Oh my god! I won something! Not likely. This is a scam designed to steal your personal information. These links will often emphasize the urgency of acting fast before it expires. In reality, what they want is you to click the link without reading it. Why would that matter? Scam links are often designed to look legitimate. They might include images that display stolen from Discord, and they often mimic the look of official Discord Nitro Links. For instance, if
discord.gift/rAnD0mC0dEis a legitimate code, a scam link might look like
After clicking the scam link, you'll likely be brought to a page to login to claim the fake nitro. In reality you will be handing over your details to the scammer on a page that looks similar to Discord upon first glance. There might be links that take advantage of logging your IP address, which can give away your internet provider location and device specifications. Clicking a link could give consent to downloading a malicious file to your device. A fake nitro link is only one form of this scam. Others include:
- Leaving steam and giving away items
- Random requests to beta test games
- Invitations to join a secret or limited availability Discord Server [HypeSquad, Moderator Programs, Programming Servers, etc.]
- Accusing you of wrong doing in another server and immediately blocking you [normally used to guilt you into joining a scam server and bait you for login information.]
- Examples of legitimate links:
- Examples of fake links (please do not try typing them in): https://discord.gift.co/___rAnD0mC0dEkYdZs
A legitimate program invite will always be either a message from a
Discord ✔️ System, or a message from a
Discord Employee 🛠️. If they do not have a staff badge on their profile, or it is not a system message, it is not real.
The simplest way to protect yourself is read the messages carefully. Ask yourself if you can trust this person based on their reputation and message history in mutual servers, their social media presence, or their conduct. When you don't have logical assumptions on their intent, don't click the link, and
this includes people you know. Why can't you trust people you know? Because people you know might one day say this:
If you are somehow still logged into your account, change your password and enable two factor authentication if possible. If your Discord account is compromised, you should file a report with support, as they have tools to assist you. These concepts apply to other communities such as Steam as well. The links below apply for Discord:
Often times the accounts that are compromised will send out scam links to others. If you were hacked, you should make the effort to check your DM history and try to give warnings to users sent scam links, and to the servers you were in. You may also have been banned in communities the hacker sent scam links in order to protect others. That means that the account that sent you a scam link could be from a regular user's hacked account, not a scammers account. Reporting these issues besides helping yourself, will help others who have been hacked.