How To Spot A Discord Scam

Published in

GDSC KIIT

4 min readNov 20, 2021

Ever since the beginning of the pandemic and the work from home age, Discord has seen a massive boost in popularity and usage, and a lot of the people using it now are completely new to the ways of the platform. Since Discord only requires an email address for someone to create an account and start using it, it has become incredibly popular with internet scammers.

Bots : An Integral Part Of The Discord Ecosystem

One of the most interesting things about Discord is how anyone can easily create and host bots on their Discord server.

These bots add various useful features and can generally be used to enhance your experience on Discord, for example, a popular bot by the name of Groovy can be used to play music from YouTube straight into one of your server’s voice channels without having to worry about ads.

But the very openness available to build your own bot means people can pretty much make what they like. But not all bots have the best of intentions, and so it is up to you as a responsible Discord user to make sure that you remain protected from the actions of any malicious bot.

How These Scams Work

Spam messages are sent to other Discord users, either in their private inbox or in various text channels, these messages usually involve “Nitro”, a paid Discord service which offers increased functionality to servers along with various other features. Nitro had also included games at one point, and these spam messages depend heavily on the allure of free Nitro. They essentially bank on people clicking their phoney links before checking.

These are how some of these links look…

whoops…there was supposed to be an image here

If you observe carefully, the URL in that image isn’t quite right, there is a very obvious typo, it spells “dlscord” instead of “discord” and it is a fairly common way that scammers use to get people to click on their links.

But sometimes these scammers aren’t as sneaky, and their sites will already have multiple red flags and the security tools on your web browser will do the job for you.

But, if you have already entered your credentials on such a site, then you should change your login information as soon as you can.

However, these sites will be a lot sneakier most of the times, and it will be up to you to protect your account.

A good rule of thumb to follow is to remember that if it looks too good to be true, it probably is.

How Phishing Works…

There are many types of phishing scams, which target different types of people, we will be focusing on two different types of phishing attacks in particular.

Spear phishing attacks, which are directed at specific individuals or companies. These attacks usually employ gathered information specific to the victim to more successfully represent the message as being authentic, these are the sort of messages you might get in your DMs

2. Pharming attacks, which use DNS cache poisoning to redirect users from a legitimate site to a fraudulent one. This is done in an attempt to trick users into attempting to log in to the fake site with personal credentials.

How to protect your discord account…

The most important thing to remember is to set up a strong password. Use a password manager like Bitwarden or Dashlane to help you generate strong passwords.
Set up Two Factor Authentication (2FA) for your account using something an authenticator application Google Authenticator or Authy. This is advisable for any password protected online account in this day and age.
Set up message scanning, which automatically scans and deletes any explicit content. You can choose to do this for all messages or just those not on your Friend List.

Keep me safe: scans any message that you receive

My friends are nice: Discord scans for any messages you get from people not in your Friend’s List, but leaves the messages your friends send to you alone.

Do not scan: Discord doesn’t scan any messages that you receive.

4. Block any users if you need to.

It is indeed incredibly unfortunate that there are individuals out there who would prey on people like this, however, till Discord figures out a way to deal with such people, the responsibility of keeping one’s account safe falls on to oneself, and I hope that this article has helped in that.

Stay safe out there!