Discord and how to stay safe on social media

At OpenSea, we’re constantly working to improve trust and security in the NFT space and ensure that users feel confident in connecting with us across all of our community channels. However, for the security of Web3, users need to be vigilant and protect themselves on Discord and other third-party community platforms.

How to stay safe in discord

On OpenSea’s Discord Server, you’ll find several channels where you can hang out and discuss the latest NFT trends with your fellow community members – and we encourage you to get involved! That said, when seeking help from OpenSea support representatives, we recommend reaching out to us through our official OpenSea support channel, support.opensea.io.

When engaging with the larger community in Discord and asking questions, always be careful. All OpenSea staff and official discord moderators can be identified by a green checkmark In front of their username (see below).

All OpenSea staff and Discord moderators have a green checkmark in front of the username.

And again, for official customer support, please contact our 24/7 support team at support.opensea.io.

As a general reminder, OpenSea staff will Never:

• First send DM to you.
• Ask for your crypto wallet seed phrase.
• Ask to see your crypto wallet QR code.
• Ask them to sign a message with your wallet or send you a link that asks you to sign a message with your wallet.
• Ask them to verify your identity in any capacity, e.g. There is no link to any external website to login.
• Invite you to a different discarded server.
• Ask them to transfer cryptocurrency or NFT on their behalf.
• Ask them to click on any link other than support.opensea.io, twitter.com/opensea And twitter.com/opensea_support.
• Ask you to scan a QR code for collection verification or technical support.

An example of a suspicious discord DM request.

If you’ve been receiving one of the requests listed above, this is probably a suspicious request. Please report the sender to Discord.

Safety first: best practice

Below you will find a series of best practices for Operational Security (opsec) that users of all backgrounds should maintain regularly. Constantly hanging out with bad actors – even the most experienced Web 3 users can fall victim to scams and phishing attempts across the community ecosystem.

1) Avoid DM

We recommend that to you Block DM For dispute. Not so:

1. Right click on the server logo.
2. Click on “Privacy Settings”
3. Disable DM.
4. If you want to be extra careful, you can disable all direct messages on the server by default.

You can disable all direct messages by default in Discord Settings.

In general, most scams and phishing attempts start with DM. Doubt any requests from strangers and always check them out. This applies to other chat apps frequently used in the Web 3 community, such as Telegram and Signal.

2) Be careful at the request of a friend

DM3 will be off by default on Web3’s most popular Discord server. In this situation, the only way DM can be located is if users are already connected through an existing conversation, or if another member (criminal or not) issues a friendship request.

Pending: Where friend requests can be viewed, accepted and deleted.

If you want to connect via DM, it’s best to verify and confirm who the other party is. You can take a screenshot of their request and confirm it with that party directly via Twitter or email.

3) Do not click on unfamiliar links or download unknown files

This tip is as old as the Internet but just as relevant on Web3

Avoid discord or elsewhere, clicking on unfamiliar links and downloading files as they may contain malicious scripts that will compromise your account (or worse, your device). Be highly suspicious of any request that requires you to install or run a program. Even a simple task like installing a bookmark can compromise your discorded account.

4) Use timestamp-based two-factor authentication (2FA)

Discord offers SMS as a method of 2FA. However, receiving 2FA via SMS is a potential risk vector if your phone’s SIM card is compromised. It’s best to use a timestamp-based approach to 2FA with apps like Google Authenticator. You can toggle it in your Discord settings.

Be sure to enable timestamp-based 2FA with apps like Google Authenticator or Authy.

In general, if possible, you should apply timestamp-based 2FA to all your major Web 3 apps.

5) Use multiple accounts and devices

Discord recently unveiled a new feature that lets you manage multiple Discord accounts on one device. If you are a member of different Web 3 communities, using a dedicated account for a specific server is an effective way to reduce the risk. One step further is to use a dedicated device for discord. For example, you can install Discord on an older smartphone and log in to your Discord account through your browser.

You can now manage multiple accounts in Discord. Right click on your profile photo to switch accounts.

What should I do if I am compromised?

If your Discord account is affected, please contact Discord and create a new account.

If you think you’ve clicked on a link to a malicious website or scanned a malicious QR code, we recommend installing A new wallet, and your items are being removed as soon as possible.

Contact OpenSea at support.opensea.io for official customer support.

If you see anything suspicious, please let us know.

The post first appeared on the Openness Blog on how to be discordant and secure on social media.

https://ift.tt/EQBHy2M

Baca juga

• Abbott and Costello have immortalized their legacy as NFTs
• Telegram gears up to launch its on-board Web3 marketplace
• Upcoming Drops: October 24-30