Securing Discords for Web3
  • 🛑Start Here
  • DISCORD COMPROMISED
    • ☎️HELP! I'VE BEEN HACKED!?
  • FUNDAMENTALS
    • 👑Owner & Admin Perms
    • ⚖️Role Hierarchy
    • 🤖Choosing Bots
    • ⚠️Threats (Summary)
    • 🔐Security Education
    • ✅Security Audit Checklist
  • POINTS OF ATTACK
    • 🚩Channels & Permissions
    • 🆘Threats (Detailed)
      • Rogue Staff Account
      • Webhook Attack
      • Admin Login Token Phishing
      • Staff Impersonation
      • Join Raids
      • Trade Scams
      • DM Spam & Scams
      • Advertising
      • Chat Spam
      • Abusive Chat
  • Templates
    • 🖥️Security Channel Page
Powered by GitBook
On this page
  1. POINTS OF ATTACK
  2. Threats (Detailed)

Staff Impersonation

Malicious actors impersonating staff and bots with same name and/or PFP

Threat Description

Scammers create accounts with the same name and profile picture as a staff or bot account in the Discord and use the stolen trusted identity to socially engineer others. These attackers:

  • Impersonate customer support and DM members asking for money and/or information

  • DM spam discord members with fake mints or sales pretending to be an official launch

  • Post links to fake mints or sales pretending to be an official launch/offer

Prevention

Hashbot allows Administrators to whitelist all staff members then blacklist any variation of the staff members name and even blacklist their PFP banning users before they enter the Server and monitoring name changes after.

Auto-ban tools are the best resource to significantly cut down these types of attacks, but there are ways to navigate around and bypass them. The main way for prevention is having a strict DMs OFF policy and making sure the staff adheres to these guidelines as well as the community.

Timed-Message bots such as Dyno and others allow for automatic periodic reminders to be dropped in chat, reminding all users of the DM policies and that staff will NEVER DM them.

Auto-mod features from bots such as Dyno, Wick, and YAGDPB allow for whitelisting of approved links and messages while blacklisting all others preventing most attacks inside the server.

Responding to Active Attack

If using auto-ban tooling, try updating the regex/phrases to capture the impersonator/s before manually removing them to ensure the bots filter list covers all bases. If the attack was in DMs, remind all users of Security Education documents and strict DMs OFF Policy. We can't protect users from themselves in their DMs.

PreviousAdmin Login Token PhishingNextJoin Raids

Last updated 2 years ago

🆘