On the project developers side; you can take relevant measure like getting a reputable firm to carry out smartcontract audits and make sure the project codes are airtight and not susceptible to external malicious attacks; example of a firm that can do this to standard is HashEx, theyve been around for over 5 years and have done a 99.9% clean job on over 700 smartcontracts
On the investors, participants side, always DYOR and check for red flags to protect you from running into a scam project. Some red flags may include anonymous owners, zero or sun-quality engagements on their social media, poor interaction in their chat/member communities and so on.
Always DYOR and invest wisely.