Free Discord Nitro Phishing Targets Steam Users

Free-Discord-Nitro-Phishing-Targets-Steam-Users

A new Discord phishing scam offers a free Nitro membership if a victim attaches their Steam profile, which the cybercriminals then exploit to steal game stuff or promote other frauds.

 

The phishing scam is being carried out by a large number of Discord accounts managed by threat actors or as automated bots that give other users links to what is ostensibly a guide on how to get free Discord Nitro.

 

“See, here’s free nitro for a month, just link your Steam account and enjoy,” the phishing emails sent to Discord members stated.

 

While this appears to be a promotional effort (apart from the grammar), the links direct users to a phishing site disguised as a real Discord page touting the Nitro function.

 

When you click the “Get Nitro” button, a phony Steam login form appears that looks nearly comparable to the actual one.

 

In actuality, the pop-up opens a new window immediately on the phishing website, and any Steam credentials provided are transferred directly to the scammer’s server.

 

When users try to log in, they are presented with an error message that says, “The account name or password that you have given is invalid,” prompting them to log in again.

 

This technique of double-verification assures that no typing errors occurred throughout the phishing procedure and that the stolen details are valid. 

 

Also Read: 8 Ways To Streamline Your Customer Outreach Strategy

 

Nitro As A Bait

 

Discord Nitro is a premium membership option on the famous VoIP and instant messaging network that includes plenty of desirable account customization, content sharing, and server boost advantages.

 

Nitro has become so popular that malware variants have been disseminated using the same hook, and ransomware gangs have asked for Nitro gift vouchers in exchange for a functioning decryptor.

 

Threat actors utilized a “free game” as bait in that scam to present users with a bogus Steam single sign-on page.

 

1nitro.club

appnitro-discord.com

asstralissteam.org.ru

discord-steam-promo.com

discordgifte.com

discord-ticket.com

discord-appnitro.com

ds-nitro.com

nitro-discordapp.com

nitrodsgiveaways.com

steam-nitro.online

 

Similarly, phishing lures are always evolving, with new lures designed to entice gamers with the promise of something for free.

 

That being said, users should be wary of any messages offering to give something for free if they click on a URL when using Discord.

 

Outside of the platforms, nothing is available for free, therefore if Steam and Discord conduct a promotional campaign together, it will be visible on either of the respective official apps/websites.

Also Read: The Pros and Cons of Social Media in the Workplace

 

By IEMA IEMLabs

IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.

Leave a comment

Your email address will not be published.