@@Jonmcb then imagine its a drain cover, one of these models with holes in them and that below it is the main sewage system of your city. then each of these flaws act like an object thats allowed to fall through the holes of the drain cover because the holes had been made too large for there purpose.
Discord's support specifically is just braindead, they don't read what you say - they reply with copy-pasted answers - they ghost you and it takes FOREVER to get past L1 support. Just pray you never have to interact with it.
@@giorgiobrux344 yup, it's actually a lot better to ask for help on reddit or in a random discord server, actually, the discord server you have open at the time it's a better option on like, half of the shit it's gonna happen with discord
Me and my friend were victims of his scam (We shared account passwords with each other for personal reasons) and both of our skyblock profiles were taken over. I am happy big youtubers like you are acknowledging this scam.
i had it 20 days ago abd it was exactly how he says it and i just waned to get on a hypixel community server and the EXACT SAME VERIFICATION TEXT was there.. and i did it.. now i have to play cracked minecraft intil i can fix this🫤
Hi, i'm the person at 2:11 named __alexx. Literally watched this video earlier and didn't notice my name until one of my friends just DMd me about it. That person specifically actually invited me to an NEU copy server, so I reported it in the real NEU server. The server got banned a couple days later. Didn't think you guys would see it lol
Correction at 09:50 . You dont need a bot to ban someone from your server even though they've never been on it. All you need is developer mode active, and the users user-ID on discord. Then using basic discord commands and the User ID, you can ban anyone. As long as you have their User ID.
@@chrissametrinequartz9389 True fair. Makes sense, since as a scammer you probably do want to run an autoban list to avoid the owner of the legit server to report you.
Not gonna lie, getting rid of the Trust & Safety form was arguably one of the worst updates Discord has done, and the fact that you would have to bypass a ban with a VPN or whatever with an alt, makes things harder.
no it actually is wrong 2FA. texting/email second factor has always been flawed. if you want to be immune to this attack you have to enable google-authenticator (not authenticator which is from ms, this is tricky because ms tries to persuade you to use their app which has the same flaw) and either set the code with google-authenticator or any of your trusted password management apps (1Password, Bitwarden etc). if you have google-authenticator style 2FA set up, you can disable getting emails, notifications, texts with the code and instead you always have to proactively look up your code. with other words the attackers cannot make any communication by MS to be send to you.
12:47 another way to find scams is to look at the date the members have joined discord or the server, if there are too many users joining on the same date, it's a scam or looking at mutual servers with some of the members (namely someone famous) and checking their profile or activity on the other servers is also a giveaway
Thank you for covering that topic, I'm also getting approached so many times about "I got hacked, what can I do?" And i always have to tell them "nothing". Maybe this helps spreading awareness. Also thank you for trying to contact Microsoft/ Discord, I really hope they resolve the issue 🙏
not absolutely nothing, i know im optimistic but im not stopping till i get this shit bakc. it's not even my account, it's another guy's account which i dont even really like im just spiteful
despite the fact that i consider myself pretty tech savvy i almost fell for this scam and only managed to sus it out because the Microsoft email didn't explain what the code did and so i looked it up.
i wish more people would just look stuff up, that would solve so many problems. the official website/email may not say what the code is used for but if many semi trust worthy places warn against it then you would realize that you should reconsider what you where doing that lead to recieving the code without having asked for it.
I just want to thank you as earlier today something identical happened to me. Had I not watched this video before “verifying” my account, would have lead to me being thoroughly screwed. Scared the sh*t out of me when I could relate so closely to the vid. Love your content and what you do, keep it up! ❤
I'm incredibly impressed by the effort you've put into this, because just some surface level experience with modern tech support from companies trying to spend as little on these channels as possible makes you understand just how insanely frustrating this is. Best of luck with it, screw the enshitification of the internet
This happened to me like 6 months ago by a verified discord sever but I got my mc account back by signing in Microsoft with my windows key, changing the email back to mine and then kicking the scammers off my account with one of the tools in the Microsoft account then I changed all passwords and haven't had a problem since. But unfortunately it took a while to figure this out and my skyblock account got deleted with 500 plus hours. Hopefully this comment can help you guys out if this happens to you.
This actually kind of happened to me: someone from Hypixel said I could have a rank, invited me to their party, and then told me their discord. They then sent me a server, I joined, and then clicked verify, and then realized it was probably a scam, (it was exactly the same as the one in the video, asking for username and email) because I have never seen a verification process like this, and it was for a Hypixel rank, which is very fishy, I didn’t put in my username or email because I don’t know what hackers can do with that nowadays lol
@@natedor7739 They could be annoying if they know your email address, but unless you arer willingly giving away requested one-time passwords (like in the examples of the video), the password is laughably easy to bruteforce, or something like that (like using the same username or part of the email or smth) they shouldn't be able to get access, in theory. It's still not a good idea to share these to people you don't trust though...
I just lost my five year old Skyblock profile to one of these. 40b networth gone in less than an hour over a small mistake, it can very much happen to anyone, so always be cautious
While I myself have never been in a situation like this, I am glad to hear that people like you are working to prevent it! You guys are awesome, so keep at it!
I've tried this multiple times since I have fallen victim of this scam as well as many of my friends to recover the account through Microsoft support. They always say that since it is already in the hands of hackers, they may have your personal information and can hack you again, so they lock your account to be safe. Best thing to do is to accept that it's gone and move on.
Just because they yave your personal info doesnt mean you cant just change your email and account passwords and be safe. That support was just lazy and took the easy way out.
