# Staff Impersonation

#### <mark style="color:red;">Threat Description</mark>

Scammers create accounts with the same name and profile picture as a staff or bot account in the Discord and use the stolen trusted identity to socially engineer others. These attackers:

* Impersonate customer support and DM members asking for money and/or information
* DM spam discord members with fake mints or sales pretending to be an official launch
* Post links to fake mints or sales pretending to be an official launch/offer

#### <mark style="color:red;">Prevention</mark>

Hashbot allows Administrators to whitelist all staff members then blacklist any variation of the staff members name and even blacklist their PFP banning users before they enter the Server and monitoring name changes after.

Auto-ban tools are the best resource to significantly cut down these types of attacks, but there are ways to navigate around and bypass them. The main way for prevention is having a strict DMs OFF policy and making sure the staff adheres to these guidelines as well as the community.

Timed-Message bots such as Dyno and others allow for automatic periodic reminders to be dropped in chat, reminding all users of the DM policies and that staff will NEVER DM them.

Auto-mod features from bots such as Dyno, Wick, and YAGDPB allow for whitelisting of approved links and messages while blacklisting all others preventing most attacks inside the server.

#### <mark style="color:red;">Responding to Active Attack</mark>

If using auto-ban tooling, try updating the regex/phrases to capture the impersonator/s before manually removing them to ensure the bots filter list covers all bases. If the attack was in DMs, remind all users of [Security Education](https://dontfeedthewolf2019s-organizatio.gitbook.io/securing-discords-for-web3/fundamentals/security-education) documents and strict [DMs OFF Policy](https://dontfeedthewolf2019s-organizatio.gitbook.io/securing-discords-for-web3/fundamentals/security-education#turn-off-dms). *We can't protect users from themselves in their DMs.*


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://dontfeedthewolf2019s-organizatio.gitbook.io/securing-discords-for-web3/points-of-attack/threats-detailed/staff-impersonation.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.