Solana scams follow predictable patterns. Research from Solidus Labs found that roughly 98.7% of tokens launched on Pump.fun show characteristics of pump-and-dump schemes or rug pulls. The median time from token launch to rug pull is approximately 18 hours. Liquidity removal takes 30 to 90 seconds once a developer initiates it. Understanding how these attacks work, how to check mint authority and freeze authority before buying anything, and what phishing and drainer attacks look like in practice is the difference between keeping your funds and losing them. This guide covers every major scam type on Solana, the tools that catch them in under two minutes, and what to do if something goes wrong. Always run a free check on RugCheck.xyz before putting money into any token you have not thoroughly verified.
How Solana Scams Actually Work
Solana scams fall into three categories. Most losses come from one of these three patterns, and recognising which one you are dealing with tells you immediately what to look for before putting money in.
Rug Pulls
A rug pull is the most common Solana scam. Developers launch a token, generate hype on Telegram and Twitter, attract buyers who push the price up, then drain the liquidity pool in a single transaction. The token price collapses to near zero in seconds. The stolen funds move through multiple wallets and are gone within hours.
The mechanism is straightforward. When a token launches, the developer adds SOL and the token to a trading pool on Raydium or a similar platform. Buyers swap SOL for the token, which means SOL accumulates in the pool. The developer holds LP tokens representing their ownership of that pool. When they decide to exit, they redeem those LP tokens and withdraw all the SOL, leaving nothing for other holders to sell into. Without locked liquidity, this can happen at any moment with no warning.
According to DailyCoinPost’s research, token creation on Solana costs less than a dollar and takes minutes. The low barrier means rug pulls on Pump.fun run at industrial scale. Any given day sees hundreds of tokens launch, hype briefly, and collapse. Most retail buyers who lose money never knew the difference between a token with locked liquidity and one that could be drained in the next block.
Honeypot Scams
A honeypot is more calculated than a rug pull. You can buy the token without any problem. The price may even go up. But when you try to sell, the transaction fails. Either the developer used freeze authority to lock your specific token account before you could exit, or they programmed a hidden sell restriction into the SPL token standard so that only their own wallet can sell.
The honeypot model is designed to string buyers along. The chart shows consistent gains, new buyers keep entering, and meanwhile the developer slowly sells their own position into the buying pressure. Every time a victim tries to exit, the transaction reverts. Eventually the developer dumps everything and the freeze authority that was silently active the whole time becomes obvious to anyone who checks. By then the developer has already moved on.
Checking whether freeze authority has been revoked before you buy is the only reliable protection against this specific attack. A single lookup on Solscan takes thirty seconds.
Pump-and-Dump Schemes
A pump-and-dump scheme does not require any technical mechanism at all. A coordinated group, often using a private Telegram channel, buys a token simultaneously to spike the price. The price move attracts retail buyers who see it trending. The group sells into that retail buying pressure and exits before the price collapses. The retail buyers are left holding a worthless position.
Sniper wallets are a common signal of a coordinated pump setup. These are addresses that bought the token in the first few seconds of launch at prices far below the public entry price. If you see ten addresses all buying in block one or two, funded from the same source wallet, they likely belong to the same person running the scheme. Wash trading, artificially inflating volume by trading between wallets you control, is another tactic used to make a dead token look active on Telegram groups and price tracking sites.
To understand the smart contract architecture that allows these token authorities to be set and exploited, our guide on Solana smart contracts explains how programs are deployed and how token permissions work at the code level.
The Scale of the Problem on Solana
The numbers make the problem concrete. Solidus Labs research found that approximately 98.7% of tokens launched on Pump.fun show characteristics of pump-and-dump schemes or rug pulls. Around 93% of liquidity pools on Raydium that were examined in the same study showed similar patterns. These are not edge cases. The majority of tokens you encounter in active trading channels are either already worthless or set up to become worthless on command.
Over $90 million was lost to phishing on Solana in the first half of 2025 alone. Drainer kits like Riddance now operate as commercial services sold on private forums, with pre-built phishing templates and real-time Telegram dashboards showing operators which wallets have been drained. The industrialisation of these tools means a single bad actor can run dozens of simultaneous campaigns without writing a single line of code.
