Crypto Investors’ Guide to Avoiding Admin Scams

In cryptocurrency and DeFi projects, malicious teams or administrators have developed various fraud schemes by exploiting admin privileges within smart contracts. This report addresses the main methods involved. For each method, a definition and technical explanation are provided, along with the mechanisms used in smart contracts and the specific ways to protect oneself against them. The methods examined include Rug Pull, Honeypot, Fake Liquidity, Infinite Mint / Mint-and-Dump, Tax Fraud (Tax Rug / Fee Switch), Proxy Upgrade Attack, and Freeze & Seize.

Good to know: What Is an LP NFT? The term “LP NFT,” which you’ll frequently encounter in this guide, is like a special digital card used in decentralized crypto exchanges (DEXs).

For people to be able to buy and sell cryptocurrencies on an exchange, there needs to be a certain amount of coins available in the system. Users who supply these coins are given a digital item that serves as proof of their contribution. This digital certificate is called an LP NFT.

An LP NFT includes the following information:

Who added which coins?

In what price range did they provide liquidity?

How much was added?

In short: LP NFT = A digital proof that says “I provided these coins to the exchange.”

Why is it important? Because some scam tactics (such as fake LPs or unlocked LP NFTs) can be carried out through this system. That’s why the term “LP NFT” will appear often throughout this guide—and knowing the basics will be useful.

RUG PULL

⚡ Quick Take: Imagine the floor disappearing under your feet while you’re dancing. In crypto, that sudden floor‑drop is called a rug pull: devs yank out the money and the party’s over.

Check for details

Rug Pull

Honeypot

🍯 Quick Take: A honeypot is a type of crypto scam. It allows users to buy tokens, but makes it impossible to sell them. The restriction is hidden inside the smart contract code. Users do not see any warning when buying the token. But when they try to sell, the transaction fails every time. This trap is activated by special conditions or hidden rules. As a result, investors are stuck holding the token. Meanwhile, the scammer sells their own tokens at high prices. Then they disappear with the profits.

Check for details

Honeypot

Fake Liquidity

🎭 Quick Take:

  • Definition: A scam where the admin creates the illusion of liquidity using funds that are not truly accessible to investors.

  • How it works: The pool is inflated using fake tokens, admin-controlled wallets, or withdrawable LP NFTs.

  • Risk: When you try to sell the token, there is no real asset backing it.

  • Protection: Make sure the token pair contains real, valuable assets and that LP NFTs are locked or burned.

Check for details

Fake Liquidity

Infinite Mint

🖨️ Quick Take:

  • Definition: A hidden backdoor in the token contract allows the admin to mint unlimited new tokens at will.

  • How it works: The admin attracts investors, then mints millions or billions of tokens and sells them.

  • Risk: As the supply grows without limit, the token price crashes. Your tokens become worthless.

  • Protection: Ensure the mint() function is restricted and the admin does not have full control.

Check for details

Infinite Mint

Tax Fraud

💸 Quick Take:

  • Definition: A scam where high buy/sell taxes are added to token transactions, and these taxes are sent directly to the admin’s wallet.

  • How it works: Initially, low tax rates are shown. Later, the admin increases the rates sharply and drains users’ funds.

  • Risk: You lose a large part of your funds on each transaction. In some cases, taxes are close to 100%, making it impossible to sell.

  • Protection:

    • Check if tax rates can be changed and where the tax funds are sent (admin wallet?).

    • Confirm that LP NFTs are locked or burned.

Check for details

Tax Fraud

Proxy Upgrade Attack

🧬 Quick Take:

  • Definition: A hidden attack in which the admin exploits upgrade rights to manipulate the contract code after deployment.

  • How it works: Using the proxy structure, the admin upgrades the contract to a new version that contains malicious logic.

  • Risk: All funds can be drained through the upgraded contract without investors noticing.

  • Protection: Always verify who holds upgrade authority, whether it’s protected by a multisig wallet, and if upgrade code is transparent and auditable.

Check for details

Proxy Upgrade Attack

Freeze & Seize

🧊 Quick Take:

  • Definition: A type of exploit where the admin abuses special permissions to freeze, block, or confiscate users’ tokens.

  • Admin can block LP NFT transfers if they control token permissions.

  • How it works: Through special contract functions, certain addresses can be frozen, blacklisted, or have assets forcibly transferred to the admin.

  • Risk: Investors lose access to their tokens, and confiscated funds are not returned.

  • Protection: Always check whether the contract includes functions like pause(), freeze(), or blacklist().

Check for details

Freeze & Seize
PreviousDisclaimerNextRug Pull

Last updated

Was this helpful?