Please feel free to contribute. I know there are more scams, but here are the most common ones floating around on the likes of Discord and other chat services.

Scams are all over Discord and the internet in general, please take a moment to familiarise yourself with the following types of scam:

(this was taken from a post I made on Discord, and needs to be rewritten into the format of this document)

PSA You may or may not know, but luckily none of the members in this server appear to have been affected by this as yet, so I wanted to take some time to ping out the info before someone eventually falls for it!

If you join a server that requests you to verify your account by scanning a Discord QR code with the Discord mobile app, this is a scam and will steal your account. By scanning those Discord QR codes with the mobile app, you are granting scammers access to your account.

Never scan any Discord QR code with the Discord app unless you are using it to log into your account on the desktop/web application (at https://discord.com/login).

This is what the Discord QR code looks like: https://ss1.projectge.com/api/v1/81ee429c-40f1-4f6e-8e82-ee962fff8488

... and here is what the scam looks like: https://ss1.projectge.com/api/v1/f789f65d-bfea-44b8-a035-8b989c22c4db

||[@ everyone] sorry for ping, but I want to make sure y'all know and stay safe!||

Summary:

A user will send you a message asking you to test their "game" or "software". Sometimes they will invite you to a Discord server.

If you download and open this file, it will steal your Discord account and potentially any passwords in all installed browsers.

This scam happens on Itch.io, too.

This is the most dangerous scam. They will get your Debit/Credit card and login details.

How it works:

This malware will:

1. Steal your passwords from any browser you have installed.
2. Steal your Discord auth token. (bypassing 2FA)
3. Buy Nitro + Gifts on your stolen Discord account.
4. Steal your Exodus Crypto wallet
5. (potentially) Install a RAT (Remote Administration Tool) on your device, giving attackers control of your computer.

Scammers then use your account to spread the malware to your friends and servers.

They then sell your account after buying Nitro and Gifts.

Advice:

• Do not download this file. Report the user to Discord.
• Do not download any file if you do not trust the user or website.
• Be very sceptical of any files you download.

Summary:

A user (usually a bot) will send you a message, telling you that you've won X number of months of free Nitro.

How it works: This message contains a link to a website that looks similar to Discord. It then prompts you to login with an account (usually Steam).

When you click login, it shows you a fake popup window. It looks very real, it even has the steamcommunity.com in the address bar.

However, this popup is just embedded HTML designed to look like a popup.

It will steal your Steam account. Or whatever account it asks you for.

Advice:

• Do not click these links.
• Hit the "Report Spam" button in the Direct Message chat.
• The ONLY domain for Discord is discord.com and dis.gd (short domain).
• Previously known as discordapp.com.
• Discord will never ask you for your Steam login credentials. (That includes every other service this scam targets)
• If Discord ever gives out free Nitro, it will be made obvious via a notification banner at the top of the window. Never in Direct Messages.

Summary:

A user (usually a bot) will send you a message, telling you about their amazing "pump signals" server which "will make you rich".

If you join this server and follow their signals, what you are actually doing is helping the owners make money off you.

How it works:

The server owners buy small amounts of a small unknown crypto over the course of a few months.

They then send a "signal" for you to buy and make your riches.

You then buy this crypto which inflates the price, and they dump their coins on you. This makes them a massive profit.

You end up with a useless crypto worth nothing, if you complain, they will say "you were too slow".

Advice:

• Do not join this server.
• Hit the "Report Spam" button in the Direct Message chat.
• If it's too good to be true, it's probably a scam.

Summary:

A bot will message you saying that you have won X value of some crypto. Usually BTC or ETH.

This will include a code for you to redeem, and steps on how to redeem it.

They also applies to non-crypto "giveaways".

How it works:

They lure you into their fake exchange website, but before you can redeem your "winnings", you need to deposit some crypto.

If you deposit crypto on this scam exchange website, that crypto is gone forever. They also have a form for KYC to steal your identity. (Passports, drivers licenses, or whatever you give them)

Advice:

• Hit the "Report Spam" button in the Direct Message chat.
• Do not visit the URL in the message.
• Be aware, some fake exchanges create fake TrustPilot pages.
• If it's too good to be true, it's probably a scam.

Summary:

This scam happens everywhere. Either a user messages you, or you stumble upon a stream on YouTube.

The scammers usually reply previous SpaceX streams, along with an overlay.

"Send X BTC to this address, and we will send you double".

How it works:

You send the address some crypto, but you never get anything back.

Advice:

• If you find a stream like this on any website, report it.
• If it's too good to be true, it's probably a scam.