Discord Wiki
Advertisement

The Discord invite rewards scam is a type of online fraud that targets users of the Discord platform, a popular chat service for gamers and online communities. The scam involves promising users various rewards, such as Discord Nitro, Robux currency, or NFT drops, in exchange for inviting other users to join a specific server. However, the rewards are never delivered and the users are unable to claim them. The scam servers usually do not have any chats to talk in and are used to spread the scam by exploiting the invite system of Discord.

How the scam works[]

The scam works by sending users unsolicited messages or DMs from fake or compromised accounts, claiming that they have won a reward or that they can get one by joining a server. The messages may use a technique of mixing real Discord invite links (to public Discord servers usually) with their malicious links in order to portray legitimacy and lull users into a false sense of security.[1] The messages may also impersonate official Discord accounts or bots and offer entry to community initiatives, such as the HypeSquad or Partner programs.[1] The messages may use genuine-looking links to websites or QR codes to lure users into their trap.

Once the users join the scam server, they are asked to verify their identity by scanning a QR code, copying and pasting a code, or entering their password or token. This allows the scammers to access their Discord account and take over it. The scammers then use the compromised account to send more messages to other users and repeat the cycle.[2]

How to protect oneself[]

Discord has warned its users about the common scams and what to look out for.[1] It has also advised users to protect themselves by following some safety practices, such as:

  • Don’t click links from unknown senders or that look suspicious.
  • Don’t download programs or copy/paste code you don’t recognize.
  • Don’t give your password to anyone!
  • Never share or screenshare your authorization token.
  • Don’t scan any QR codes from people you don’t know or those you can’t verify as legitimate.
  • Enable 2-Factor Authentication to keep your account as safe as possible.
  • Consider restricting who can DM with you.
  • Discord has also discouraged server owners and moderators from engaging in invite reward activities, as it often results in spamming users with unsolicited messages.[3][4] It has also recommended server owners and moderators to audit their server permissions, especially for higher-level tools like webhooks, and keep their official server invites updated and visible across all their platforms.[5]

References[]

Category:Discord Wiki

Advertisement