You must use the very same logic when you are choosing a bounty to participate as the one you use when you want to invest in an ico, you need to first look at the project and look for some signs the ico could be a scam, like a plagiarized whitepaper or stolen pictures, if it passes that test now you need to focus on the project and the developers themselves if everything is fine then you can participate in the bounty.