Discord has millions of users, which is why it has become the main target for scammers to repeatedly prey on victims.
A couple of weeks ago, the “I accidentally reported you” scam saw the light on Steam. Now, attackers are aiming for the “Best of Both Worlds” with a new phishing scam hitting both Discord and Steam.
Such a broad attack is not something you normally come across every day, but it is happening. What is the attack and how are they implementing it? Find out in this article.
Free Discord Nitro? Not Quite
Discord has more than 300 million users and scammers are taking advantage of how popular the platform is.
The new scam involves bot accounts or accounts controlled by scammers that are sending free Nitro subscriptions to Discord members.
The following screenshot is an example of what users may find resting in their Message Box:
“See, here free nitro for 1 month, just link your Steam account and enjoy.”
Before we explain the whole process, you can tell by the grammar mistake at the beginning of the sentence that this is a scam.
Now, a lot of users might not pay attention to details and click the link anyway. Once they tap the link, they are redirected to a website crafted perfectly to resemble a legitimate Discord page.
The scam continues when the users click on “Get Nitro.” Once selected, a “Steam” pop-up that looks exactly like what the platform would offer appears.
Also, according to Malwarebytes, the pop-up does not open in a separate window as most pop-ups do. In fact, it’s part of the website itself.
Such semi “Pop-up” has been seen and argued about before by Reddit user “/Bangaladore.” Here’s what he had to say:
“If you try to drag the window off of the parent chrome window, what happens? You can’t. It just stops at the edge. If you scroll up and down on the original page, the Steam sign in the [sic] window goes with it. A normal pop up does not act like this.”
The pop-up page didn’t load completely when Malwarebytes was testing how the scam works. Instead, they stated that they encountered a few instances where the code breaks and the spoofed URL in the fake address bar doesn’t show as it should.
Credentials Submitted, Data Harvested
With the Steam login page open, users can clearly see how legit it looks. The page is totally believable. That’s one of the ways for scammers to make fake things look real.
When the users enter their Steam credentials, the page presents an error message stating the following:
“The account name or password that you have entered is incorrect.”
While failure to sign in is shown on the users’ screen, in the background, the harvesting process is initiated. The entered Steam credentials have already been stored on the scam website.
Malwarebytes also found hundreds of other scammy domains related to the scam website’s IP address. A sample list is presented below:
We know that the page deceptively resembles a Steam pop-up. Don’t believe every offer you get, especially when it’s online.
Discord Nitro Fake Offer – Things Are Getting Steamy
Suppose that, out of the blue, you get an offer from Discord. Despite being very tempting, make sure you never click on any link. This free Discord Nitro scam should be more than enough to enlighten you.
Phishing scams are on the rise and you could be a click away from providing attackers with all of your sensitive information.
If you encounter such an incident, visit the official website’s URL manually – never click on a link in a message or email. Stay safe.