Best Practices for Discord: How to Avoid Discord Scams and Preserve Your Sanity

March 1, 2022

Written by:
Kwame “Symbolik” Newman-Bremang
EDITED by:
Kwame “Symbolik” Newman-Bremang

This document outlines best practices when using Discord. It looks at how to avoid being scammed, by taking care, having a healthy level of caution, and by setting up your Discord appropriately.  We look at methods of setting up your Discord account to be as safe as you are comfortable with, to protect your security as well as your sanity.



How to avoid Discord scams

Be very careful when clicking links in discord, or anywhere else on the internet for that matter.  Hackers send links that may look official, superficially, but they point to fake sites that are designed to attack your computer and scam you!


Scammers try to trick you, with links that are close enough to trusted site links, to trick the unsuspecting into giving the scammers sensitive information. They are interested in information such as passwords and seed phrases. They social engineer, or TRICK, the unsuspecting into lowering their guard. Scammers attempt to infect your computer with viruses or trojans that attack your computer, immediately or even weeks and months in the future. Caution and attention to detail will stop their nefarious efforts!


Examples of scammer links:

www.disc0rd.com/winner

www.discord.gift/awards/

www.discord.prize/gift

www.duscord.prize/youareonethatluckywinner/

www.discord_com/toogoodtobetrue/youshouldknow/itsascam/dontfallforitandendupscammed/

www.metamask.tz/walletsopport/

www.openseaa.support/seedphaserequired/


All of the above link examples should be spotted and identified as suspicious. Notice for example slight anomalies in the spelling of trusted URLs, luring with fake offerings of winnings and prizes or the disjointed language. Note, Discord only operates on www.discord.com.  Links like the above are certain to take you to malicious sites where they will extract sensitive information, and worse infect your computer with malware that is designed with the goal of seizing control of your system and scamming you!  In many cases the end goal is to steal your crypto wallet. Remember, MetaMask, Opensea, Umba Daima or any other reputable and trusted organization, will NEVER ask you for your seed phrase!!!


Spotting scams that hack your account using Discord (video)


A first step in ensuring the security of your account is setting up Two-Factor Authentication, also known as 2FA.


Two-Factor Authentication

Two-Factor Authentication (2FA for short) strengthens security by using two ways of verifying your identity. This is a good way to add an extra layer of security to your Discord account to make sure that only you have the ability to log into your account.



Set up 2 Factor Authentication

To set up 2FA on your Discord account, hit the gear or “lil cog” on the bottom left of the screen (beside your username).

In “My Account”, at the top of the list under “Password and Authentication”, you’ll see TWO-FACTOR AUTHENTICATION (2FA). Follow the steps to activate 2FA on your discord profile.



Find detailed step by step instructions here:


The next step in stopping scammers is by stopping them from getting into your friend list and into your inbox. Once they are in your inbox they can deploy well thought out and proven tactics to social engineer you or those in your friend circle. You're better off to shut them out from the start.  Do this through “Privacy & Safety” settings.



Privacy & Safety settings

Discord offers powerful privacy protection options in the settings, but you have to set it up to maximize the effectiveness, suited to your comfort and ability to spot malicious content.  In the “Privacy Settings” you’ll find  Discord’s “Safe Direct Messaging” which can be enabled to automatically scan your incoming messages and delete explicit and potentially harmful messages. You also have the ability to completely restrict direct messages or limit who can add you as a friend. These can all protect you by limiting the amount of access potential hackers have to your inbox, limiting scammer’s ability to trick you into stepping into a trap.




Set up “Privacy & Safety”

To set up “Privacy & Safety” settings, from the main window, click the gear also called the “lil cog” on the bottom left of the screen (beside your username). 

Then in the left menu select “Privacy & Safety”. There you will find “Safe Direct Messaging”, “Privacy Defaults” and “Who Can Add You As A Friend” options.


Know your privacy settings video (desktop - preferred platform)


Discord Privacy Settings (mobile device)



Turn off DMs OR only allow server members and friends of friends to DM you 

It is advisable that you limit who can add you as a friend to lower the chances that scammers can get into your inbox, or that of your friends and contacts. Once they are in your message box malicious actors are just one click away from scamming you!


Disable DMs from non-friends

To limit who can add you as a friend,  go to “Privacy & Safety” settings (see above to find Privacy & Settings), scroll down to “WHO CAN ADD YOU AS A FRIEND”, turn off the “Everyone” toggle switch. You may choose to turn off “Friends of Friends” for additional protection.  Leave “Server Members” on if you want Umba Daima server members to be able to friend you.  Umba Daima takes steps to protect the server and it’s community members BUT if you leave “Server Members” on, be diligent if you visit other Discord servers. They may not be as careful.



For your sanity - Mute Servers and Organize 

Though the following are not security concerns, they are common best practices and can make using discord less noisy and confusing. Mute notifications on Discord servers or channels that you don’t need to engage with daily or that are not a priority and organize your folders by grouping them.



Mute All Notifications, except for Umba Daima

Discord notifications can become overwhelming when notifications are set to on for too many Discord servers. We suggest you turn off notifications on all servers with the exception of Umba Daima discord. This will ensure you are tapped in with the community and you don’t miss any news, events or opportunities.


How to mute notifications

To mute notifications, right click the server icon in the left menu (in the list of servers). A menu will appear. Scroll down in the menu to “Mute@server”. Additional options appear allowing you to mute for different time periods. We suggest you select “Mute until I turn it back on” for all servers with the exception of Umba Daima.



Checking discord messages

To check your messages click the “Inbox” icon on the top right of the main Discord screen (beside the “Help” question mark icon).

Your messages will appear below.  Note: you can toggle between “Unreads” and “Mentions” .

Unread lists all messages while “Mentions” shows you messages that directly relate to you. If a message is from another server, a “Jump” button will appear to let you jump directly to the message on that server.



Organize Discord in servers into folders

This is not a security concern but it will definitely help you preserve your sanity when interacting with a number of Discord servers.  Once you join more than a few servers you’ll get to the point where organizing Discord servers becomes a challenge and a potential nuisance, if they aren’t organized. Fortunately there is a way to sort and group servers, so you can organize and manage your Discord server list. 



How to create folders

On a desktop drag and drop Discord servers into groups to categorize and make sense of your Discord experience.  Group the servers in a way that simplifies and makes sense to you. For example you could group NFT art communities, gamers could create a separate group for games, etc.


Summary

Discord is an extremely powerful social media tool, however there can be risks if you are not careful. Keep an eye out for shady links!  When in doubt DO NOT CLICK the link.  Scammers want to trick you into handing over your seed phrase, passwords, sensitive information or infect our computer.  Remember Umba Daima will never ask you for those private pieces of information!  Make sure to set up Two-Factor Authentication (2FA) so that only you can access your account. Go into “Privacy & Safety” and limit who can add you as a friend and send you messages. If scammers can’t friend and message you, they can’t drop a trap in your inbox! For your sanity, mute unnecessary Discord servers and organize your Discord servers into folders. By putting this knowledge into practice you’ll be safe and equipped, so you can enjoy the Umba Daima discord community!


Discord logoTwitter logoInstagram logo