Is there any posible way to filter who are going to make an ICO to be able to know if there are scam or not? And is there any bodies of law that would be able to punish them once they turn into scam. And what punishment should be given upon committing such the crime?
There are several ways to determine whether the ICO is scam or not, from fundamentals up to the highly technical and detailed scrutiny of the project's product. But to those who are only aware of the basic ways, perhaps it is only up to reading whitepapers and understanding them up to a certain level, reviewing the teams and their website and other media, raising questions and concerns to the developers, and so on.
As regards legal commitments, it would be up to the country where the project is duly registered and operating. They will be answerable to their laws.