Fake Pump Fun Tokens PSA - Navigating Crypto

Classic Rugpulls on the Solana Blockchain?

If you haven’t been checking for locked liquidity lately then you better start today!

In the past, we were careful about checking whether liquidity was actually locked. Today, we’ve been lulled into assuming that tokens with “pump” at the end of their address are safe. Developers of some so-called “pump fun” tokens are pulling liquidity and rug-pulling. This shouldn’t be happening. Locking liquidity has been the norm for these tokens on the Solana blockchain. One of the most important key features of pump fun tokens is locked liquidity. Scammers are using this false sense of security to trick you! So what is going on and how are they doing this?

What is a Fake Pump Fun Token?

At its core, a fake pump fun token is one that appears to be part of the “pump fun” ecosystem but is actually a scam in disguise. These tokens often show up with the familiar “pump” suffix at the end of their token address. It’s a trick designed to make you feel safe, assuming they are the same types of tokens you’ve seen before with automatically locked liquidity. There’s a new trick that is being used to pull liquidity and it is being done with with custom vanity addresses.

What are Vanity Addresses?

A vanity address is a token address with recognizable words or numbers, making it look more legitimate. Instead of a random, unreadable string of characters, these addresses are created to include words like “pump” or other terms that make them appear like safe, well-known tokens.

What makes this especially dangerous is that the scam is so well-executed that it’s often hard to tell the difference between a legitimate token and one that’s been created with malicious intent. Developers have been using these vanity addresses to create fake pump fun tokens. A lot of people have lost money lately due to these classic rug pulls with a twist.

How I Discovered the Scam

I saw it completely by accident. I was tracking a token I thought was a legitimate pump fun token, and suddenly, I saw the liquidity being pulled in real-time. I was shocked and couldn’t understand what was going on. In the past, I’d used trench.bot to check if tokens were part of a pump fun bundle, and I received an error that the token wasn’t recognized as such. That’s when it hit me: scammers had figured out a way to game the system by creating vanity addresses that mimic genuine pump fun tokens. It’s so simple and so very deceptive. I am honestly impressed by their little scam.

Don’t Trust Without Verifying Locked Liquidity

It is simple: Don’t blindly trust a token just because it has “pump” in its address. It might seem easier to assume the liquidity is locked but it’s important to always verify it manually. One of the easiest ways to do this is through tools like SolSniffer or similar blockchain tracking sites. These sites allow you to check the liquidity pool (LP) status and ensure that the liquidity is genuinely locked.

Also, when using these tools, take the extra step to verify that no one wallet holds a disproportionate amount of the token’s total supply. A few large wallets controlling the majority of the token’s supply can be another red flag that should raise concerns.