Great Video! Sadly, the last part isn’t really true. I had this happen to me and if u don’t have an Xbox-console linked, the account is pretty much gone. I was in a chat with the support and wrote emails for 3 weeks and the best they could do, was to disable the account. I even had the Minecraft purchase ID, which was bought on the account but they said that wasn’t enough
my brain decided to shut off one day and being a cyber security student i still for the otp shit, though, i pulled my account back from them within minutes so no damage was done and have been trying to gather information on the inner workings of the groups. Im glad someone made a video on this
what i found interesting was the c&c server hosted on digital ocean, which, we should also be able to report those servers and have digital ocean take them down possibly. I still have the ip of the c&c server that logged into my account before i pulled it back thankfully within minutes of it happening. I also got to talk to one of the scammera who wanted me to join him in scamming and attempted to use it as an opportunity to find the source code for the bot itself, though, he didn't budge
anyone would fall for targetted phishing + a fake well made website, think about the number of times you download something that an irl friend or family member sent you. Well..what if they had been hacked and by clicking on the thing you downloaded a virus ? However I agree that if you fell for the verification scam more than once then you are mentally challenged
10:42 "Yes, because fighting against scams doesn't make us money, but if you fight against scams by purchasing vanity links, that does make us a lot of money" /j
The reason why Discord and Microsoft don’t care is that it costs them more money to fix the problem, than it does to ignore it. Microsoft and Discord both have virtual monopolies in their respective industries, so they don’t need to worry about users leaving, as 90% will think it is too much effort.
@@Scyborg832discord was created ro be an alternative to facebook and skype. Because people were fed up with the bad service of onr and suppression from the other. Eventually someone is gonna get so fed up with discords crap that their gonna create one. Once it takes off with youtuber or word of mouth help, thats when discord and microsoft get hit. Its not an if, only when.
my idea to solve the discord url problem is to allow verified discord servers to own more than 1 url and claim already taken urls that can be associated with the original server
i have a bigger problem, idk how i buyed minecraft with a mail, and now when i use that mail it's saying that i didn't create one and i didn't buy minecraft (after the update) so now i'm stuck with a new account and i can't do anything
Just want to say, even if a discord asks you to join an mc server to verify, It could be similar to a Restorecord incident (See No Text to Speech about it). After they get your IP they could use extortion for irl money or skyblock stuff. VPNs can work but not everyone has it. So just double check the discord server.
This just happened to me last month, and i lost all hope. However, I contacted Microsoft support and got my account back, and the guy who stole my skyblock account added 18 billion coins worth of items to my account instead of stealing all of my items. Unlucky for him, I guess
@chrisss4721 I reported it to Microsoft Support, and gave them as much info as I could. It helps if you have your account linked to an Xbox somewhere, but after you do that, all you can do is wait.
The fact that we have to even deal with these problems is just disgusting. People have nothing better to do with their lives than to scam and ruin the lives of others, whether it be because they're too lazy to get an actual job, or just they're bad people, it's just not a problem that should exist.
Great video! As owner of a big Skyblock discord I see tickets of people getting scammed like this every day. I appreciate you making people aware of the scam!! Sad truth is, people getting scammed by this usually don't watch quality youtubers like you (:3) and many would probably not even read the email with the code, even if it had a big THIS IS A SCAM on top. I think the best way for discord would be to work closely together with the community to quickly adjust features when new scams appear or to let the real owners quickly report fake discords. By the way, those scammers usually have a user bot in one of the real servers and just copy over the messages sent there (since you wondered how that works) Oh and thank you for the kuudra gang reference lol🙏 See you :)
This is why identity and access management is so important! People always overlook it, but it’s such a fundamental cornerstone of modern computer science, and when done incorrectly, allows for so much harm to be done
I think the biggest problem is just that the email says single use code instead of just password reset code or something like that. I once fell for one of these scams it was very painful too see all my bedwars levels, and everything i had grinded for, just dissapear right infront of my eyes. I definetly wouldnt have fell for it if the email just said that it was a password restet code. I never got my account back because its basically impossible, But i bought a new account, and now im higher level on my new account. Also great video dude, very well made.
I'm really glad that one of my favorite UA-camrs made a video explaining this type of scam. My account was stolen this way and I wouldn't want it to happen to anyone else.❤
I had this happen to me 2 weeks ago, was queueing f7, got invited to a discord server where i saw tons of vcs with actice looking members scamming all floors of dungeons, got the verifying scam message, told the guy hosting the party that i aint doing that and he had the audacity to send me a link that sent me to microsoft that very clearly asks me if i really want to give access to my account to this rando. So anyway i laughed it off and wasted their times.
3:00 Weird, normally they make scammed victims part of the staff team, even the owner of the server, if it eventually gets taken down, so the original account that created it doesn't get banned.
I got my account hacked a while back. It wasn't all bad, I learned a valuable lesson for a far cheaper price than most would have, and on my new account I made it further in Skyblock in a few weeks than my old account did in years.
I moderate a large MC server (~9k players), and we've had waves of people advertising servers like this. Lots of people sadly fall for it. I've seen people in game saying "BAN ME" and also saying the scam at the same time, presumably since they've realized someone is on their account.
I got this scam too. Thank you for addressing this. Watch out anyone else for this scam to everyone else, and don't sign in to your microsoft account if you are verifying to a discord server.
