Improve account security & Keep archive of deleted servers for a period of time after delition
So the background for this post is that my account. my friend's account, and many others in our circle have been hacked and locked out of our accounts by the same hacker. The scam works as follows:
He first gains access to the account of someone in your friend circle. He then uses the compromised account to pretend he's your friend and asks you to try out the new game he's been working on, he wants criticism (My friend is a game dev, making this story quite believable to me, and he got it from another game dev). He does this in your friend's native language, and from what I gather it seems he first looks through your history to better imitate how you and your friend interact. You're given a link to his website, with information about the game and a link to download an installer. If you download this installer and run it, it instantly locks you out of your discord account, changes your email and password (making it completely impossible to regain access to), and scrapes your PC/Browser for accounts and associated passwords. At this point it's already over, he has your discord account and any other accounts the program could find. He immediately continues the scam by spreading the same sort of messages to your friends.
When this happened to me, the hacker tried to blackmail me for 25USD, when I refused to pay (it's not a large sum, but we do not negotiate with terrorists!) he said "ok bro I'm gonna f*** you" and proceeded to delete my discord server, and has been trying to scam other people ever since using my account. Discord support until this point has been completely unhelpful and not taken my multiple calls for help in the matter seriously, but that's another issue in itself.
My first question is: Should it really be that easy for a program to access your account information and be able to change your account login details? Although he did provide evidence that he had compromised other accounts, for example my Microsoft account, he still hadn't been able to change the actual emails or passwords associated with these accounts, so I was able to save them. I have obviously learnt my lesson regarding 2 factor authentication being a lifesaver, and everyone should have that enabled, but outside of that could account access and information be secured better?
My second question is: Since this is obviously an ongoing problem, and many others are being affected by it, why does discord make it so easy to completely remove a server never to be seen again? Why aren't servers recoverable? Mine wasn't very big, but some others have spent a lot of time and money on their servers, and I feel like there should be a safety net of some sorts to protect it all from being deleted in an instance. I could simply be that upon deletion, servers are archived and fully deleted from discord's servers after 7 or 14 days or something like that.
-
I am in the same EXACT boat as you, the hacker deleted my server that dated back to 2016 AFAIK.
There were so many memories in that server that cannot be replaced by anything.
The hacker hasn't had a field day with my friends unlike yours because I got to them before he ever did.
I also managed to block my card and change passwords to everything else.
I'm not sure if he has access to all my other passwords but he did indeed do enough damage already which makes me upset. But if discord support was fast enough when they got my initial report, they should've been able to stop him from deleting it because he only deleted 24 hours after gaining access to my account.
I'm sorry you had to go through that, I know how shit you must feel and all the stress that you must be going through.
Just create a ticket and hope for the best, they might be able to restore the server but I cannot say for sure. Fingers crossed.
1 -
Thanks for the support, seeing now there are a lot of others affected by the same scam.
Problem is I have created tickets, but discord support doesn't seem to actually read them, because the only response I get from them is: "Oh we're sorry to hear that, but just use the forgot password feature to regain access". But the problem is exactly that I CANT do that because he changed the email associated with the account. I've given a very detailed explanation the the now multiple emails, and it's so frustrating when they keep NOT listening to the issue. Scamming and blackmailing is happening on their platform, you would think they would care a little more. I had a nitro subscription on that account as well, seems to be no willpower from discord to help me get this sorted.
0 -
First of all, you need to put your request under a ticket specifically made under "Hacked Account" on here and use your original E-Mail that was linked to your account to follow up with the response you receive, attach as much proof as possible, get your friends to message support as well with message IDs of the scammer trying to send them phishing links and hopefully your case will be resolved.
Because they can see your IP address that was linked and what the person probably used to grab your token, if you have access to the file they sent, send that too and provide just as much proof as possible, you probably got E-Mails regarding a password change and E-Mail change, that's proof as well, your friends being scammed with screenshots, also proof.
I had nitro sub as well, that is why I was targeted.
Just be patient with them, they're a small indie company and sometimes they take anywhere between a few days to a few months to respond depending on their mood.
0 -
I have already everything you say. I submitted the correct ticket, I attached all proof I had, I even managed to trick the scammer to clicking a link that logs his IP and other info, and attached that too. Still, no help. It shouldnt' be that hard to understand I need them to reset my account or delete it. Anything that will deny access to the hacker, and it should be clear at this point that I can't do it myself.
Discord is huge this days, it has hundreds of millions of users and is worth billions. They can afford proper support. A few months just isn't good enough.
0
Please sign in to leave a comment.
Comments
4 comments