Discord users are a frequent target for malicious attackers. And now that the number of users has doubled since 2019, hackers have no problem finding their next victim. Fortunately, there are plenty of tips for spotting a Discord scam out there (just follow the link) – but here are the absolute essentials. Below the article here you can find the staying safe on discord made easy.
Be Mindful of URLs
Never mindlessly click on anything in your DMs, even if it’s something sent by a friend. You never know when their account has been compromised and the cyber attacker starts spamming their lists with malware or phishing links.
Google has a link checker you can use to identify possible malicious domains. Use it any time you suspect something is wrong. Discord will also notify you when visiting links you haven’t marked as “trusted” before. It’s a good time to see whether you’ve clicked on a misleading URL (say, yuotube.com instead of youtube.com).
Foolproof Your Privacy Settings
Discord already has built-in tools to protect you from unsafe content and restrict communication to trustworthy contacts.
You can find a full guide to changing your Discord privacy settings (images included) by clicking the link in the beginning. It also includes useful information for Discord server admins and moderators, so definitely check it out if you manage any communities – no matter the size and scope.
Prevent Doxxing on Discord
Doxxing (i.e. having your private info posted online) is a huge problem nowadays. Cyber bullies, trolls, and other unsavory individuals may use it for blackmail purposes or consider it “just a prank.” However, many doxxing cases escalate in families being threatened with physical harm, or result in actual death.
In the early days of the Internet, it was commonly taught not to share private information online. Nowadays we readily offer it on a silver platter to anyone with an Internet connection. Unless you’re already in the public eye, keep your name, address, and any other personally identifiable information out of general chat, and even DMs if you can help it. More details on why later on.
You should also avoid connecting your other profiles (like Twitter, Twitch, Steam, etc.) with Discord. Anything you say and do on those platforms may be used to identify and doxx you. Like connecting with your friends on other services? Then, at the very least, do some well-needed social media spring cleaning beforehand.
Delete any posts that could help someone discover your identity, and reinforce your privacy settings across platforms.
Strong Passwords and Throwaway Emails
Nearly 83% of people reuse the same passwords on different websites. Never do that, as you’re just making it easier for the hackers to compromise your other accounts. We get the struggle, though. Who bothers to remember fifty different passwords, especially when they need to look like “AD9sS(j%3@!1” to be anywhere near secure?
Fortunately, you don’t have to carry around a notebook with all your login details. Instead, password managers are a great way to keep track of all your account info across multiple services. Even better, they serve as a defense against phishing. How? By not allowing you to input your login details on the wrong website, of course.
Say you’ve been lured onto a website called discordgg.ga with the promise of free Nitro. A decent password manager simply wouldn’t auto-complete your email and password on that domain. After all, you’re not on discord.gg, so why would it?
For the record, discordgg.ga was an actual phishing domain that was used to compromise 2,522 Discord accounts in 2019. 949 of those were hijacked and posted online in an SQL dump.
Two-Factor Authentication (2FA) Is a Must
You may not consider it a big deal to lose your Discord account. In fact, it probably isn’t if you’ve followed our advice and:
- Are mindful of phishing tactics
- Used a throwaway email
- Didn’t connect any of your other personal profiles to your account
- Bonus tip: didn’t tie any payment methods to Discord
However, you never know what kind of personal details you’ve shared with friends on the platform. That brings us back to our point about doxxing. Ever mentioned what you do for a living, or what school you’ve been to in passing? A determined cyber stalker can use small details like that to their advantage.
Two-factor authentication is your first line of defense against a compromised account. You’ve got plenty of 2FA options on Discord, including Google Authenticator, Authy, QR scanning, and the less secure (but better than nothing) SMS authentication. It only takes a couple of minutes to set up, so might as well get it out of the way as soon as possible.