Solana’s own attributes make it attractive to scammers for structural reasons. Token creation costs less than a dollar. Transactions confirm in under a second, which means a liquidity drain happens before most users can react. The network’s speed, which is a genuine feature for legitimate use, also means that rug pull timing can be measured in seconds rather than minutes. Once liquidity has been removed, recovery is close to impossible. The funds move through multiple addresses before most victims have even refreshed their wallet.
Red Flags Before You Buy Any Solana Token
Most Solana scams are detectable before you buy, if you know what to check. The red flags below cover the on-chain signals that appear in nearly every rug pull, honeypot, and pump-and-dump before the exit happens. Missing any one of them can be the difference between a bad investment and a total loss.
Mint Authority Is Still Active
Mint authority is the power to create new tokens at any time. If the developer retains mint authority after launch, they can print unlimited tokens and sell them into the market whenever they choose, instantly diluting every existing holder’s position to near zero. This is one of the most obvious and most commonly exploited permissions in the SPL token standard.
What to look for: go to Solscan, paste the token’s contract address, and click on the Authority tab. Mint authority should show as revoked or null. If it points to a live developer wallet address, that developer can inflate supply at will. Treat any active mint authority as an immediate disqualifier before spending anything.
Freeze Authority Is Still Active
Freeze authority allows a developer to freeze individual token accounts, permanently preventing those holders from transferring or selling. This is the direct mechanism behind honeypot scams. You buy. The price rises. When you try to sell, your specific account has been frozen and the transaction fails. The developer meanwhile has been selling their own unfrozen position the entire time.
On the same Authority tab in Solscan, freeze authority should also show as revoked. There is no legitimate reason for a memecoin or new project to retain this permission after launch. Any active freeze authority is a honeypot waiting to be triggered.
Update Authority Is Not Revoked
Update authority controls the token’s metadata, meaning its name, symbol, logo, and description. If this has not been revoked, the developer can rename the token after you buy it, change the logo to imitate a legitimate project, and redirect victims to a phishing site that looks like the new name’s real website. The underlying token you hold remains the same contract address but the visual layer changes entirely.
Check this on the same Authority tab. All three permissions, mint, freeze, and update, should be revoked before you consider buying any token from an unknown project.
Liquidity Is Unlocked or Controlled by One Wallet
Even if all three authorities are revoked, locked liquidity is non-negotiable. Without it, the developer can drain the entire trading pool in a single transaction at any time. Locked liquidity means the LP tokens representing pool ownership have been sent to a time-lock contract with a specific expiry date. Burned liquidity is better still: the LP tokens have been permanently destroyed and no one can ever withdraw the pool.
Check the lock date on platforms like Streamflow or verify it on DexScreener. A lock that expires in 48 hours is essentially meaningless. A lock that expires in 30 days is better but still short. Look for locks of 6 months or longer, or burned liquidity that can never be touched. If a single wallet controls a concentrated portion of the LP tokens without any time lock, the developer can drain at will.
One Wallet Holds More Than 15% of Supply
Check the top holders of any token before buying. If a single wallet holds more than 15% of supply, excluding the liquidity pool, that wallet has enough concentrated position to crash the price in a single sell. Look also at whether the top 10 holders all received their tokens from the same source wallet. Coordinated wallets funded from the same origin are likely the same person operating a planned dump.
Sniper wallets are specifically worth identifying. These are addresses that bought in the first block or two after launch, at prices far lower than any public buyer could access. Check the transaction history on Solscan and look for addresses with very early timestamps at suspiciously low prices. These are almost always developer or insider positions prepared for a planned exit.
The Team Is Anonymous With No Track Record
Anonymous teams are not automatically a red flag. Many legitimate crypto projects are built pseudonymously. But an anonymous team with no verifiable history, no prior projects with a track record, and no accountability is a different matter entirely. Before buying, check the developer wallet on Solscan for its transaction history. If that address has launched three other tokens that all went to zero within 24 hours, the pattern is clear. Previous rug pulls from the same address are the strongest predictor of a repeat.
Look for a credible whitepaper or roadmap with specific, realistic goals rather than vague promises. Check LinkedIn profiles if the team claims to be public. Look for GitHub activity if the project claims to be technical. A real team has verifiable history.
Urgency, Guaranteed Returns, and Paid Shills
Urgency tactics are the most reliable psychological signal of a scam. “Presale ends in 2 hours,” “only 500 spots remaining,” “buy before it lists on Raydium” are all manufactured FOMO. Legitimate projects do not need to pressure buyers into acting before they have time to think.
