The Scariest Fake Discord Login Phishing Scam!
Vložit
- čas přidán 5. 06. 2024
- A lot of Discord scams are based on tricking the user to log into a phishing website (or a fake website disguised as discord). A lot of these websites are easy to detect though, you just look at the URL bar and make sure it's discord.com.
However, what happens when you get a popup that has the normal discord URL and looks legit?
Well surprisingly there are some fake discord login pages that can disguise their URL by using some HTML trickery. Thankfully, there is one very easy way to tell if we are about to be phished.
Use promo code: ISubscribedToNTTS for 0% off your Walmart order.
SOCIALS
-----------------------------------------------------------------------------
Discord Server
/ discord
TIMESTAMPS
-----------------------------------------------------------------------------
00:00 - Introduction
00:36 - The scam
02:04 - Explaining the popup
05:42 - Conk clue shun
07:00 - How to recover your account
08:03 - Outro
MUSIC
-----------------------------------------------------------------------------
C418 - Minecraft - Volume Alpha (Minecraft music) - Zábava
The funny thing is that they used a backslash "\" in the fake URL instead of a forward slash "/" which gives away the entire scam easily if you pay a little bit of attention.
I know right like it’s so easy
Also, "Scan this with the Discord mobily app to log in instantly." That seems a little... off.
@@amongleAcc thats a real thing discord has.
@@sinxzx7172 discord doesn’t say “mobily” lmao
lol you are correct, i would not fall for this
Scammers are getting really good these days but I think that takes the cake. Very impressive. Its a shame skilled devs are doing stuff like that, what a waste of skills
its like being able to run faster than usain bolt but using it to bump into people
@@peeteee or using shaq's strength to kill people instead of play basketball
@@peeteee A TRAIN BABY
its like being able to jump higher than a kangaroo but using it to crush people
@@peeteee I mean it’s average plus skill like it’s good design and all but also it requires very little functionality so mostly it’s about coping the design that is not too hard to do
the fact that he didn't even realize the backslash instead of forward slash speaks levels about how dangerous these scams can be
no, some people aren't braindead
@@rewrite1239 the changing the / to \ does literally not do anything. It’s literally just a piece of text that’s not used for anything.
Also changing \ to / automatically is bad design. What if the site actually has a resource called “/some
andom\file”
@@tonypatino1765 how the fuck is someone not realizing that backslash is supposed to be a forward slash braindead???
sadly did fall for one of these last month, and can tell you discord didnt give a shit xD
how do you even use a backslash
"Just take a look at the URL and you will see a few odd things..."
That HUGE danger sign looks convenient
Also love how he doesn't mention the backslashes in the URL of the fake popup. But on a serious note, this dude is doing God's work 🙏
Exactly, I can’t tell if he didn’t realize or just ignored it
same
same
@@baldability Honestly, didn't even realize. Too focused on narrating and uhh brain didnt work.
@@NoTextToSpeech Didn't notice until the comments pointed out aswell. These scams are really dangerous
Great job at describing how you can tell it's a fake pop-up, but you forgot one thing, a pop-up of the actual Discord website takes time to load, instead of this pop-up instantly appearing.
That's a good point. The animations were a bit off.
Maybe in like 5 years we will all have insane internet speeds and there will be next to no delay opening the page. We can only dream lol.
@@NoTextToSpeech it's not actually internet speed that matters.
1) WM animations. The window appearing would be animated
2) Any program, even on a very good computer, would take at least some milliseconds to load.
^ even with good internet, as it still requires for the browser to setup encryption and stuff.
It's important to note that even if that gives this scam away, it is not a silver bullet.
It is very possible for websites to replicate the delay and window spawn animation. So just because that trick works here right now, does not mean it will work in a few days or on a different website doing the same trick.
Great job at describing how you can tell it's a fake pop-up, but you forgot one thing, a pop-up of the actual Discord website takes time to load, instead of this pop-up instantly
@@NoTextToSpeech me with my 50kbps speed
Glad to see a honest to god legitimate explanation of a fairly sophisticated phish, instead of the usual fear mongering and outright lies usually spread on social media about Discord phishing. Need more of this!
