How to Spot a Fake Team Doxx in Crypto Projects

When "we're doxxed" means nothing

The crypto community has learned, through painful experience, that anonymous teams are a risk factor — developers who haven't revealed their identities can disappear without consequences. In response, "doxxed team" has become a trust signal that projects actively advertise. The problem: being "doxxed" can mean anything from having your real identity verifiably confirmed by a credible third party to having created a LinkedIn profile with a stock photo and a name that doesn't trace to any verifiable real person.

---

The spectrum of "doxxed"

Level 1 — Self-asserted (weakest): The team creates social media profiles and claims identities. No verification by any third party. A skilled scammer can create a convincing LinkedIn, Twitter, and GitHub profile for a fictional person in under an hour.

Level 2 — Third-party KYC service: The team uses a crypto-specific KYC service (like AssureDefi or COINTOOL) that collects government ID documents and holds them. If the project rugs, the KYC service theoretically releases the documents to authorities.

Level 3 — Verifiable public history: The team's claimed identities have a genuine, pre-crypto public history — academic records, professional publications, conference speaking history, years of GitHub activity, news articles — that exists independently of anything the team created for this project.

Level 4 — Established reputation (strongest): The team includes individuals with verified track records from prior legitimate crypto projects, with documented on-chain history tying their identity to verifiable prior work.

---

How to verify a team doxx yourself

Reverse image search every team photo: Download each team member's profile photo and run it through Google Images reverse image search and TinEye. AI-generated faces and stock photos will often surface matches immediately.

Check LinkedIn creation date: LinkedIn profiles show creation dates via browser tools. A LinkedIn profile created the same month as the token launch is a red flag.

Cross-reference claimed professional history: If a team member claims "5 years at Google" or "PhD from MIT," that history is verifiable. Search their name in combination with the claimed employer and institution.

Verify social media age and engagement quality: Genuine accounts have organic follower growth over years. A Twitter account created 6 months ago with 5,000 followers but low engagement on pre-project tweets is suspicious.

---

What legitimate third-party KYC provides

If a project uses a recognized third-party KYC service, this provides a meaningful but limited assurance. The government ID documents provided are held by the KYC service. If the project rugs, those documents can theoretically be provided to law enforcement.

Limitations: KYC services can be presented with fraudulent documents. Law enforcement action across international jurisdictions is slow and uncertain.

Treat team doxx as one factor in a multi-point evaluation. Combine it with on-chain verification using Hannisol. Check any token's full profile at Hannisol.