Guaranteed returns are a lie in every market and in crypto specifically. Any project promising “100x guaranteed” or “risk-free gains” is either lying or delusional. Neither is a reason to put money in. If ten Twitter accounts with large followings all post about the same new token on the same day, they were almost certainly paid to do so. This is a standard pump setup using paid influencers without disclosure.
DailyCoinPost research shows that scammers deliberately time liquidity withdrawals for weekend launches, when exchange support teams are slower to respond and the on-chain monitoring community is less active. A token that launches Friday evening and shows massive gains over the weekend is statistically more likely to be a coordinated pump than a project that launches mid-week with gradual organic growth.
Real Solana Scams: What Actually Happened
Abstract descriptions of scam patterns are less useful than documented cases.
These three incidents illustrate how the same mechanisms play out in practice and how fast losses accumulate when the warning signs are ignored.
The $2.6 Million Ansem Impersonation
Ansem is a well-known crypto analyst and Solana community figure with a large Twitter following. In one of the most documented impersonator attacks on Solana, a scammer created a near-identical account, matched the username, profile image, and posting style, and used it to promote a fake presale for a token named BULL. The fake account claimed this was a legitimate project backed by Ansem. Over $2.6 million in Solana tokens were transferred to the scammer’s wallet before the community identified the account as fraudulent. The real Ansem had no connection to the project. The funds were gone within hours of the fake presale announcement.
This case illustrates how fake influencer attacks work at scale. The scammer did not need to build a convincing token. They only needed to borrow the credibility of an existing trusted voice long enough for buyers to act without checking. Always verify the account age and follower history of any influencer promoting a new token before treating it as a legitimate signal.
Step Finance and the $27 Million Treasury Attack
In January 2026, Step Finance, a Solana portfolio tracking and DeFi platform, suffered a treasury compromise that resulted in a loss of approximately $27 million. The attack targeted the protocol’s treasury management rather than individual user wallets, but it highlights that smart contract and operational security failures can affect established platforms, not just anonymous memecoins. Users who had significant positions in Step Finance’s yield products lost access to funds during the incident. The investigation was still ongoing as of the time of writing.
The lesson is not that Step Finance was a scam. It is that smart contract risk applies across all protocols regardless of track record, and no amount of due diligence on a token’s authorities protects against a protocol-level exploit. Diversifying positions across multiple protocols and keeping significant holdings in self-custody wallets rather than protocol vaults reduces exposure to this category of loss.
How Slerf Impersonators Exploited a Mistake
Slerf was a Solana project where the developer accidentally burned the liquidity pool tokens and the presale airdrop allocation in the same transaction, destroying roughly $10 million in presale funds that were supposed to be distributed to buyers. This was not a scam on the developer’s part. It was a costly mistake made publicly and transparently.
What followed was a textbook social engineering attack. Impersonators immediately created fake Twitter and Telegram accounts mimicking the Slerf team, posted announcements claiming buyers could recover their lost presale funds by clicking a link and connecting their wallet, and drained additional funds from victims who followed those instructions. The scammers did not cause the original mistake. They parasitised the confusion it created to steal from people who were already affected and looking for a solution.
When any project has a high-profile incident, assume that fake recovery accounts will appear within hours. Never connect your wallet to any site promoted in the aftermath of a public incident without independently verifying the URL through the project’s original, verified social channels.
Giveaway and Airdrop Scams on Solana
Fake airdrop and giveaway scam attacks are the oldest format in crypto fraud and still among the most effective. They work because they exploit the fact that legitimate airdrops do exist on Solana, making the fake version plausible enough to fool users who do not know what distinguishes a real one.
How Fake Airdrop Sites Work
Scammers register lookalike domains that closely resemble legitimate Solana platform URLs. A domain like solana-rewards.io or sol-airdrop.com looks plausible at a glance, especially when accompanied by Solana’s actual branding and imagery used without permission. These copycat sites promote a giveaway of anywhere from 100 to 1 million SOL tokens, completely free, requiring only that you “verify” your wallet by connecting it and entering your seed phrase or private keys.
Once you submit your seed phrase or connect with a signature that grants spending permissions, the attacker has everything they need to drain your wallet. The process is automated. The average time from connection to full wallet drain in documented attacks is under three minutes.