Funny enough, I almost fell for this exact scam about a year ago, two factor auth saved my account though, so glad I have it on. I'd highly encourage you turn this on and share this video with others
I think the best way is to made a proxy who add a "vérified" text to the official Microsoft address, so even if the page does not open in your browser you can see it :)
My friend got hacked like this too and somehow got his account back after a lot of work and when he logged back into skyblock, he had a fully maxed divan armor setup that he never had before. Maybe the hackers just want to progress for us…
They were so confident they had the account they didn't even bother transferring the stuff I suppose. Saying your friend was lucky would be an understatement.
Correction in the boosts, basically people create tokens with a discord promo nitro link, and boosts the server for 3 months, and only costs about $7 usd roughly, can be more and can be less but mainly around that rouce
correction: all bots have been replaced with apps, you cannot fake the bot tag, even webhooks have the app tag, a reliable method to find if the bot is real is if its verified, but that would only work if the bot is in many servers, so for single-server bots, you basically have no hope to spot if its fake unless if you know the tag of the real one
i randomly got 1 of your vid on my feed and wondered if you had uploaded any new vids like genuinely excited to see this vid posted 5hrs ago very pogchamp
Great that you tried to do something against scammers in an effective way. You just saw the problem and tried to make Microsoft and Mojang fix it. This is honestly great Engagement!
Here's the thing - the moment you let users report servers without being on them, you'll drowning in reports yourself. Trolls, scammers, bot armies, people who just want to pi$$ on your day, all this haven't gone anywhere. So yeah, do be wary of what you wish for.
tbh I been dealing with scammers for so long and never once in my life fell for that and I still comprehend how people fall for scam in the first place. It's just to weird to me
As someone who got scammed 11 times in many different scenarios I can explain that the feeling is because "what if" the person was legit and I was actually getting 500m? It's just too big of a risk to not take
I just realized, I don't think the previous generation is being taught ANY internet literacy (orrreallyanythinghonestly) like we did. That's a shame lol.
I actually used part finder 2 weeks ago to see someone trying this, it seems to be a common thing there. Difference was the verification scam started with asking just for a name, then it 'fails' and asks for mail
Hello people, unfortunately I was scammed as explained in the video. However, I found out the email to which my Minecraft account is now connected. I also know the changed name of the account. Can someone write how I can do the same as the scammer since he only had my email and the MC name. Unfortunately, Minecraft support couldn't help me.
the craziest thing is microsoft seems to think nothing of it when your username, password, backup email, all change in 1 second, like thats crazy to me as a developer, what a bad design, makes me think if its intentional.
Lost my account to this scam while I had a cousin over. Love when Microsoft tells me to sign in to my account and change the login, despite telling them I can't log in because the account is hacked. They've had my account for a month, and still no fix
i also fell for it and i contacted microsoft support, they said that they cant help me if i dont know what the email the scammer used is. The thing is i knew it and provided it to them, they never responded
I have been hacked through a discord server a week ago or so and lost my minecraft account and my microsoft account because of it. Microsoft support couldnt help only permanently suspend it so the hacker doesnt have more acces to it... im 18 btw... i feel like a little kid who got his candy stolen.. Had to re buy mc and stuff.. also lost all skyblock progress 4b coins etc.
I appreciate you for making this video since I am also a victim of the discord scam. If you could make a video shedding some light on the problem with recovering our Microsoft accounts that would be amazing. I am saying this because me and countless other people have lost their Microsoft accounts due to it getting stolen or hacked and Microsoft's support feels quite lackluster and just ends up leaving people who just want to get their accounts back pretty upset.
Got my 8 year old account stolen like this, after 15 support conversations and HOURS talking with them, they all gave me different answers and negelected me. Then eventually they finally emailed me and said hey we know your account was hacked and we will lock it forever instead of actually giving you acesss to it and we wont do anything about it.
Hey, Cybersecurity enthusiast here. I'd like to point out this form of trick is called account theft or account stealing. There is no form of "hacking" involved 0:19. Also, I would not consider this a "Virus", rather a generic RAT (Remote Access Trojan) which allows the perpetrator to remotely acess your computer from theirs, or a command and control center 0:50. 15:16 is a really good resource! I'm not going to nitpick every little part of this video, good job.
its crazy how easy it is to fall for this without know about it previously. Just got back into minecraft and almost gave my account away in like 1 minute, knew it was suspicious when the guy trying to get me to do it, keep edging me to join and verify....
I got scammed with an exact same method with hypixel skyblock dungeon party around three years ago. I got robbed and permanently banned from hypixel because of that. Took me two long years to aquire a pardon but I will forever warn others about this scam.
like the biggest problem is the email, they should add a section titled: "IF YOU DIDNT REQUEST A SINGLE SIGN IN DO NOT GIVE THIS CODE TO ANYONE, THIS CODE IS ONLY TO SIGN UP FOR YOUR ACCOUNT." becuase when i got scammed he started pressuring me saying we are waiting in vc and so on, so i was like ahh its probably safe and i didnt read the message that says its a single sign in code.
Me and my friend fell for this scam a few months back, we were in Bedwars and we got added to a server by this guy who wanted up to play 4s, he invited us to a discord server and we had to verify using our accounts, we typed in our email and username and they had a bot pretend to be Microsoft and email us a code that we were to put in the discord bot, (I found out how it worked while talking to the hackers it basically resets your password and email and changes it without alerting you) anyway after being unable to get our account back with the way the hackers offered one of them dm'd me later saying they felt bad and returned my account but kept my friends bc it was a lot more valuable. He just ended up looking for the receipt that he got when he bought mc and used that to prove it was his account and deactivate it so he can regain it
You see, there is actually a good reason why you can only report a server if you're on it. Because otherwise all those thousands of bots the scammer uses to populate the fake server could just keep reporting *your* server to ensure a constant influx of victims. At least now they need to actually get accepted on your server as members to do that. That said, I won't argue that Discord support is... subpar, and their usability follows the trend.
