As scammers ramp up efforts to target individuals in the NFT space, it is important to be mindful of taking precautionary steps across all social media platforms to mitigate risks of being victims to such scams. With that being said, we all know how crucial Discord is to keeping up with the NFT space and scammers have started targeting users through various methods on the platform.
Initially, scammers started out by sending DMs of wallet drainers, harmful links, and other invites that could lead a user to getting their assets compromised. Now, these scammers have also started impersonating the profiles of staff from notable projects and servers in efforts of fooling users and scamming them. They have also started impersonating bots such as the renowned Captcha verification bot which is used throughout numerous servers to verify your humanity. Through these fake bot impersonations they then lure users into harmful sites that can either compromise wallets or even Discord accounts.
Despite the efforts of such bad actors in the space, we can take several steps to safeguarding our Discord accounts and staying. First and foremost, it is important to configure your privacy settings on Discord. In order to do so, you should navigate to the user settings, click on Privacy & Safety, and then select the option that suits you best in regards to direct messaging. This allows you to turn off direct messages by default throughout all servers.
Secondly, you also have the option to simply turn off direct messages from users of specific servers. In order to do this, you right click the server icon of the Discord server you want to modify the settings for, click privacy settings, and select your option for whether or not you want to allow direct messages from users of the specific server as shown below:
Additionally, if you happen to ever receive a DM from a user trying to impersonate a staff member of a server, it is always best to double check whether or not you are dealing with the correct individual. The best way to verify this is by right clicking on a users profile and copying their ID. You can then go into the proper server and verify that the ID matches the appropriate individual. Also, don't hesitate to just ask. It is better to check with the sever and their staff if you are dealing with the appropriate individuals.
Another crucial step towards staying safe on Discord is enabling 2-Factor Authentication. You can do so by accessing your user settings, clicking my account, and scrolling down to where you can set both an authentication app as well as SMS authentication. When adding 2-FA, it is important to download your backup codes in the event that you are unable to access your 2-FA.
Lately, we have also seen new scams where hackers have been compromising web-hooks of project's Discord servers and spamming wallet drainer links with an announcement stating that another mint is live. First and foremost, you should always use your best judgement prior to clicking any links. Plus, more than likely projects will never drop a surprise mint or spam such links to an unannounced second collection so it is important to rethink something if it seems too good to be true. A few seconds of stepping back and asking authorized team members in the server can save you from having your entire wallet drained!
Other important things to note:
Never share your seed phrase or send it via Discord DMs or servers
No one on the ME team will DM you requesting to transfer any assets around
Don't scan a QR code to sign into your Discord account
If a bot DMs you to verify or redirect to another site, double check with the server admins that it is the real bot you are interacting with prior to clicking anything
Never screen share with random individuals on Discord
If you are DMd links that you intend to interact with, always double check the URL as scammers tend to change domains or add additional characters