Scammers pretending to be the official Twitch account are sending phishing links to unsuspecting users via Discord.
Discord users are claiming this scam is widespread throughout their servers, as hackers target increased numbers of online gamers in the wake of worldwide Covid-19 lockdowns.
What are Digital Privacy Experts saying?
Social distancing and increasing lockdowns have prompted more people to spend time at their computers using social platforms like Discord and streaming websites such as Twitch to keep themselves entertained. Sadly, their popularity has made users of both lucrative targets of scammers and hackers, particularly children that think they are getting something for free.
The newest attack appears in the direct messages of Discord users, claiming to be on behalf of Twitch in a new partnership that offers users free access to Discord’s premium Nitro Games service. Unfortunately, though all the pretty graphics that make it look official, it is just another scam that hopes to trick unsuspecting users into clicking a link.
The biggest giveaway, aside from the poor grammar is that Nitro Games doesn’t even exist anymore. But this isn’t the first scam of its kind, and it certainly won’t be the last, as there are many more circulating the platform.
Clicking the link invites a bot into their server, which, on the surface, can spread its spam messages to other users this way, or even kick people from the server.
Remember, Discord has permissions to access your camera, microphone, storage, contacts, and usage data on mobiles. These are all necessary permissions for certain functions of the app, but could become dangerous if hackers somehow manipulated them.
Discord is aware of these scammers and plays whack-a-mole by renaming fake accounts, but more continue to pop up thanks to the platform’s current naming system. Overall, Discord needs to do more to safeguard users, particularly children.
Damien Mason, Digital Privacy Expert at ProPrivacy.