I fell for one of these scams a few months ago and they changed my account email and password, but luckily I got it back within 3 days after contacting Microsoft support and giving things like the accounts most recent emails and addresses.
Someone once tried to get me to verify my account on a fake Cchloe server when I was selling a term. Luckily I knew better but it’s scary to think about what would happen if I didn’t.
So you're telling me that when I try to sign into my account to fast or on another computer it gets locked and I gotta verify through my email or phone number. Someone else does and 👌
I think I will never feel more stupid than when I fell for the verify bot scam. Was about to stop playing back when that happened, luckily, and I also managed to get Hypixel to ban me from their server and Microsoft to block the account.
When it happened to me I proved ownership but they said that the scammer changed the security information, so they couldn’t do anything but lock the account…
I was phised a few years ago when i was new to minecraft. It was probably a good thing because now im not as gullible. The funny thing is that my old account that got hacked tried to phish my new account lmao. It was kind of annoying when the hacker tried phishing my whole friends list and guild.
As someone who actually fell for this scam for the literal EXACT SAME REASON that tyler stated in this video(I hate monkey finder) discord really need to up their security and moderation. R.I.P to 1.3k hours😢
Yeah, but the graph is probably inaccurate. The younger generations are assumed by the people teaching them to be tech literate because they grew up with technology. However, I don't think watching and interacting with social media all day counts as being tech literate. Unless they have read about it on their own, or are experienced first hand on scammers, they wouldn't even think about this sort of thing especially if schools do not teach them about it.
It's crazy how a chain of inconspicuous bad designs can lead to such an issue. I really appreciate your effort!
Its pretty common in a lot of areas actually, often called the "swiss cheese model"
what if you like cheese
@@Jonmcb then imagine its a drain cover, one of these models with holes in them and that below it is the main sewage system of your city. then each of these flaws act like an object thats allowed to fall through the holes of the drain cover because the holes had been made too large for there purpose.
(._.)
Discord seems very incompetent. Mobile app is terrible now, and they don't want any feedback. Sad.
They actually support the scams since it's a big part of their income, doesn't matter how much proof you give them, they don't delete the scam servers
Discord's support specifically is just braindead, they don't read what you say - they reply with copy-pasted answers - they ghost you and it takes FOREVER to get past L1 support.
Just pray you never have to interact with it.
@@giorgiobrux344 yup, it's actually a lot better to ask for help on reddit or in a random discord server, actually, the discord server you have open at the time it's a better option on like, half of the shit it's gonna happen with discord
They just want to make a whole bunch of money and then sell out, and become publicly traded
new mobile app was terrible at launch, now its fine lol
Me and my friend were victims of his scam (We shared account passwords with each other for personal reasons) and both of our skyblock profiles were taken over. I am happy big youtubers like you are acknowledging this scam.
wHAT REASONS?
That was bound to happen, sharing passwords is always a terrible idea
ofc you get hacked you have 0 internet security knowledge jesus christ sharing passwords???
maybe you can still get it back, my whole microsoft account got taken js because of a skyblock scam, I got it back cuz I am just that good.
i had it 20 days ago abd it was exactly how he says it and i just waned to get on a hypixel community server and the EXACT SAME VERIFICATION TEXT was there.. and i did it.. now i have to play cracked minecraft intil i can fix this🫤
Hi, i'm the person at 2:11 named __alexx. Literally watched this video earlier and didn't notice my name until one of my friends just DMd me about it. That person specifically actually invited me to an NEU copy server, so I reported it in the real NEU server. The server got banned a couple days later. Didn't think you guys would see it lol
Correction at 09:50 . You dont need a bot to ban someone from your server even though they've never been on it.
All you need is developer mode active, and the users user-ID on discord. Then using basic discord commands and the User ID, you can ban anyone. As long as you have their User ID.
they most likely have it all automated, so they would probably have a bot but yea your right
@@chrissametrinequartz9389 True fair. Makes sense, since as a scammer you probably do want to run an autoban list to avoid the owner of the legit server to report you.
Not gonna lie, getting rid of the Trust & Safety form was arguably one of the worst updates Discord has done, and the fact that you would have to bypass a ban with a VPN or whatever with an alt, makes things harder.
Gotta love how Microsoft forced account migration and 2FA onto the community without actually addressing any of the existing security issues
And added even more security issues. Microsoft and security never go together
If migration didn't happen, all you would lose is $26 and your Minecraft account's progress. Now you lose everything.
gotta get a good lock on my door so the open window doesn't cause issues
no it actually is wrong 2FA. texting/email second factor has always been flawed. if you want to be immune to this attack you have to enable google-authenticator (not authenticator which is from ms, this is tricky because ms tries to persuade you to use their app which has the same flaw) and either set the code with google-authenticator or any of your trusted password management apps (1Password, Bitwarden etc). if you have google-authenticator style 2FA set up, you can disable getting emails, notifications, texts with the code and instead you always have to proactively look up your code. with other words the attackers cannot make any communication by MS to be send to you.
@@Capiosus"open windows"
Great video as always! Watched on 16x speed.
