Investing Beginner

DeFi Red Flags and How to Stay Safe in DeFi

Reading Time: 5 minutes

From January to March 2023, the crypto industry experienced 51 incidents of cybercrime that cost 452 million US dollars! This fact indicates that scams in the crypto world, especially in the DeFi sector, still occur frequently. To protect your crypto assets from these scam motives, you must know the scam types and how to stay safe in DeFi. To find out how let’s read the following article!

Article Summary

  • 💵 DeFi, or decentralized finance, is a blockchain-based platform that offers financial services and operates without a central authority like a bank.
  • 📄 DeFi works automatically using smart contracts. Although smart contracts are designed to be secure, any weakness in programming can lead to security breaches that hackers can exploit.
  • ☠️ Many scam motives in the DeFi world disadvantage users and investors. The most common examples are phishing, rug pulls, and honeypots.
  • 🚨 To secure your crypto assets and avoid scams, it’s a good idea to research the DeFi platform you will use. In addition, you can do an on-chain analysis of a crypto protocol or project and apply a two-factors authenticator (2FA) to your account.

Overview of DeFi

DeFi, or decentralized finance, is a blockchain-based platform that offers financial services and operates without a central authority like a bank.

In DeFi, you can access various financial services, such as savings and loans, buying and selling crypto assets, insurance, asset management, and other services.

In the traditional financial system, financial services rely on institutions such as banks that act as intermediaries. But in DeFi, all transaction processes are executed by smart contracts.

Smart contracts are contracts that can be programmed for anything and stored on the blockchain.

Smart contracts are the main foundation for a decentralized financial system. They automatically execute various financial transactions and operations in DeFi.

Although smart contracts are designed to be secure, human error or programming vulnerability can lead to security breaches that hackers can exploit. Not only vulnerabilities in smart contracts but there are also many scam motives in DeFi that you should be aware of to secure your crypto assets.

In this article, read more about What is DeFi (Decentralized Finance)?

Types of DeFi Scams


Phishing is a scam that aims to get sensitive information from users, such as private keys or passwords, by pretending to be a legitimate entity. The purpose is to trick users into entering their personal information on a fake website, which scammers then use to steal their assets. Therefore, do not click on unknown links. Also, try only to visit the official website of a DeFi project, which can be seen from the information on Coinmarketcap or the project’s official social media.

Rug Pull

Rug pull occurs when the development team of a DeFi project creates tokens and deliberately sells them quickly when the price reaches its highest point. It causes significant losses for investors or users. The development team usually designs a promising project that attracts many users to fund the project.

Source: Coindesk

Quoted from Coindesk, rug pull became the most common scam in May 2023, with 16 cases and 37 million US dollars lost. BNB Chain is the blockchain that dominates rug pull scams, followed by Ethereum and Arbitrum.


Source: MetaMask

As the name implies, a honeypot in the crypto world is a “honey pot” that attracts the attention of users or investors. Honeypot scams work by sending the seed phrase of a wallet, claiming to be someone who needs help. They expect the user to see valuable funds in the wallet and want to transfer or exchange them. The user is asked to send tokens to the wallet to pay the gas fee. However, the scammer steals the sent tokens using a sweeper script before the user can complete the transaction, thus taking the tokens sent by the victim.

Also, find out about How to Avoid the Meme Coin Trap.

How to Stay Safe in DeFi and Avoid Scams

1. Using a platform with a Large TVL

TVL refers to the total value of assets locked in a DeFi protocol. Choosing a platform with a large TVL indicates that many users have adopted and trusted the platform. Platforms with a large TVL tend to have a better reputation and are less likely to be the target of scams or hacks. Some examples of DeFi protocols include LIDO, MakerDAO, Aave, Uniswap, Curve Finance, and others.

Some of the major DeFi platforms above have usually passed an audit process to check the security of smart contracts through the auditing firms like PeckShield or Hacken. They also tend to offer rewards for anyone to find bugs in smart contracts before hackers discover them.

2. Analyzing On-Chain Data

Analyzing on-chain data can provide insight into the activity of a DeFi protocol. You can check the transactions that occur, the performance of smart contracts, and major token holders. This analysis can help identify any suspicious signs or unusual activity, thus avoiding potential scams.

You can use DefiLlama to analyze on-chain data across the DeFi protocol. In addition, you can also use Dextools to see various assets that have the potential to scam. There are also Bubble Maps to see the spread of wallets for ownership of an asset.

Read also 6 Best Crypto Analysis Tools.

3. Checking Community Activity

Checking the community activity of a DeFi project can give an idea of the trust and support users provide. Platforms or projects with strong and actively participating communities are generally more reliable. Check forums, social media groups, or other communication channels related to the DeFi project to see user feedback and reviews.

4. Using Two-factor Authentication (2FA)

Enabling two-factor authentication (2FA) on your account protects your crypto assets. 2FA adds a layer of security by requiring you to enter a verification code generated through an authentication app or sent via mobile text message. By using 2FA, when your password is compromised, the attacker still needs an additional verification code to access your account. One example of an authentication app is Google Authenticator.


DeFi is an innovative space in the crypto world that offers many opportunities and new, constantly evolving projects. However, with so many new projects emerging, you must understand them well.

Besides, don’t put all your funds into one DeFi app. Portfolio diversification is vital to reducing risk. By distributing your funds across several DeFi projects, you reduce the chances of a massive loss if one of the projects fails or is fraudulent.

Do your own research (DYOR) before investing in or using new projects in the DeFi ecosystem.

Buy Crypto Assets on Pintu

Interested in investing in crypto assets? Take it easy. You can buy various DeFi crypto assets such as COMP, LDO, CRV, and others safely and easily. Furthermore, Pintu has subjected all its crypto assets to a thorough evaluation process, emphasizing the importance of prudence.

Pintu is also compatible with popular wallets such as Metamask to facilitate transactions. Download Pintu app on Play Store and App Store! Your security is guaranteed because Pintu is regulated and supervised by Bappebti and Kominfo.

In addition to executing transactions on Pintu Apps, you can learn more about crypto through various Pintu Academy articles updated weekly! All Pintu Academy articles are made for knowledge and educational purposes, not as financial advice.


  1. Ekin Genç, How to Stay Safe in DeFi: Red Flags and Risks You Need to Know, Coindesk, accessed 21 Juni 2023.
  2. Cointelegraph Writer, DeFi Scams 101: How to avoid the most common cryptocurrency frauds, Cointelegraph, accessed 21 Juni 2023.
  3. Yield App, Top 5 Ways to Spot a DeFi Scam, Medium, accessed 21 Juni 2023.
  4. Adi Wira, Angka Kerugian Akibat Kejahatan Kripto di Q1/2023 Turun Jadi US$452 Juta, Beincrypto, accessed 22 Juni 2023.

Leave a Reply

Your email address will not be published. Required fields are marked *