It's hard to know if a bounty is a scam at an early stage but it's an advantage if we'll check everything about their team and developers. They could be a scam project if the crypto press isn’t talking about them. We have to check their website as well, if it's full of mistakes then it could be a scam. You have to think twice if the reward it too good to be true. Get rid of the bounty if they are asking too much information about you and lastly, it could also be a scam if you have to pay just to pursue and withdraw your reward.
Nowadays that is no use. Look at Tezos everybody knew who they were. Look at Dan Larimer everybody knows and has met him. Look at McAfee,,, look at Craig Wright. Great guys who are real and who all have skills and everything. But they launched shitty projects that scammed people,,, and still we forget and we think just because the team and devs are real,,, does not mean anything to scam probability.