Bruh
efficient
ADHD version
How
12:47
another way to find scams is to look at the date the members have joined discord or the server, if there are too many users joining on the same date, it's a scam
or looking at mutual servers with some of the members (namely someone famous) and checking their profile or activity on the other servers is also a giveaway
Thank you for covering that topic, I'm also getting approached so many times about "I got hacked, what can I do?" And i always have to tell them "nothing". Maybe this helps spreading awareness. Also thank you for trying to contact Microsoft/ Discord, I really hope they resolve the issue 🙏
i just say quit if it’s skyblock💀💀
if single player, i say “nothing else you can do but restart”
@@isitreallytho1649 skyblock is such a good game tho
not absolutely nothing, i know im optimistic but im not stopping till i get this shit bakc. it's not even my account, it's another guy's account which i dont even really like im just spiteful
despite the fact that i consider myself pretty tech savvy i almost fell for this scam and only managed to sus it out because the Microsoft email didn't explain what the code did and so i looked it up.
i wish more people would just look stuff up, that would solve so many problems. the official website/email may not say what the code is used for but if many semi trust worthy places warn against it then you would realize that you should reconsider what you where doing that lead to recieving the code without having asked for it.
@@ai-spacedestructor yeah... i guess let's just hope this message could be a lesson to some folk
The amount of people getting ratted would be halved if microsoft explained what actually happens
I just want to thank you as earlier today something identical happened to me. Had I not watched this video before “verifying” my account, would have lead to me being thoroughly screwed. Scared the sh*t out of me when I could relate so closely to the vid. Love your content and what you do, keep it up! ❤
Discord literally removed the report option for desktop 💀
Lmao
No idea what you're saying, it's still there lmao
@2KDrop are you blind? Watch video
@@2KDrop 11:45
@@evildeadspace if you think you're smart, its at the bottom
I'm incredibly impressed by the effort you've put into this, because just some surface level experience with modern tech support from companies trying to spend as little on these channels as possible makes you understand just how insanely frustrating this is.
Best of luck with it, screw the enshitification of the internet
This happened to me like 6 months ago by a verified discord sever but I got my mc account back by signing in Microsoft with my windows key, changing the email back to mine and then kicking the scammers off my account with one of the tools in the Microsoft account then I changed all passwords and haven't had a problem since. But unfortunately it took a while to figure this out and my skyblock account got deleted with 500 plus hours. Hopefully this comment can help you guys out if this happens to you.
How did you change the email in time?
This actually kind of happened to me: someone from Hypixel said I could have a rank, invited me to their party, and then told me their discord. They then sent me a server, I joined, and then clicked verify, and then realized it was probably a scam, (it was exactly the same as the one in the video, asking for username and email) because I have never seen a verification process like this, and it was for a Hypixel rank, which is very fishy, I didn’t put in my username or email because I don’t know what hackers can do with that nowadays lol
And btw if someone actually wanted to give you a rank they will use hypixel gift system.
i think u do know bro just think about it what can someone do with your login ?
@@natedor7739 They could be annoying if they know your email address, but unless you arer willingly giving away requested one-time passwords (like in the examples of the video), the password is laughably easy to bruteforce, or something like that (like using the same username or part of the email or smth) they shouldn't be able to get access, in theory.
It's still not a good idea to share these to people you don't trust though...
@@ignzezo_2920they wanted me to join a voice call and told me to verify
@@natedor7739wdym
These days Discord is a troyan horse.
If someone is falling for these scams they're probably not old enough to use discord in the first place
@@azula5646 Indeed.
@@azula5646indeed, it happens to best of us tho, and that is not an excuse for a better security
I just lost my five year old Skyblock profile to one of these. 40b networth gone in less than an hour over a small mistake, it can very much happen to anyone, so always be cautious
How do u fall for this when it’s so common
maybe you can get it back if your whole microsoft account was linked
U cant
@@wilwilson5733 You can, I literally lost my identity stolen with this same scam and I got it back
deserved
While I myself have never been in a situation like this, I am glad to hear that people like you are working to prevent it! You guys are awesome, so keep at it!
Remember guys,
"Epic will never ask for your password"
They do kinda, why tf do i get signed out every few weeks? Havent signed into steam with a password since 2022
Epic is quite quirky and gets off from signing you out@@erixccjc2143
@@erixccjc2143 ask yourself
6:09 “buy human rights” is such an amazing joke
i am really surprised i have never fallen for one of those
wait i never play with people i don't know...
🤓🤓🤓
@@lilravencane5673"🤓🤓🤓" - 🤓
Playing with people you dont know is forced in skyblock unless you somehow gather up 4 other people who are dedicated enough to grind out to reach m7
@@SomeCowguy that's the fun part, i stopped playing hypixel skyblock 3 years ago because of that exact reason
@@Rissoe_Really Your loss I suppose, I have met some of the best people I know by joining a guild.
I've tried this multiple times since I have fallen victim of this scam as well as many of my friends to recover the account through Microsoft support. They always say that since it is already in the hands of hackers, they may have your personal information and can hack you again, so they lock your account to be safe. Best thing to do is to accept that it's gone and move on.
Just because they yave your personal info doesnt mean you cant just change your email and account passwords and be safe. That support was just lazy and took the easy way out.
