.png)
.svg)
From profile hijacking and personal information leaks to financial losses, scams can have serious consequences. However, with the right knowledge and precautions, you can guard yourself against these threats. This article will explain some of the common scams that you may encounter while using Discord or elsewhere online. For more tips, check out this article about how to further protect yourself against scams.
Social engineering is a manipulation tactic used by bad actors to trick individuals into divulging sensitive or personal information. The bad actor often poses as a trustworthy entity, offering a seemingly beneficial exchange of information. In its most basic form on our platform, social engineering is manipulating people to give their login credentials to an attacker.
Sometimes attackers try to impersonate Discord staff to gather information. To use this tactic, they hack into Discord accounts, then convince an account’s friends list that they've “accidentally reported them.” They encourage them to reach out to "Discord Employees" to resolve the issue.
These impersonators often copy social media profiles onto Discord accounts, produce fake resumes, and may even claim their staff badges are hidden for safety reasons. The end goal is to trick you into surrendering your account information, paying for their fraudulent services to “undo the report,” and acquiring your financial assets.
Discord Staff will never directly message users on the app for support or account-related inquiries. If someone claiming to be staff asks for personal information, payment, or changes to your login credentials, we recommend that you do not engage further. All Discord users can report policy violations in the app by following the instructions here.
Discord Staff are one of many groups that may be impersonated. Similar actions may occur for other companies as well, so be wary of accounts that may impersonate Support or Safety related questions in other companies too. In general, if you need support at any company, it is wise to go the official source instead.
You can always verify your account standing directly from Discord by going into User Settings > Privacy & Safety > Standing. Learn more about account standing here.
Attackers may also resort to impersonating official Discord responses through user accounts or bots. Typically, these messages include threats to your account standing if you do not comply with their demands. An official Discord DM will never ask for your password or account token, and will always display a staff badge on the profile, as well a system badge which says “Official.’
Malware often finds its way onto a device through downloads of malicious files. These files may appear harmless or even enticing—like a game from a friend. But once downloaded and run, they can give bad actors access to your login credentials, email addresses, and even your entire device.
Always exercise caution when clicking on links that will take you off of Discord, even when they appear to come from friends or promise rewards like free Nitro.
When you click on a link given to you, a pop up will show that you are leaving Discord and it will display the website you are being redirected to. It is advised to check the link to make sure you are going to the place that is intended.
Reporting safety violations is critically important to keeping you and the broader Discord community safe. All Discord users can report policy violations in the app by following the instructions here. Stay vigilant and informed to protect yourself and your digital assets.
Scams go against Discord’s Community Guidelines, and when we see this kind of activity, we take action, which can include banning users, shutting down servers and engaging with authorities. We are committed to reducing scams through technical interventions and continuously invest in safety enhancements and partner with third parties to accelerate our work.
For more information you can read our Deceptive Practices Policy Explainer as well as our Identity and Authenticity Policy Explainer.