The platforms are promoted through bot accounts on Twitter, direct messages on Telegram and Discord, SMS spam, and email campaigns. Any link arriving unsolicited from a source you did not specifically opt into should be treated as a potential phishing site until you have independently verified the URL through official channels.
There Are No Real Solana Giveaways
The Solana Foundation does not run token giveaways that require you to connect your wallet to claim free SOL. Legitimate airdrop programs from real Solana projects distribute tokens based on on-chain activity snapshots: you qualify automatically if your wallet meets the criteria, and the tokens arrive without you visiting any site or connecting your wallet.
Any platform asking you to connect and enter credentials to claim a free SOL allocation is a giveaway scam. The premise itself is the red flag. If it sounds too good to be true, it is. MalwareTips put it plainly: “There are no such things as free giveaways in crypto. Any site promising as much is a scam.” There are no exceptions to this rule worth treating as a genuine opportunity.
How to Stay Safe Around Airdrops
For legitimate airdrops, follow these rules. Only enter your public wallet address, never your seed phrase or private keys, on any claim site. Verify the claim URL by going to the project’s official Twitter or Discord and finding the link there directly, not from a DM or reply thread where it could be planted by an impersonator.
Use a dedicated burner wallet for airdrop claims. Keep this wallet separate from your main holdings. If a claim site is malicious and drains the burner, the damage is limited to whatever small balance you keep there. Your cold wallet with significant holdings stays untouched because it never connected to anything new. If any claim process asks you to deposit SOL as a fee before you can receive the airdrop, stop immediately. That request is the scam. Legitimate airdrops never require you to send funds to receive funds.
To learn about setting up a secure wallet structure with a separate burner and a main wallet that stays protected, our guide on how to create a Solana wallet covers the full setup process including seed phrase backup and security configuration.
Phishing, Drainer Links, and Wallet Attacks
Phishing on Solana has evolved well beyond fake airdrop sites. In 2026, drainer kits are commercial products that non-technical attackers can deploy in minutes. Riddance and similar platforms operate with subscription models, providing pre-built phishing templates, automated wallet scanning tools, and real-time dashboards showing which connected wallets have been successfully drained. The barrier to running a phishing campaign is now essentially zero.
How Drainer Attacks Work
A drainer attack works by getting you to sign a transaction that grants the attacker’s contract unlimited spending permissions on your tokens. The site looks legitimate. The interface resembles a DEX, an NFT mint, or a DeFi protocol. You click a button you think is performing one action, but the malicious transaction you sign grants token approval to a contract that immediately sweeps your wallet.
The most effective protection is reading what a transaction actually says before signing it. Phantom’s Blockaid integration provides transaction simulation that shows in plain language what will happen when you confirm an approval. If the simulation shows token transfers or approval grants you did not initiate, reject it and leave the site immediately. Never approve a transaction you do not understand.
Clipboard Hijackers and Address Poisoning
A clipboard hijacker is malware installed on your device that monitors your clipboard and replaces any wallet address you copy with an attacker-controlled address before you paste it. If you copy a recipient address, tab away, and paste it into a send field without checking, the funds go to the attacker. The transaction confirms in under a second on Solana and cannot be reversed.
Always verify the first and last four characters of any pasted address against the original before confirming a send. This single habit defeats clipboard hijackers entirely.
Address poisoning is a related attack. The attacker sends a small amount of SOL from an address that looks nearly identical to one you have used before, hoping you copy the address from your transaction history by mistake the next time you want to send to that recipient. Check the full address of any destination you copy from history before sending. Never rely on a partial visual match.
Fake Influencer Scams
The Ansem impersonation above is the documented peak of this category, but fake influencer attacks happen daily at smaller scale. A fake influencer account does not need millions of followers. It needs enough credibility in a specific community to get a few hundred people to act quickly. Creating an account that mimics a respected local voice in a Telegram group, a Discord moderator, or a niche Twitter personality takes minutes.
The consistent pattern is urgency plus authority. The fake account presents as someone trustworthy and adds time pressure that prevents the target from verifying the claim. If a respected figure in any community you follow is suddenly promoting a token you have never heard of, go to their original verified account directly, not through the link provided, and check whether the announcement exists there. In most cases, it will not. The real person will often be actively warning their audience about the fake account by the time you check.
Social engineering in crypto exploits trust and speed. Slowing down and verifying independently before acting defeats it in almost every case.
For a clear picture of how Solana processes transactions and why they are irreversible once confirmed, our guide on how Solana works covers the validator consensus model and transaction finality in detail.