Great Video! Sadly, the last part isn’t really true. I had this happen to me and if u don’t have an Xbox-console linked, the account is pretty much gone. I was in a chat with the support and wrote emails for 3 weeks and the best they could do, was to disable the account. I even had the Minecraft purchase ID, which was bought on the account but they said that wasn’t enough
my brain decided to shut off one day and being a cyber security student i still for the otp shit, though, i pulled my account back from them within minutes so no damage was done and have been trying to gather information on the inner workings of the groups. Im glad someone made a video on this
what i found interesting was the c&c server hosted on digital ocean, which, we should also be able to report those servers and have digital ocean take them down possibly. I still have the ip of the c&c server that logged into my account before i pulled it back thankfully within minutes of it happening. I also got to talk to one of the scammera who wanted me to join him in scamming and attempted to use it as an opportunity to find the source code for the bot itself, though, he didn't budge
For the verification scam I just ask them to make a group for the perm party and if they decline I just leave
Getting scammed in a game for the first time is a very important life lesson, getting scammed after that is pure stupidity
Depends on the type of scam. Some scams are easy to fall for, like the one shown in the video.
anyone would fall for targetted phishing + a fake well made website, think about the number of times you download something that an irl friend or family member sent you. Well..what if they had been hacked and by clicking on the thing you downloaded a virus ? However I agree that if you fell for the verification scam more than once then you are mentally challenged
@@Dolphin002 That scam is easy to fall for if you're like a 13yr old kid
@@alexprogg if you have ever talked to anyone in cybersecurity you would know phishing scams are like the #1 issue regardless of age
When you think you’re immune to scams is when you’re most at risk
10:42 "Yes, because fighting against scams doesn't make us money, but if you fight against scams by purchasing vanity links, that does make us a lot of money" /j
The reason why Discord and Microsoft don’t care is that it costs them more money to fix the problem, than it does to ignore it. Microsoft and Discord both have virtual monopolies in their respective industries, so they don’t need to worry about users leaving, as 90% will think it is too much effort.
if it gets bad enough that it affects their PR, they will care then, bc PR affects their wallets
@@fluffbuck3t who wants to start protest? I do!
@@fluffbuck3tBad PR only works in industries where there's an alternative to the boycotted product.
What alternative can you choose?
@@Scyborg832discord was created ro be an alternative to facebook and skype. Because people were fed up with the bad service of onr and suppression from the other. Eventually someone is gonna get so fed up with discords crap that their gonna create one.
Once it takes off with youtuber or word of mouth help, thats when discord and microsoft get hit. Its not an if, only when.
@@rignatetris4435 Discord was created as an alternative to teamspeak and, to an extent, Skype. Has no competition with facebook
They only take skyblock items, most people have the same password for everything so they could easily get into your bank.
this issue really needs to be addressed on a larger scale, i've seen far too many innocent people fall for these
my idea to solve the discord url problem is to allow verified discord servers to own more than 1 url and claim already taken urls that can be associated with the original server
That would just lead to people claiming like 5000 urls
i have a bigger problem, idk how i buyed minecraft with a mail, and now when i use that mail it's saying that i didn't create one and i didn't buy minecraft (after the update) so now i'm stuck with a new account and i can't do anything
Just want to say, even if a discord asks you to join an mc server to verify, It could be similar to a Restorecord incident (See No Text to Speech about it). After they get your IP they could use extortion for irl money or skyblock stuff. VPNs can work but not everyone has it. So just double check the discord server.
wait how do they extort you with your IP? is it just cause uneducated people dont know about IP and just think its this big super scary thing?
This just happened to me last month, and i lost all hope. However, I contacted Microsoft support and got my account back, and the guy who stole my skyblock account added 18 billion coins worth of items to my account instead of stealing all of my items. Unlucky for him, I guess
What did u do to get the account back 🥲
@chrisss4721 I reported it to Microsoft Support, and gave them as much info as I could. It helps if you have your account linked to an Xbox somewhere, but after you do that, all you can do is wait.
The fact that we have to even deal with these problems is just disgusting. People have nothing better to do with their lives than to scam and ruin the lives of others, whether it be because they're too lazy to get an actual job, or just they're bad people, it's just not a problem that should exist.
Good thing scams are easy to avoid if you are aware, plus it’s a good learning experience. If it happens once it’ll never happen again
This exact thing happened to me two days ago, so rip my 7 year old minecraft account and 750m networth
lol
@@fatfurryAh yes, his account was hacked. So funny.
@@lightningbolt9155 yes.
@@lightningbolt9155it is funny that people fall for this shit after all the warnings in the community
dude I feel so bad, losing a 7 year old account must be heartbreaking
I managed to talk an owner of multiple servers like this. He told me he made about 29k just from selling accounts.
Great video! As owner of a big Skyblock discord I see tickets of people getting scammed like this every day. I appreciate you making people aware of the scam!!
Sad truth is, people getting scammed by this usually don't watch quality youtubers like you (:3) and many would probably not even read the email with the code, even if it had a big THIS IS A SCAM on top.
I think the best way for discord would be to work closely together with the community to quickly adjust features when new scams appear or to let the real owners quickly report fake discords.
By the way, those scammers usually have a user bot in one of the real servers and just copy over the messages sent there (since you wondered how that works)
Oh and thank you for the kuudra gang reference lol🙏 See you :)
Omg anderle dont leak methods 😔
goat
This is why identity and access management is so important! People always overlook it, but it’s such a fundamental cornerstone of modern computer science, and when done incorrectly, allows for so much harm to be done
I think the biggest problem is just that the email says single use code instead of just password reset code or something like that. I once fell for one of these scams it was very painful too see all my bedwars levels, and everything i had grinded for, just dissapear right infront of my eyes. I definetly wouldnt have fell for it if the email just said that it was a password restet code. I never got my account back because its basically impossible, But i bought a new account, and now im higher level on my new account. Also great video dude, very well made.