Glad to see a honest to god legitimate explanation of fairly sophististicated phish, instead of the usual fear mongerig and outright lies usually spread on social media about Discord phishing. Need more of this!
I love how this guy explains so good and doesnt use music that bleeds our ears
Yeah the minecraft music in this video fitted so well to
who does?
You just have sensitive hearing. No one fucking doesn't. Get a life.
Thank you, NTTS. Thank you for making us aware of the phishy (I'll see myself out) Discord scams.
A reminder that this fake URL uses backslashes "\". It's supposed to be a forward slash "/".
@@ChannelsRed well if the scammer noticed it and change it to forward slash, if you don't pay attention, well, you know what will happen next... (I think u are smart enough to understand)
I read "NTFS"
Wait a sec, does that mean that I should change my Roblox password from kittenlover569 to something else before I click on the link to add the cute hot anime bot to my discord server?
@@vlaanx Aahaha of course not kittenlover569 is a great password haah
One of the oldest Steam Account scams finally moves to discord, love to see it
@War Room dont advertise
its only gonna get you dislikes
@@lelofahon it's a bot anyway didn't youtube nerf the dislike button?
yeah
@@stanleybochenek1862 doesn't matter.he ain't getting fans that way
i have a steam account with a lot of valuable DOTA 2 items and i have seen like 20+ of these pages for steam accounts from opening the links the bots send me. obviously i open them in virtual machine which makes it so difficult for any virus to escape that it is borderline impossible. it would require multiple zero days for each of the specific software i use
You can also tell it’s a phishing attempt because the whole authorisation is made on the official discord website and not on a third-party-site.
?
Bot account authorizing
Waht
It has \ \ instead of regular // in link and there is no authorization its just a coded square inside the website that looks like real chrome window
Not gonna lie, this would've caught me off guard. I was pretty lost until you pointed out the whole window not leaving the window bit and I went from "Wtf" to "OH SHIT YOU RIGHT!" moment. Thankyou for this!!
Another way to tell if the Popup is real is to check your programs bar on the bottom of the screen in Windows. If it is a real popup you should see chrome or whatever browser you are using showing two windows, the main browser, then the popup. Or just look for the popup in general if you already have more than one browser window open.
"Connection not secure"
As a web developer, I can say the explanation was pretty accurate here (and yeah "src" does refer to the source URL) - this particular tactic isn't limited to just Discord either; I believe other phishing scams have started to adopt the "fake browser window" strategy as well, so that's definitely something to watch out for.
In addition, it seems the developer of the login page _might've_ goofed up the loading icon for the QR code login method.
@twinqle I...literally coded a Windows 10 error message generator in PHP, and I'm currently working on several projects for various groups (in both C# and Java). -_-
And don't say I'm not a real developer either.
@twinqle I'd say you aren't a real developer either - only thing I've seen you do is Roblox game development (which i mean isn't bad, but). Of course, everyone has their own interpretation of who is and isn't a real developer, so if you really want to have your opinion shoved in my face, go ahead. I won't be replying anymore to this thread.
@@FairPlay137 He's probably just there to annoy you
@@iwant2tryhard337 Judging by that user’s comment history on this video I figured that was the case.
meh php is really outdated
Thank you so much! The part about dragging pop up outside of browser is super useful!
Asides from not carrying about details, that scam was actually pretty clever. I couldn't see what was going on until you mentioned that it was a fake pop up window.
Exactly when he said "so" ( 3:29 ) a wix ad popped up saying "question, would you build a website"
I just noticed on the 'scam' discord login page, they somehow failed to spell "Mobile" correct on the QR code area lmao
you'd think that given how accurate they wanted their scam to look they made a spelling error
lol same
Their brain didn't work properly
Mobiley
Ah yes, my MOBILY phone
This is actually a somewhat new phishing technique. Its called BiTB attack (Browser in the Browser attack) in cybersecurity terms. One can modify that embed depending on the target's browser and easily social engineer someone into thinking its legitimate, as it is very deceiving.