Tools for Checking Solana Tokens Before Buying
All the red flags described above can be checked manually on Solscan. But several free tools automate the process and return a full risk breakdown in under two minutes. Use at least one of these before buying any token you have not thoroughly researched.
| Tool | What It Checks | Free | Best For |
|---|---|---|---|
| RugCheck.xyz | Mint/freeze authority, liquidity lock, top holders, risk score | Yes | First check on any new token |
| SolSniffer | Suspicious patterns, wash trading, automated risk alerts | Yes | Detecting artificial volume |
| DexScreener | Transaction history, bot activity, liquidity depth | Yes | Spotting uniform bot-sized buys |
| Birdeye | Token health, holder analytics, trading patterns | Yes (basic) | Active traders wanting full picture |
| Solscan | Token authorities, wallet history, transaction details | Yes | Manual authority checks |
| TokenSpy | Risk score integrated into DexScreener/DexTools | Yes | In-page risk score without leaving |
RugCheck.xyz is the fastest starting point. Paste any token contract address and it returns a risk score alongside a breakdown of all three authorities, liquidity lock status, top holder distribution, and any flagged risk factors. The whole process takes under two minutes. If a token shows active mint authority, active freeze authority, or unlocked liquidity, stop there and move on.
DexScreener is useful for spotting bot activity in the transaction history. Look at the buy and sell pattern for the token. If you see dozens of transactions of nearly identical size happening seconds apart, automated bots are artificially inflating volume. Real organic trading shows varied transaction sizes and timing. A chart that looks healthy but has uniform transaction sizes is a manufactured appearance rather than genuine demand.
Our guide on Solana transaction fees explains how the cost structure works, which is relevant when evaluating whether the trading volume you see in DexScreener is economically plausible given Solana’s fee levels.
The 2-Minute Pre-Buy Safety Checklist
Before putting money into any token on Solana, run through these eight checks. If a token fails more than two, the risk is not worth taking regardless of how convincing the pitch sounds.
- Paste the contract address into RugCheck.xyz and check the overall risk score. A high-risk score is a stop signal.
- Confirm mint authority is revoked. Active mint authority means the developer can create unlimited tokens at will. Do not buy.
- Confirm freeze authority is revoked. Active freeze authority means you could be honeypotted and unable to sell.
- Check liquidity is locked or burned. Verify the lock date on Streamflow or Raydium’s lock portal. A lock under 30 days is close to meaningless.
- Check top holders on Solscan. No single wallet should hold more than 15% of supply excluding the LP. Check whether the top wallets are all funded from the same source.
- Look at the transaction history on DexScreener. Uniform bot-sized buys of identical amounts are a red flag for artificial volume.
- Search the team on Twitter and Telegram. Search the token name plus words like “scam,” “rug,” or “dev dumped” before making any decision.
- Check the developer wallet history on Solscan. Previous rug pulls from the same address are the strongest single predictor of a repeat.
Failing two checks means the risk is high enough to avoid. Failing one does not automatically mean it is safe, it means the other seven need to be clean before you consider proceeding.
What to Do If You Get Scammed on Solana
Recovery from a Solana scam is, realistically, close to impossible once funds have moved. The speed of Solana transactions means the developer has usually moved funds through multiple addresses by the time you realise what happened. That said, taking the right steps quickly limits further damage and creates a record if you decide to report.
- Disconnect your wallet immediately if you are still on the scam site. Closing the tab is not enough if you have already signed a token approval. The approval persists on-chain until you revoke it.
- Revoke all token approvals your wallet granted to any contract you do not recognise. Use Revoke.cash or Phantom’s built-in approval manager. Every active approval from a scam interaction needs to be revoked before the attacker uses it again.
- Move remaining funds to a new wallet immediately. Generate a fresh wallet with a new seed phrase, write the phrase down on paper, and transfer everything you still hold. Do not reuse a wallet that connected to a suspicious site.
- Never reuse a compromised seed phrase. If you entered your seed phrase anywhere on a scam site, that wallet is permanently compromised. Create an entirely new wallet with a new phrase.
- Scan your device for malware. A clipboard hijacker or keylogger may have captured credentials. Run a full malware scan before using any wallet on the same device again.
- Save all transaction records. Screenshot your transaction history, the scam site URL, and any communications you received. You will need this if you report to authorities or to platforms like CryptoScamDB.