I know how are feeling It happened to me not to long ago
I'm really glad that one of my favorite UA-camrs made a video explaining this type of scam. My account was stolen this way and I wouldn't want it to happen to anyone else.❤
I had this happen to me 2 weeks ago, was queueing f7, got invited to a discord server where i saw tons of vcs with actice looking members scamming all floors of dungeons, got the verifying scam message, told the guy hosting the party that i aint doing that and he had the audacity to send me a link that sent me to microsoft that very clearly asks me if i really want to give access to my account to this rando. So anyway i laughed it off and wasted their times.
3:00 Weird, normally they make scammed victims part of the staff team, even the owner of the server, if it eventually gets taken down, so the original account that created it doesn't get banned.
I got my account hacked a while back. It wasn't all bad, I learned a valuable lesson for a far cheaper price than most would have, and on my new account I made it further in Skyblock in a few weeks than my old account did in years.
5:28 I love the calamity music
I moderate a large MC server (~9k players), and we've had waves of people advertising servers like this. Lots of people sadly fall for it. I've seen people in game saying "BAN ME" and also saying the scam at the same time, presumably since they've realized someone is on their account.
This is a big issue in The Pit too and The Pit has a large irl trading community, with many items worth thousands of dollars.
I got this scam too. Thank you for addressing this. Watch out anyone else for this scam to everyone else, and don't sign in to your microsoft account if you are verifying to a discord server.
Funny enough, I almost fell for this exact scam about a year ago, two factor auth saved my account though, so glad I have it on. I'd highly encourage you turn this on and share this video with others
I think the best way is to made a proxy who add a "vérified" text to the official Microsoft address, so even if the page does not open in your browser you can see it :)
You should contact a guy called "no text to speech" or ntts on UA-cam, he usually covers this and pressures discord into solving these issues
My friend got hacked like this too and somehow got his account back after a lot of work and when he logged back into skyblock, he had a fully maxed divan armor setup that he never had before. Maybe the hackers just want to progress for us…
They were so confident they had the account they didn't even bother transferring the stuff I suppose. Saying your friend was lucky would be an understatement.
They were gonna use his account for macroing probably
can u tell me how he got I back
Correction in the boosts, basically people create tokens with a discord promo nitro link, and boosts the server for 3 months, and only costs about $7 usd roughly, can be more and can be less but mainly around that rouce
correction: all bots have been replaced with apps, you cannot fake the bot tag, even webhooks have the app tag, a reliable method to find if the bot is real is if its verified, but that would only work if the bot is in many servers, so for single-server bots, you basically have no hope to spot if its fake unless if you know the tag of the real one
THIS HAPPENED TO ME THIS MONDAY. THIS VIDEO WAS 5 DAYS TOO LATE 😭
i randomly got 1 of your vid on my feed and wondered if you had uploaded any new vids like genuinely excited to see this vid posted 5hrs ago very pogchamp
Great that you tried to do something against scammers in an effective way.
You just saw the problem and tried to make Microsoft and Mojang fix it. This is honestly great Engagement!
These kind of scammers use social engineering to their finest. Stay safe and don’t trust no one unless properly checked.
This happend to me like 1.5 years ago, havent joined hypixel since bc im scared it will happen again and i lost everything.
This happens daily on skyblock dungeons, where people ask you to VC.
Most have learnt to filter it out. Warping to housing should already ring some bells for anyone
Here's the thing - the moment you let users report servers without being on them, you'll drowning in reports yourself. Trolls, scammers, bot armies, people who just want to pi$$ on your day, all this haven't gone anywhere.
So yeah, do be wary of what you wish for.
tbh I been dealing with scammers for so long and never once in my life fell for that and I still comprehend how people fall for scam in the first place. It's just to weird to me
As someone who got scammed 11 times in many different scenarios I can explain that the feeling is because "what if" the person was legit and I was actually getting 500m? It's just too big of a risk to not take
I just realized, I don't think the previous generation is being taught ANY internet literacy (orrreallyanythinghonestly) like we did. That's a shame lol.
No we are
@@Voltsalmon_ thank God. Stay safe out there, don't fall for these things, especially with AI now too.
I actually used part finder 2 weeks ago to see someone trying this, it seems to be a common thing there.
Difference was the verification scam started with asking just for a name, then it 'fails' and asks for mail
Hello people, unfortunately I was scammed as explained in the video. However, I found out the email to which my Minecraft account is now connected. I also know the changed name of the account. Can someone write how I can do the same as the scammer since he only had my email and the MC name. Unfortunately, Minecraft support couldn't help me.
Even the fake one seems more real than the real and that's really concerning
the craziest thing is microsoft seems to think nothing of it when your username, password, backup email, all change in 1 second, like thats crazy to me as a developer, what a bad design, makes me think if its intentional.
8:14 It all started by this freaking confusing email
Great video, and thank you for the information! I did not know this, but I will definitely be keeping an eye out for these types of scams now.
Lost my account to this scam while I had a cousin over. Love when Microsoft tells me to sign in to my account and change the login, despite telling them I can't log in because the account is hacked. They've had my account for a month, and still no fix
i also fell for it and i contacted microsoft support, they said that they cant help me if i dont know what the email the scammer used is. The thing is i knew it and provided it to them, they never responded
@@iasonkav3322 microsoft's support system is flawed to say the least
I got this once, logged into the fake microsoft window. Then I realised that and change all of my outlook information
all of these discord scams people say are easy to fall for always end up being super obvious
I have been hacked through a discord server a week ago or so and lost my minecraft account and my microsoft account because of it. Microsoft support couldnt help only permanently suspend it so the hacker doesnt have more acces to it... im 18 btw... i feel like a little kid who got his candy stolen.. Had to re buy mc and stuff.. also lost all skyblock progress 4b coins etc.
