How to Spot a Rugpull: 5 Warning Signs Anyone Can Check

Learn the five on-chain warning signs that a memecoin is about to rugpull. Real examples, free tools, and a simple checklist to protect your money.

Alex
March 18, 2026
7 min read
How to Spot a Rugpull: 5 Warning Signs Anyone Can Check

How to Spot a Rugpull: 5 Warning Signs Anyone Can Check

Let me save you some money.

Somewhere right now, a token is launching on Pump.fun. It's got a cute name, a Telegram that's popping off, and a chart that only goes up. In about forty minutes, every penny in that liquidity pool will vanish. The creator will delete their socials. And a few thousand people will be staring at a token worth exactly zero.

I've watched this happen hundreds of times. I've been on the wrong side of it too (don't ask me how much I lost). But here's the thing nobody tells you: most rugpulls aren't sophisticated. They leave fingerprints everywhere. You just need to know where to look.

Here are five checks that take less than ten minutes. They won't catch everything. But they'll catch the dumb ones, and most of them are dumb.

1. Check If the Liquidity Is Actually Locked

This is the big one. The single most important thing you can verify.

When you buy a memecoin on a decentralized exchange (DEX), your money goes into something called a liquidity pool (think of it as the cash register that makes trading possible). If the person who created that pool can pull the cash out whenever they want, congratulations: you're one click away from losing everything.

A rugpull literally means someone yanks the liquidity out. Gone. Your token still exists, but nobody can sell it because the register is empty.

Here's what to check: go to RugCheck.xyz, paste the token's contract address, and look at the liquidity status. You want to see "locked" with a timeframe of months, not days.

Liquidity locked for 7 days? I've had leftovers in my fridge longer than that. A week-long lock is basically a scammer saying "I'll rug you next Tuesday." Look for locks of 6 months minimum. A year is better.

The $LIBRA token, the one Argentina's President Milei promoted in February 2025? The insiders cashed out over $100 million from the liquidity pools, according to blockchain analytics firm Bubblemaps. The token had hit a $4.56 billion market cap. Then it crashed 89% in three hours. According to Nansen's data, about 86% of traders lost money, with total losses hitting $251 million as reported by CoinDesk.

If the liquidity had been locked, that literally could not have happened.

2. Look at Who Holds the Most Tokens

Here's a pattern I've seen play out fifty times: a token launches, ten wallets buy up 60% of the supply in the first three minutes, then they wait for retail traders (that's you) to push the price up before dumping everything at once.

You become what's called exit liquidity (the person who buys right before everyone else sells). Not a fun role.

How to check: use Bubblemaps. It shows every wallet that holds a token as a bubble. Bigger bubble, more tokens. And here's the important part: lines between bubbles mean those wallets have sent tokens to each other. If the top ten holders are all connected? Same person. Different wallets. One exit plan.

A healthy token has its supply spread across hundreds or thousands of wallets with no single group controlling more than 10-15%.

The $HAWK token, launched by internet personality Haliey Welch in December 2024, is a textbook example. It hit a $491 million market cap, but only about 3-4% of the supply was actually available for public sale. A handful of insider wallets held the rest and started dumping almost immediately. The token crashed over 90% within hours. A class action lawsuit followed.

3. Check Mint Authority and Freeze Authority

These are two hidden permissions that most beginners never look at. They're also two of the easiest ways to get scammed.

Mint authority means the token creator can print new tokens whenever they want. Imagine buying a limited edition sneaker, then the company decides to make ten million more. Your "investment" gets diluted to nothing.

Freeze authority means the creator can freeze your wallet. You literally cannot sell. You can buy, but you can never leave. That's called a honeypot (a trap where you can buy but never sell).

Both of these show up on RugCheck when you paste in a token address. If either authority is still enabled, walk away. It takes the creator about ten seconds to renounce these authorities. If they haven't bothered, ask yourself why.

Legitimate projects renounce both authorities before or immediately after launch. It's the bare minimum. Like a restaurant having running water. If they don't have it, you don't eat there.

4. Watch the First Few Minutes of Trading

I've seen this movie before. Token launches. Chart is a perfect green staircase going up. No red candles at all. Everyone in Telegram is screaming rocket emojis.

Nope.

A chart with zero sell pressure in the first few minutes is almost always artificial. Real trading looks messy. Real people take profits. Real charts have red candles mixed in with the green ones.

