions.

3. What are common signs of a honeypot scam?

Some red flags include:

  • Too-good-to-be-true offers: Promises of unusually high returns or risk-free investments.
  • Opaque smart contract code: Code that is difficult to verify or lacks transparency.
  • Limited withdrawal options: Terms or processes that make withdrawing funds overly complicated.
  • Unverified projects: New or unknown projects that lack reviews, audits, or a credible team.

4. How can I avoid falling for honeypots?

  • Research the project thoroughly: Verify the team’s credentials, check for third-party audits, and read reviews.
  • Analyze the smart contract: Use blockchain explorers or trusted tools to review contract code and identify potential traps.
  • Avoid pressure tactics: fraudsters often create urgency, like limited-time offers, to push investors into acting quickly.
  • Stick to reputable platforms: Only trade on well-known exchanges and invest in projects with established reputations.
  • Test with small amounts: Before committing large funds, test withdrawal processes with minimal investment.

5. Are honeypot scams illegal?

Yes, honeypot scams are illegal in most jurisdictions as they involve fraud and financial theft. Victims can report such scams to relevant authorities, although recovering funds is often challenging due to the anonymity of blockchain transactions.

6. How do honeypot scams affect the crypto space?

These scams harm the reputation of cryptocurrencies by eroding trust among users and deterring new investors. They also highlight the importance of security awareness and diligence in the crypto ecosystem.

Staying informed and cautious is the best defense against honeypot frauds. Always do your due diligence before engaging with any crypto project.