Thank you for the like.. You wont even belive me when i say this.. I literally used support a creator code Hellcastle to buy mvp+ on my new account.
got an invite to the kuudra gang server, it had a lot of people but i gladly wasnt convinced. think it was kuudras instead of kuudra
I appreciate you for making this video since I am also a victim of the discord scam. If you could make a video shedding some light on the problem with recovering our Microsoft accounts that would be amazing. I am saying this because me and countless other people have lost their Microsoft accounts due to it getting stolen or hacked and Microsoft's support feels quite lackluster and just ends up leaving people who just want to get their accounts back pretty upset.
this is now the second video ive got in my recommended explaining how this scam works... a month after i fell for it. thank you youtube.
Got my 8 year old account stolen like this, after 15 support conversations and HOURS talking with them, they all gave me different answers and negelected me. Then eventually they finally emailed me and said hey we know your account was hacked and we will lock it forever instead of actually giving you acesss to it and we wont do anything about it.
I'm surprised the soulless bots don't use ChatGPT by this point
great video as always, i hate how many ways there are to get scammed out of your mc account i wish companies were more careful about user security
Hey, Cybersecurity enthusiast here. I'd like to point out this form of trick is called account theft or account stealing. There is no form of "hacking" involved 0:19. Also, I would not consider this a "Virus", rather a generic RAT (Remote Access Trojan) which allows the perpetrator to remotely acess your computer from theirs, or a command and control center 0:50.
15:16 is a really good resource!
I'm not going to nitpick every little part of this video, good job.
its crazy how easy it is to fall for this without know about it previously. Just got back into minecraft and almost gave my account away in like 1 minute, knew it was suspicious when the guy trying to get me to do it, keep edging me to join and verify....
I got scammed with an exact same method with hypixel skyblock dungeon party around three years ago. I got robbed and permanently banned from hypixel because of that. Took me two long years to aquire a pardon but I will forever warn others about this scam.
like the biggest problem is the email, they should add a section titled: "IF YOU DIDNT REQUEST A SINGLE SIGN IN DO NOT GIVE THIS CODE TO ANYONE, THIS CODE IS ONLY TO SIGN UP FOR YOUR ACCOUNT."
becuase when i got scammed he started pressuring me saying we are waiting in vc and so on, so i was like ahh its probably safe and i didnt read the message that says its a single sign in code.
Me and my friend fell for this scam a few months back, we were in Bedwars and we got added to a server by this guy who wanted up to play 4s, he invited us to a discord server and we had to verify using our accounts, we typed in our email and username and they had a bot pretend to be Microsoft and email us a code that we were to put in the discord bot, (I found out how it worked while talking to the hackers it basically resets your password and email and changes it without alerting you) anyway after being unable to get our account back with the way the hackers offered one of them dm'd me later saying they felt bad and returned my account but kept my friends bc it was a lot more valuable. He just ended up looking for the receipt that he got when he bought mc and used that to prove it was his account and deactivate it so he can regain it
Good luck to your friend
You see, there is actually a good reason why you can only report a server if you're on it.
Because otherwise all those thousands of bots the scammer uses to populate the fake server could just keep reporting *your* server to ensure a constant influx of victims. At least now they need to actually get accepted on your server as members to do that.
That said, I won't argue that Discord support is... subpar, and their usability follows the trend.
i sent a guy my 1 time access code and got hacked yesterday, rip my microsoft account.
also getting the account back is so annoying because of microsofts horrible account restoration process
I fell for one of these scams a few months ago and they changed my account email and password, but luckily I got it back within 3 days after contacting Microsoft support and giving things like the accounts most recent emails and addresses.
after the first few hours of it being stolen Microsoft locked my account and no items or coins were stolen
Someone once tried to get me to verify my account on a fake Cchloe server when I was selling a term. Luckily I knew better but it’s scary to think about what would happen if I didn’t.
So you're telling me that when I try to sign into my account to fast or on another computer it gets locked and I gotta verify through my email or phone number. Someone else does and 👌
I think I will never feel more stupid than when I fell for the verify bot scam. Was about to stop playing back when that happened, luckily, and I also managed to get Hypixel to ban me from their server and Microsoft to block the account.
I just realised how close I've come to getting my account stolen... 😶
You know its a good year when hellcastle uploads
When it happened to me I proved ownership but they said that the scammer changed the security information, so they couldn’t do anything but lock the account…
I was phised a few years ago when i was new to minecraft. It was probably a good thing because now im not as gullible. The funny thing is that my old account that got hacked tried to phish my new account lmao. It was kind of annoying when the hacker tried phishing my whole friends list and guild.
Thank you Tyler I honestly didn't know Iceland did that
calamity music makes every youtube video 100x better (6:20 sanctuary by dm dokuro)
As someone who actually fell for this scam for the literal EXACT SAME REASON that tyler stated in this video(I hate monkey finder) discord really need to up their security and moderation. R.I.P to 1.3k hours😢
6:45 he says while putting up a chart that shows Minecraft's primary demographic actually has a fairly high computer and digital literacy rate.
Yeah, but the graph is probably inaccurate. The younger generations are assumed by the people teaching them to be tech literate because they grew up with technology. However, I don't think watching and interacting with social media all day counts as being tech literate.
Unless they have read about it on their own, or are experienced first hand on scammers, they wouldn't even think about this sort of thing especially if schools do not teach them about it.