Here's what to look for on a tool like DEXTools or Birdeye:

  1. Only buy orders, no sells. Classic honeypot signature. If nobody is selling, it might be because nobody can sell.
  2. Identical trade sizes. If you see the same amount being bought over and over (0.5 SOL, 0.5 SOL, 0.5 SOL), those are bots creating fake volume.
  3. Volume vs. holder mismatch. High trading volume but very few unique holders means a small group is trading with themselves.
  4. The Telegram is ALL hype, zero substance. If the chat is nothing but "LFG" and rocket emojis and anyone asking questions gets muted, that's not a community. That's a marketing funnel.

On an average day, over 10,000 new tokens launch on Pump.fun alone. According to an analysis by Chainplay, about 9,900 of those die within 24 hours. A 95% daily death rate. The ones that survive aren't the loudest. They're the ones where the fundamentals actually check out.

5. Google the Creator (Yes, Seriously)

This one feels too simple to work. It works.

Most scammers don't run one scam. They run dozens. The same wallet, the same playbook, a different animal name. Search the deployer wallet address on Solscan or any blockchain explorer. Look at what other tokens that wallet has created.

If the same wallet launched $CATGOLD last week and $DOGEMOON the week before and both went to zero? You know what happens next.

You can also check the token's social links. Does the Twitter account have a history? Or was it created yesterday with 47 followers and a stolen profile picture? Is the website a single page with a stock photo of a rocket? (Yes, I've seen this. Multiple times.)

The $NYC memecoin tied to New York City Mayor Eric Adams launched in January 2026 and lost investors about $3 million, according to Gate.io's analysis. A quick background check on the project would have shown zero credible team information and no legitimate connection to the mayor's office.

Ten minutes of Googling. That's all it would have taken.

Key Takeaways

  • Check liquidity lock status on RugCheck.xyz before buying anything. No lock or short lock means walk away.
  • Use Bubblemaps to see if the top holders are all connected to the same source wallet.
  • Verify that mint authority and freeze authority have been renounced, or you might be buying a honeypot.
  • Watch for fake trading patterns: no sell orders, identical buy sizes, and volume that doesn't match the holder count.
  • Search the deployer wallet's history. Repeat scammers reuse the same wallets across dozens of tokens.

Real Talk

Look. About 98% of tokens on Pump.fun end up worthless, according to a Solidus Labs analysis. That's not a typo. Ninety-eight percent.

Most people reading this are going to skip half these checks because the chart looks good and the Telegram is vibing. I know because I've done it too. But the people who actually paste the address into RugCheck, actually open Bubblemaps, actually spend ten minutes before spending their money, those are the ones who are still trading six months from now.

Tools like Drill.meme's Oracle run these kinds of security checks automatically on thousands of tokens daily, so you don't have to do it all by hand. But whether you use a tool or do it yourself, the point is the same: check first, ape later.

Be that person.

Sources

  1. Argentina's LIBRA Memecoin Fiasco Destroyed $251M in Investor Wealth — CoinDesk
  2. Solidus Labs: Solana Rug Pulls & Pump-and-Dumps — Solidus Labs
  3. Every 24 Hours on Pump.fun, 10,417 Tokens Are Launched — Chainplay
  4. How to Spot a Meme Coin Rug Pull: Five Key Signs — Analytics Insight
  5. Over Half a Billion Lost in Memecoin Rug Pulls in 2024 — CoinDesk
  6. $Libra cryptocurrency scandal — Wikipedia
  7. Eric Adams NYC Memecoin Rugpull: $3 Million Loss — Gate.io
  8. Get Started with Bubblemaps: Token Connections and Red Flags — Bubblemaps
Tags: #rugpull #memecoin scams #solana #token safety #beginner guide

Related Articles

image
7 min read
Mar 6, 2026

Japan's PM Just Denied a Memecoin Named After Her. It Crashed 75%.

Japan's Prime Minister Takaichi disavowed the Solana-based Sanae Token, crashing it 75%. Here's what happened, why it matters, and what memecoin traders should learn.

image
6 min read
Mar 7, 2026

Pump.fun Just Became Way More Than a Launchpad

Pump.fun now lets you trade tokens from Raydium, Meteora, and more. Here's what changed, why it matters, and what memecoin traders should know.