Bitdefender report finds Discord rife with malware & scams

Bitdefender has released a detailed report revealing that cybercriminals are increasingly using the social platform Discord to distribute malware, conduct phishing campaigns, and spread spam. The report discloses that Australia and Indonesia are among the top ten countries targeted by these malicious activities.

The cybersecurity firm's report analysed 35 million URLs scanned over a six-month period, detecting 50,000 dangerous links on Discord. Despite the platform's efforts to enhance user safety, such as implementing a 24-hour expiration for hosted files, cybercriminals continue to exploit Discord to steal user credentials and execute other malicious activities.

According to Bitdefender, hackers are using Discord not only to distribute malware but also to share malicious links and host dangerous files. Bitdefender Mobile Security enables users to intercept malevolent links and messages on platforms like Discord, WhatsApp, Messages, and Messenger by Meta, offering proactive protection and a clearer understanding of the threats posed by these platforms.

Discord has been plagued by the issue of malware and scam campaigns for several years. Developers have taken steps to mitigate these dangers, but as Bitdefender's telemetry data shows, the platform remains a significant vector for essential scams. The expiring links feature was introduced by Discord to make it more challenging for attackers to use the platform for hosting malware. However, other forms of scams have not ceased.

One particular scam that has gained traction involves the promise of free Discord Nitro, a subscription service that unlocks additional features. This scam often confuses users as some legitimate companies offer Nitro as prizes. Victims are usually tricked into providing personal credentials or financial information via a fake website.

Another prevalent scam involves linking Discord accounts with Steam, another popular gaming service, under the pretext of obtaining free Nitro. This scam persuades users to hand over their Steam credentials, subsequently subjecting them to potential blackmail to regain account access.

The report also highlights that the United States leads in the number of people targeted by these scams, with a considerable margin. While Discord's new security feature complicates the attackers' efforts to host files, it has led to a rise in other types of scams. Scammers are continuously devising new ways to deceive users, whether by claiming their account is at risk or by presenting fake prizes. The gaming industry remains especially vulnerable to these threats.

To protect against these scams and other malicious activities, Bitdefender suggests a few precautionary measures. Users should exercise caution when encountering unknown links, even those that appear to come from familiar sources. Employing robust security software that offers real-time protection against malware is highly recommended. Additionally, keeping operating systems and applications up-to-date can help patch potential security vulnerabilities. Lastly, users are advised to regularly review and adjust their privacy settings on Discord to limit who can send them messages or files.