Fake Token

Security Updated Jul 2026

What is a Fake Token?

A fake token is a counterfeit cryptocurrency created to impersonate a legitimate project’s token. Scammers deploy fake tokens on DEXs, send them via airdrops, or use them in honeypot schemes. The goal is to trick users into trading, interacting with, or “claiming” these tokens — which can lead to stolen funds.

Fake tokens exploit a fundamental property of blockchain: anyone can deploy a token contract and name it anything. A scammer can create a token called “USDC” with the same ticker — but it’s completely worthless and potentially dangerous.

How Fake Token Scams Work

1. Airdrop Poisoning

Scammers airdrop fake tokens to thousands of wallets. When users see unfamiliar tokens in their wallet, they often visit the token’s website or try to swap it on a DEX — leading to:

  • Phishing sites that steal wallet credentials
  • Honeypot contracts that trap funds when users try to interact
  • Malicious approval requests that drain wallets

2. DEX Impersonation

Scammers create a token with the same name and ticker as a popular token (e.g., “UNI” for Uniswap) and add liquidity on a DEX. Users who don’t verify the contract address buy the fake token instead of the real one.

3. Claim Scam

Users receive fake tokens, then see a prompt (in the token’s metadata or on a tracker site) to visit a website and “claim” or “swap” them. The website asks for wallet approvals that drain all funds.

4. Airdrop Bait

Scammers airdrop fake “governance tokens” or “reward tokens” to holders of a popular token, then promote a fake claim site through the token’s metadata or social media.

How to Identify Fake Tokens

CheckWhat to Verify
Contract addressCompare against the official project website or CoinGecko/CoinMarketCap
Token issuerCheck if the contract deployer matches the official team
LiquidityReal tokens have deep, verified liquidity; fake tokens often have tiny pools
Holder countPopular tokens have thousands of holders; fake tokens often have very few
Trading historyLegitimate tokens have organic, varied trading patterns
Social verificationReal tokens are listed on the project’s official channels

What to Do If You Receive Unknown Tokens

  1. Do NOT interact with them — don’t try to swap, transfer, or “claim” them
  2. Do NOT visit any URLs in the token’s metadata — these are phishing links
  3. Hide the token in your wallet interface
  4. Check the contract address on a block explorer to confirm it’s fake
  5. Never approve any transactions related to unknown tokens

The Hidden Metadata Attack

Some fake tokens contain malicious URLs in their name, symbol, or metadata fields. When wallets display these tokens, the URL appears as clickable text. Visiting the URL leads to a wallet drainer.

This is why many wallets (MetaMask, Rabby) now hide unknown tokens by default or warn users about interacting with them.

Frequently Asked Questions

Q: Can fake tokens steal my existing funds? A: Just holding a fake token in your wallet cannot steal your funds. The danger comes when you interact with the token — approving it, swapping it, or visiting links in its metadata. Never interact with unknown tokens.

Q: How do I safely remove fake tokens from my wallet? A: You can usually “hide” tokens in your wallet’s interface without sending them anywhere. If you want to completely remove them, you can send them to a burn address — but make sure you’re not accidentally triggering a malicious contract.

Q: Why do scammers airdrop fake tokens? A: It’s a form of phishing. The tokens cost almost nothing to create and distribute. Even a small percentage of recipients who interact with them can yield significant stolen funds. It’s a numbers game.