Spam is a problem almost as old as the internet, and it's one of the biggest problems in web3 today. From automated bots to armies of coordinated humans working together, spam is a real problem, and unfortunately, it looks like it's here to stay.
Besides irritating your community members, spam is also a significant drain on resources, taking up business development, community manager, and moderator time.
In this article, we will talk about some of the most common types of spam within Discord, with a specific focus on customer support. We'll advise you on preventing it so your team can get back on with growing and supporting the community.
Let's jump into it.
Types of spammers
A wide range of spammers operate across the internet, and Discord is no different. Ranging from bots with varying degrees of sophistication to real humans working alone or in large groups. Although automated spam prevention tools can help stop unsophisticated spammers, it can be almost impossible to stop when groups of spam/malicious real individuals enter a server.
Discord does have a proactive spam filter and clearly states spamming is against its terms of service, but it's still a huge problem and puts off many new users.
Most common types of spam
When it comes to customer support, there are three common approaches scammers usually take:
Direct messages (DM): receiving unsolicited DMs is one of the most common forms of spam on Discord. The contents of the DMs can range from spam links or adverts to more subtle social engineering mechanisms. In the context of customer support, DMs can be an extremely effective way for spammers to trick your community into handing over personal information. They will typically ask a user seeking help to 'DM me' and will have copied a legitimate moderator's profile and username to fool the community member.
Spam Links: posting links to other discord servers or external URLs is another common form of spam with a wide range of implications, from ads to malicious links trying to trick users into signing messages and compromising their wallets.
Spam support tickets: users will often create either one or multiple tickets and not write anything; this can be a nuisance for moderators. Some spammers will also open tickets using multiple profiles fishing for whitelist spots or airdrop hunting. There have also been several instances of users creating tickets and then adding attachments that contain malware - the idea being to compromise one of the Discord/company admin's computers.
How to prevent common types of spam
No spam prevention tool is foolproof, and we suggest a multi-faceted approach to protect your Discord server and community members.
Spam prevention can be broken down into two key elements:
- Discord setup
- Community & moderator education
Getting your Discord correctly configured is the first line of defense. Here are a few simple things you can do to help protect your community.
- Invite permissions: Configure your Discord server not to allow users to invite other members; using only official links enables you to add a recapture or verification process before the user has even entered the Server. At this stage, a ReCAPTCHA spam bot is the most commonly used type of bot.
- Verification process: Once users are in the Server, you should have a spam bot that requires users to confirm they are human and ask for members to accept the server rules. As your Server attracts a bigger community, it's worth making this verification process more advanced and adding a few steps to prevent more sophisticated bots. Some example bots include Wick Bot or Double Counter. In addition to using a third-party spam bot, you should also ask users to confirm they understand the server rules, this is an extra step, but it is another way to make it harder for spammers to enter your Server.
- AutoMod: using Discord's new AutoMod tool enables you to create custom lists of words that the native bot can scan for and intercept to help protect the community.
- 2FA: everyone with control or admin rights to your Discord server should have 2-factor authentication on as standard. It could help prevent bad actors from taking over your Server or compromising a profile.
- Use a customer support ticket bot: using a customer support ticket bot such as Mava, will ensure your community has a secure channel of communication with the team. Moreover, bots like Mava have automations that can not only identify spam support tickets, but also help users resolve their own questions to reduce the time your moderators need to spend supporting the community.
- Slow mode: enable 'slow mode' to limit the number of messages members can post or activities they can take for a certain time after entering a server. It's worth noting that this feature can irritate legitimate users.
- Role profiles: create tiered role profiles with different levels of permissions depending on the role. For example, you can restrict only specific role profiles from posting links or accessing certain channels. This can help protect your community and incentivize good behavior. Bots such as MEE6 can help auto-assign roles within your Server.
- Category/Channel permissions: configuring channels and categories will help improve your communities' experience and keep them safe. Ensure that all roles work as intended by pressing 'viewserver as role' in the role settings section of Discord. This lets you see what that user would see if they had that role. More information about categories can be found here. Threads, particularly private threads, can expose your users to risk. Correctly configure your permissions so only admins can create and use private threads.
Community & moderator education
Education can be broken down into community education and moderator education.
Let's take a look at some steps you can take to help educate your community to keep them safe. Most web3 communities have a wide range of members, from OGs to total crypto newbies. Their level of knowledge when it comes to security and all things web3 will also vary dramatically.
- Onboarding channels: You should have a clear and consistent onboarding process for new users, including helpful tips on protecting themselves. We suggest having a 'welcome category' with channels such as 'Start Here', 'Official Links' & 'FAQs’
- Start here: this section should include a concise description of the project and a warning never to DM any team members or accept DMs from any of the moderators or team, as well as what users should do if they need support.
- Official Links: you can include all socials, website, third party marketplaces/trading venues (e.g. Opensea), and all official smart contract addresses (if applicable)
- FAQs: you should have a clear FAQ section with a description of the project as well as a link to a clear and comprehensive list of frequently asked questions. You can include the FAQs within your official links, but making it more obvious can help reduce the number of unnecessary questions for your moderators.
- Highlight risky action: if users share information that should be shared privately (e.g., personal info), quickly delete the message and inform the user to open a private support ticket with a tool like Mava.
- Report Scammer channel: encourage your community to report scammers to the team so they can be blocked and see the types of spam and scam attempts made on other community members.
Moderator and customer support education is key to keeping your community happy and safe.
Here are some tips to help you get started. For more information, check out this article (10 Customer service tips for your web3 startup).
- Create a high-level communication guide: it's normal at an early-stage organization to decide on the 'tone of voice' and communication guidelines as part of brand strategy. Instead of developing this only with the marketing team in mind, think about how this should feed into customer support and ensure everyone within the organization is aware of this. You should think of customer support as an extension of your marketing team. A consistent communication approach will help your community differentiate between legitimate, trained moderators and people trying to impersonate them. It sounds subtle, but if your community is used to a specific communication style from the whole team, it can be much easier to spot when something isn't right.
- Never DM; use a customer support ticket bot: your moderators should not be asking users to 'DM' them. This instills risky behavior within your community and may result in someone being fooled by someone impersonating an official mod. Instead, it's better to move business development, collaboration requests or support questions to a private channel using a ticket bot like Mava.
- Make the team aware of common scams and social engineering techniques: ensure your team knows common types of scams and has configured their Discord to be secure.
- Avoid sharing links: the team admin should keep the 'Official Links' page updated, but links should not be shared within communal chats. This increases the risk that a user clicks on a link shared by a malicious actor in error.
Spam is a significant problem in Discord and web3 more broadly, with spammers using increasingly sophisticated techniques to fool your community. It will always exist, but you can help protect your community with the right Discord configuration alongside community and moderator education.
Using tools like Mava can help you detect and prevent spam, monitor your team's performance and protect your community from bad actors.
If you are looking to start or scale your customer support across multiple channels (Discord, Telegram, Web chat etc.), don't hesitate to reach out to Mava, the only customer support software natively built for web3 organizations.
Are you running a community-driven company? Mava’s AI-enabled customer support platform enables you to support your community across all your favorite community channels. Learn more