One thing that sends a red flag is when they email me about the ICO. This forum was hacked years ago and all the users email addresses were stolen at that time. I use multiple email addresses and it's obvious what I receive from senders who have purchased that list.

Frankly any ICO that's purchasing email addresses from a stolen list I don't even read the whitepaper.