- Report the scam on CryptoScamDB, on the social platforms where you found the link, and in relevant Solana community channels. Reporting helps warn other users before they lose funds to the same attack.
If significant funds were stolen, file reports with the FTC and FBI in the US, or the relevant financial authority in your jurisdiction. Recovery is rare but reporting builds the evidence base that eventually leads to prosecutions.
Once you have secured your remaining funds, our guide on how to store SOL long term covers hardware wallet setup and cold storage practices that prevent most of the attacks described in this guide from being possible in the first place. A Ledger hardware wallet that requires physical confirmation for every transaction stops drainer attacks, fake approval scams, and clipboard hijackers cold.
How to Avoid Solana Scams: FAQs
What Is a Solana Rug Pull?
A rug pull is when a token developer drains the liquidity pool after attracting buyers. They hold LP tokens representing ownership of the pool and redeem them to withdraw all the SOL, leaving the token with no liquidity and a price of near zero. Most rug pulls on Pump.fun happen within 18 hours of launch according to research from Solidus Labs. The liquidity removal itself takes 30 to 90 seconds once initiated.
What Is a Honeypot Scam on Solana?
A honeypot is a token you can buy but cannot sell. The developer uses freeze authority to lock individual token accounts, preventing holders from transferring or selling. Alternatively, they program a hidden sell restriction into the token so only their wallet can exit. You watch the price rise and try to sell at a profit, only to have every transaction fail. Check that freeze authority has been revoked on Solscan before buying any token.
How Do I Check If a Solana Token Is a Scam?
Paste the token contract address into RugCheck.xyz for a free risk scan that covers mint authority and freeze authority status, locked liquidity verification, top holder distribution, and known risk flags. Also check the contract address on Solscan’s Authority tab to verify all three permissions are revoked. Run the transaction history through DexScreener to check for bot activity. The full check takes under two minutes.
Is Pump.fun Safe to Use?
Pump.fun itself is a functioning platform for launching and trading tokens. But research from Solidus Labs found that approximately 98.7% of tokens launched on Pump.fun show characteristics of pump-and-dump schemes or rug pulls. Using it safely means applying all the checks in this guide before buying anything. Always use a dedicated burner wallet with a small balance for Pump.fun activity. Keep your main holdings in a separate wallet that never connects to any new protocol.
What Is Mint Authority and Why Does It Matter?
Mint authority is the permission to create new tokens at any time after launch. If a developer retains mint authority, they can print unlimited tokens and dump them on the market, instantly destroying the value of every existing holder’s position. For any legitimate token, mint authority should be revoked before or immediately after launch. Check the Authority tab on Solscan. If mint authority points to a live wallet address rather than null, treat it as a disqualifier.
What Should I Do If I Connect My Wallet to a Scam Site?
Disconnect immediately and go to Revoke.cash or Phantom’s approval manager to revoke all token approvals you granted. Move remaining funds to a fresh wallet with a new seed phrase right away. If you entered your seed phrase on the site, the wallet is fully compromised and cannot be recovered. Create a new wallet immediately and transfer everything you still hold. Never reuse a compromised wallet or seed phrase under any circumstances.
Are Fake Solana Airdrops Real?
No. Legitimate Solana airdrops distribute tokens based on on-chain activity snapshots. You qualify automatically and the tokens arrive in your wallet without you visiting any site. Any platform asking you to connect your wallet, enter credentials, or send SOL to claim a fake airdrop is a giveaway scam. The Solana Foundation does not run wallet-connection giveaways. If it sounds too good to be true, it is.
How Do I Revoke Token Approvals on Solana?
Go to Revoke.cash and connect your wallet. The tool displays all active token approvals your wallet has granted to external contracts. Revoke any approval you do not recognise or no longer need. Phantom’s built-in approval manager also provides this functionality from within the wallet. After any interaction with a suspicious site, revoking all active approvals immediately limits the window for further damage from a smart contract that already has spending permissions.
What Tools Detect Solana Scams?
The most useful free tools are: RugCheck.xyz for authority checks and liquidity verification, SolSniffer for wash trading detection and automated risk alerts, DexScreener for transaction pattern analysis, Birdeye for holder analytics and trading data, and Solscan for manual authority and wallet history checks. Use RugCheck.xyz as your first stop on any new token and cross-reference with Solscan for the authority tab before committing any funds.
