FindCoin / Features / Token scam checker

Feature · Token scam checker

Check if a token is a scam — in one scan

Paste a contract address. In seconds, FindCoin simulates a sell, reads the contract's code-level permissions, verifies liquidity locks and maps who really holds the supply — then tells you, in plain language, what it found and why it matters.

Why a scam checker exists at all

Creating a token costs almost nothing and takes minutes. That openness is crypto's superpower — and its curse, because the same few lines of code that launch a legitimate project can hide a trap. The most common traps aren't sophisticated hacks; they're permissions quietly written into the token's own contract: the right to block your sell, to raise the exit tax to 99%, to mint unlimited new supply, or to withdraw the liquidity that makes trading possible.

Here's the part most people miss: all of that is public. Every permission, every liquidity lock, every whale wallet is sitting in open blockchain data — it's just unreadable to a normal person. A scam checker is a translator. It reads what the contract can legally do to you, and says it in a sentence you can act on.

The five layers of every scan

1 · Honeypot sell simulation

The single most important test: we simulate an actual sell transaction. If the contract lets you buy but blocks or punishes the exit, that's a honeypot — and no other metric matters. FindCoin runs the simulation through two independent engines and reports both results.

2 · Buy & sell tax analysis

Many tokens skim a percentage of every trade. We measure the real buy and sell tax from simulation — not from what the project claims — and flag the deadlier pattern: contracts where the owner can change the tax later, or set a special rate just for your wallet.

3 · Liquidity lock verification

A rug pull is only possible when the team can withdraw the liquidity pool. We check what percentage of LP tokens is locked in time-lock contracts or burned forever, and how many wallets hold the rest. Unlocked liquidity + anonymous deployer is the classic pre-rug fingerprint.

4 · Holder concentration

When ten wallets hold 87% of a token, the price is those ten wallets' mood. We map the top holders, the creator's remaining bag and the total holder count — because distribution, not marketing, decides whether a chart can survive one seller.

5 · Contract code red flags — 15+ checks

The deep scan: is the source code verified and public? Can the owner mint new tokens, edit balances directly, pause all transfers, or blacklist wallets? Is there a hidden owner behind a "renounced" facade? Can the contract self-destruct? Has this creator wallet deployed honeypots before? Each finding comes with a one-line explanation of what it means for your money — no jargon, no hex dumps.

One score, four verdicts — how to read a report

Every finding carries a weight, and the weights sum into a 0–100 risk score. Fatal findings — a failed sell simulation, or an owner who can edit balances — push the score straight into the danger zone regardless of everything else, because no amount of locked liquidity redeems a token you can't sell.

ScoreVerdictHow to treat it
0–14No red flags foundOur checks found no known danger patterns. Still not a guarantee, an endorsement, or advice — read the community notes too.
15–39CautionSome yellow flags (high tax, concentrated holders, thin liquidity). Understand each one before committing anything.
40–69High riskMultiple serious findings, or one severe permission. The burden of proof is now on the token, not on you.
70–100Likely scamFatal pattern detected — honeypot behavior, balance editing, or a stacked combination. Walk away.

The human layer: votes and comments

Automated checks read code; they can't read a Discord that went silent, a team that stopped shipping, or a "partnership" that turned out to be a photoshop. People can. Every scam report carries a community verdict — good / bad / scam, one vote per visitor — and a comment thread where holders share what the data can't show.

We're honest about this layer's weakness too: token communities attract paid shills and coordinated haters. That's why votes never change the automated score — they sit beside it, clearly labeled as opinion. When 1,200 people mark a "clean-scanning" token as a scam, that disagreement itself is the signal worth investigating.

Every checked token also gets a permanent public page, so the next person who searches that contract finds the report, the votes and the discussion already waiting.

What the scanner cannot do — read this part

An honest security tool tells you where its sight ends, so here is ours. The scanner reads on-chain data; it cannot detect off-chain fraud — fake teams, plagiarized whitepapers, promised products that never ship, or a founder who simply sells everything next month. It cannot see a brand-new scam technique before the pattern is known. And extremely young tokens sometimes return "insufficient data" until indexers catch up.

Most importantly: "no red flags found" means exactly that — nothing more. It is not a safety certificate, not an endorsement, and never investment advice. Some scams pass every automated test and fail only on common sense: guaranteed returns, celebrity screenshots, pressure to buy right now. The scanner finds fingerprints; judgment is still your job. Our 7 red flags guide teaches the manual checks that no tool replaces.

A worked example: reading one real-world pattern

Suppose you scan a token that's four hours old and trending in a Telegram group. The report comes back: sell simulation passed, buy tax 2%, sell tax 2% — encouraging so far. But the next lines change the story: taxes are owner-modifiable, liquidity is 0% locked, and the top ten wallets hold 91% of supply, with the creator sitting on 34%. Score: 74 — likely scam.

Notice what happened: no single finding was a smoking gun. You can sell today; the tax is low today. The verdict comes from the combination — a contract where every friendly setting can be flipped by one wallet that also controls the exit liquidity and a third of the supply. That's not a token with risks; that's a trap that hasn't been sprung. This is why the scanner weighs findings together instead of showing you a checklist of greens and reds and letting the greens soothe you. Scammers optimize for checklists. Patterns are harder to fake.

The reverse pattern matters equally: a token with a scary 12% sell tax but verified source code, burned liquidity and 40,000 well-distributed holders will score Caution, not Likely scam — the tax is a cost, not a cage. The score's job is to tell those two situations apart at a glance; the findings list is there so you can verify its reasoning line by line.

Frequently asked questions

How do I check if a token is a scam?
Copy the token's contract address (from any listing site or the project itself), paste it into the FindCoin scanner, and press Scan. You'll get a risk score, a verdict, and a finding-by-finding breakdown across trading behavior, contract code, liquidity and holders — in plain language.
What does a "no red flags" result mean?
That our automated checks found no known danger patterns in the on-chain data at scan time. It is not a guarantee of safety — off-chain fraud and brand-new techniques are invisible to any scanner. Treat it as one input, alongside the community verdict and your own research.
Which blockchains are supported?
Ethereum, BNB Chain, Base, Polygon, Arbitrum and Avalanche at launch — the networks where the overwhelming majority of token scams operate. More networks are planned.
Is the scam checker free?
Completely. Every scan, report, vote and comment is free with no account required. We believe safety tooling behind a paywall protects nobody.

Got a contract address? Test it.

Thirty seconds of scanning has saved people from months of regret.

Open the scam checker →