Hackers, unfortunately, attempt to crack any software attempting to drain profits and assets. It has happened time and time again. Twitter user, Little Lemon Friends saved a lot of people from a hackers dream. The NFT project announced that they experienced a Discord scam job. They laid out how to avoid it in a Twitter thread.
What is a 2fa?
A hack/bypass scam called bypass 2fa is where hackers bypass two-way authentication. They are using the technique to compromise discord accounts. Everyone with social media or banking apps has had experience with two-way authentication, this is when the app asks you for two different types of identity. Including things that the user knows and something they have access to, like an email or phone number. It provides a second layer of security for the user, beyond just the password.
Why are 2fa’s recommended?
Recommended and used frequently, 2fa’s act as another defense against hackers and scams, more information is asked of the user. Phone lost or stolen? No one can access the verification code without knowing your mobile phone password to open the verification text or authenticator application.
How did this Discord scam work?
Unfortunately, hackers usually find a way to get through security barriers, including two-step authentication, and this is how they have been doing it on Discord.
- Firstly, the scammer sources a target from your team members.
- Secondly, the scammer goes into the server where the target is.
- Following that, the scammer convinces Discord to ban the target by impersonating the target, they pretend to scam members from the other account.
- Once the target is banned the scammer impersonates the mod. They reach out to the target.
- The scammer asks the target to prove innocence. Proving they see the target is banned, the target easily believes the scammer is the official mod.
- Social engineering starts for the scammer, creating fake photoshopped discussions with other members of the Discord team members about the targets ban.
- Lastly, the scammer proceeds to get on a Discord chat with the target, asking the target to screen share and telling them to open inspect element by pressing ctrl+shift+i. Inspect element has a Discord token where scammers can take full control of the target’s Discord account.
In conclusion, the moral of this story is to not screen share. Another prevention is to turn off webhooks. The targeted mod had an admin role for server maintenance which allowed the scammer to turn on webhooks. Webhooks is a method in web development, for example, one alters the behaviour of a webpage or web application with custom callbacks.
Finally, thanks to Little Lemon Friends for sharing their experience and how others can avoid it. Here is a link to check out their Twitter thread For more information about how to protect yourself against scams click here