“new” have you ever seen steam scams
This man is the best youtuber ive seen and hes also so nice to inform us around these scams
This is so scary, because i always login on google and literally everyday
Thanks for the info:))
Thanks ntts for informing and helping us all. As someone who is kinda tech savvy most of the videos are not useful to me but I still love watching them. However you did make me fall into the trap of having 20 Rainmeter skins.
A subtle anti-phishing protection of password managers: The password manager will not autofill your Discord password on phishing websites. This lack of auto-fill can give users a few seconds to remind them which website they are ACTUALLY on.
Also, one thing that I noticed that is also odd is that, where it says "Log in with QR Code" below that it says "Scan this with the Discord *MOBILY* app to log in instantly". In the original it goes "Scan this with the Discord *MOBILE* app to log in instantly". Its a grammar mistake that is bearly noticeable, but still can give off if the website is a scam or no.
I just love the way he talks and explains everything, what a chad
Its absurd how many scams there are on discord and yet discord wont dont anything
*absurd
They actually did add some warnings for some suspicious sites to confirm you would like to go there, and they did add a warning with the QR code. So they have done a little bit.
they're actually doing something about it
its just that when a scammers thing gets taken down
its easy to make another one
@@irian3x3 shush, i dont care about spelling
they are, are u at a cave or smthn
Thank you for reminding us to keep safe, NTTS :> That outro was adorable I had to do a double take
okay, as a guy who is actually into cybersecurity.. these are a couple of good peices of advice u wanna follow... like the simple explanation and the advice its just great
you should try trolling scammers by spamming "@everyone" on as many username and password fields on pishing login sites
@Moxxie yep they use a Webhook in a custom server.
nah just put
if they have it on an embed, it's useless
and even if it actually pings them, who cares about pings I mean come on
They'll probably patch that method
You can find the webhook their using to send the usernames and passwords to their discord server if you check the websites source code, sometimes its hidden or it's in plain sight.
THAT IS SO SMART!
I’ve never thought of this.
Using Iframes to simulate popups is gonna be so effective.
Notice the backslash "\" on the fake URL. Websites uses "/".
theyve been doing this a long time ago, for steam too
@@ChannelsRed That means nothing, some actual web browsers do that.
@@linuxization4205 browsers which are stupid do that
@@XENON2028 exactly how are they """""sTuPiD?""""
please do one about this!! It's so easy to be fooled....
it's about a person sending server invites to people in dms while saying something along the lines of "check main chat" or "watch general", and when you do end up joining the server you have to verify with a qr code / go to a link and if you end up "verifying", your account is gone and used to do the same scam to fool your friends.
2 of my friends fell for it.
thx man, I sometimes get these scams, you are good when giving details.
Hackers are getting desperate now
This is how I almost fell for a Steam scam too. thankfully I recovered all my accounts (as all accounts had the same pass) and no account (that I'm aware of) got hijacked.
Edit: I did found out the window was a fake pop-up after putting the password. it was 11 PM anyway.
I've seen those Steam Scams for like 3 years. Now they're coming to Discord.
@@ZeyReal they've come to everywhere
gotta say, steam securityis airtight, saved my account from, well a scam ofcourse
I fell
Got to me last year, didnt lose my accounts fortunately
This is one of the rare occasions where using custom theming for browser counts as a security feature: no matter which browser or platform you are using this kind of attack will stick out like a sore thumb if you use a custom theme.
Thank you so much and you got 100K Subscribers CONGRATS!!!!
Let's go we got the MC music
POV: you are a scammer that somehow uses only backslashes
He could be a batch coder.
N
E


thank you for making this, now i know what to look for on weird "discord" links and stuff. etc etc
WOAHHH! These new scammed are getting TRICKY... so glad I watched this video, I'm sharing this with my friends!
5:59 instead of dragging outside of the popup window you can drag it to the url bar in your browser(Not the fake one), that way you don't have to leave full screen mode
As a web developer I know sometimes can be dangerous.
Yes
almost all websites with a login system (like CZcams and discord) have a setting enabled, that disables people from iframing their website
@@boem231 reread his comment. The loads another page on their server.
Iframes are not really dangerous if you know what you're doing
@@undefinedchannel9916 you're right, I edited my comment
as a soon-to-be a web designer i would absolutely fall for this if i was in a rush
what’s ur web gonna look like, will i see it in the upcoming spider-man movies?
Making a social media is way easier than trying to become a celebrity
Thank you so much for informing about this lmao ima subscribe and like.
Oh god, they finally realized what steam scammers has been doing for years, they finally learnt about the fake modal window
Another note on the fake popup login page: It says "Discord Mobily App." Keep up the good work NTTS
Yea I saw this around about a year ago as a Steam phishing scam. Was pretty convincing too so I can see why the guy that sent it fell for it.
Makes me sad when I see the normal crappy phishing scams now.
also a very good tip when logging in, is to go to the official website, log in, and then refresh the other login page. If its official, it will log you into your account (from the session you made from the official website)
Also, make sure that the pop up window plays an animation when it gets opened. If it doesn’t then that’s already a huge red flag.
adv congrats on 100k u will hit it soon :) u really deserver it thanks for saving our accounts
this guy helps so much and explains everything perfectly, im surprised he only has 100k
Use a theme on your browser that isn’t just dark/light. There’s no way a scammer can know your theme. :)
im pretty sure that websites can see if your using dark or light theme on windows.
@@JustJory they are talking about browser themes not windows
@@epicmines33 ohh my bad.
kiwi browser doent have those
1:45 And it's even funnier when you use a Linux distro with a custom GTK theme (that's basically your system theme with colors, icons and even buttons), and it shows a window that doesn't match your theme or even is a fake window in the style of Windows 10.
Good work, not as technical as I would like but I'm a huge nerd too. It's great that there's all this cyber-sec educational content these days.
bro chill, this is nothing too technical.
Nobody was being rude... it was just a statement
Beautiful man, you're the only one who could help me, I watched 8 videos and yours was the only one that saved me
I was instantly suspicious of how fast it opened and that it didn’t actually open another chrome (since there is almost always a short loading time when opening a new tab)
Also, just something small; you are always asked to log in before you authorize a bot, there is no scenario where you click authorize and then log in.
If you attempt to authorize a bot and you're not logged in, it will redirect you to the login page, not allow you to authorize it first.
True
THANK YOU SO MUCH THIS WAS EXTREMELY HELPFUL :D
Didn't know this, thank you. Will look out for it.
This is actually smart and scary at the same time. I could probably fall for this. Thank you
As a web developer, I can confirm src means source. 2:44
no shit sherlock
bro literally had minecraft open we could hear the music on the background xD nice video keep it up
Very informative, thanks for letting me know!
Another way to know if the account authorization page (where you click on `Authorize`) is legit, is to check if the domain is *actually* discord, and not anything else.
Unlike what 0:50 says, if an application wants to "access your account" make sure that it's the *discord* domain, and not *discordtrackers* , and not any other domain at all.
The point of this video is that this circumvents that so if you only rely on that it's not going to end well for you.
@@EragonShadeslayer My point was that the beginning of this video calls the "authorization" page (where you click on `Authorize`) that uses the discordtrackers domain legitimate, although the domain should be discord's official domain.
7:40 Actually I don't recommend using random characters. You should use something like Diceware, which is random words seperated with spaces. Much easier for a human to memorize and harder for a computer to crack.
Thank you for informing me! I could’ve fell for this scam easily cause I am used to loggin my account when setting up a bot and I could’ve lost alot of money. I own a server and I’ll inform my members about this. Thanks!
Excellent video. Clearly explained all the basics to get started on soft soft. Thanks
discord should buy all the fake url links and make them redirect to the official website
There will be a ton of variations of spelling discord and it's simply a losing battle for Discord. Also it's expensive.
I kinda wonder how the scam works in other Web browsers, at least if you use a user agent spoofer extension. I've a feeling the scammers are probably only spoofing Chrome as it's the most popular.
Edit: answered at 4:16
That is actually extremely smart on the scammers end lol
Really usefull, thanks a lot and keep up the good work.
I sadly fell for this earlier, I was adding a bot I saw in a technoblade reddit server and tried adding it to my server, it asked for my account information which is weird since it never happened to me before but I logged in and it instantly disabled my account. I wish I had seen this sooner :/
these scammers should burn in hell
bruh, they make this insanely convincing scam website but mess up the forward slashes in the URL...
@@zerobytey its even easier just have an with the fake link, and make that fake link change what link is said in the browser (since browsers allow that for some stupid reason)
i love that you've put the most relaxing / best music on the world minecraft
5:32 He has got a point. It wasn’t computers class, but I was using a website for information on my assessment. I could access it at home, but schools internet didn’t allow it. So I changed it to “The biggie cheez has blocked you.” Im just glad no one saw it.
Got my discord account hacked right when summer break happened. I felled into on of those fake discord add-ons in desperate for revenge for my friend leaking my public ip (yes, I was really that salty over my friend leaking my public ip despite it having no real consequences). Ended up getting a bunch of things in return for downloading it.
1 - A unusable gaming pc
2 - Discord account hacked and being used for nitro
3 - Loosing almost 200 USD
4 - PayPal account info getting stolen
I was able to get my gaming pc usable again but the windows accounts were hacked and the passwords changed. And once I did actually fully stop it, my main windows account had the anti virus destroyed, left me feeling paranoid for 3/4ths of my summer, took over a week to get my stolen money back (from discord support), and more other things. I just factory reset my pc during the ending of summer break just to make sure the virus wasn't still roaming around on the computer. I am much more open minded and thinking before I do both online and offline (mostly online). Discord really needs to fix their security problem.
7:17 how did you know my password
Helo
big ass shit (from my arse) not my ass.
i've fallen for a steam scam like this once, first scam i fell for in like 10 years
Man, That Saved my Discord account. Thank you so much!
hello! i have question. in link they used "\" not "/", cant they use / ? or they can
they can, the scammer just less smart than you thought i guess
That's a pretty easy fix on the scammers' part, if they know what they're doing and they are not just copy/paste script kiddies
Well the scammer for this website is just an idiot. They can easily switch it to /
I like how he did not point out to pay attentipon to the backslashes being incorrect and that normal URLs have forward slashes lol
This is actually the first video on youtube I fell asleep from.
Finally someone explain and recommend random letters and numbers passwords, like these are the best passwords to not get hack. Even if it hard to learn it you'll get there eventually, just try write your password many time. Anyway great video!
is it me or do i hear minecraft music at 4:21
You do
We all hear mc music
Lol Mobily, 3:35
One of the best phishing scams I've seen so far
Thanks you man for sharing this stuff.
one quick fix is to just block all popups, unless you actually care about popups...
Can't do that on mobile
@@Emily_Bondevik_Official than use commen sense on mobile and a blocker on pc
This is not a popup in this case, so this solution won't work
this isn't a real popup so that won't work
just check the link isnt had
1:02 anyone except for me noticed it says "...Discord mobily app..." below the QR code?
I didn't notice and nice 🙈 you got dam eyes 😂
THANK YOU SO MUCH! I WAS JUST ABOUT TO LOG INTO MY DISCORD. SO I DOUBLE CHECKED TO SEE IF IT WAS THE REAL SITE
Thank you for the Nostalgia Musik 🎶
Worth mentioning, even for those who look at the url bar, should look at those slashes. Normal url’s will use forward slash. However the fake pop up you showed was using backslash.
I love how Volume Alpha is the background
yo thanks ntts, I just got the same exact scam but with steam and without for your video, I 100% would have fallen for that shit.
Thanks for the vid bro!
1:55 words cannot descirbe the facial expression I made when I realized that that's not a pop up when you tried to drag it out the broser tab
A phishing scam I could have fallen for, hmmmm...... well, thanks for the info!
i just love fact that in every video like this there must be something from Minecraft
music/gameplay in backround etc
It’s funny how, at first, I heard you say that the ‘/login’ part was for like PC, so I thought it was unused except for the embed. I visited the website on my tablet, got like a million reports, and then instead of popping something up, it just pulled up the website.
thanks so much! embarrassed to say i would have totally fell for that, LOL