Princess Hypio, an artist in the crypto world, shared a tough story last month. She lost $170,000 worth of cryptocurrencies and NFTs after a stranger on Discord convinced her to join a game on Steam. While she played without thinking much, the scammer was quietly hacking her accounts and emptying her digital wallet. She posted about it on X on August 21, saying the same trick hit three of her friends, too.
This isn't new. People call it the "try my game" scam, and it's been popping up for years in different ways. Scammers sneak into Discord servers, watch how folks chat, and use that to build fake friendships.
The hacker joins a group and hangs around quietly. They learn the lingo and spot who has crypto or NFTs. After noticing Hypio’s Milady NFT, the attacker focused on her. They kept the chat light and friendly about games before sending a server link, hiding malicious software. This lets them slip into the victim's device and grab passwords or wallet info.
For Hypio, the scammer even offered to buy the game on Steam to make it seem legit. The game was fine, but the server wasn't. Before she knew it, her funds were gone.
Discord just put out new rules against these tricks, saying scams that push fake deals break their terms.
Nick Percoco, head of security at Kraken, explained to reporters that “These scams do not exploit code; they exploit trust. Attackers impersonate friends and pressure people into taking actions they normally would not take.” They blend into communities, mimic the speech patterns of trusted friends, and then pounce.
Gabi Urrutia from Halborn, a cybersecurity company, described these scams as“ It’s not as important as traditional phishing in volume, but it’s more and more frequent in Web3 and gaming communities, where there is a mix between pair-to-pair trust and high-value assets.”
The scam started in crypto but is spreading. In February, one gamer shared on an online forum that they were scammed after trusting a link sent by someone posing as a friend. Reddit threads warn about it targeting players, too. Percoco noted that while crypto sees it first, it moves to other areas.
But he pointed out an even bigger problem: fake job offers. In June, hackers linked to North Korea targeted crypto workers with phony recruitment, slipping in software to steal wallet passwords.
Urrutia added that most scams now trick users into giving away access themselves, like approving shady transactions without checking.
To dodge this, Percoco suggests being skeptical. Check who you're talking to by switching to another app or call. Don't run unknown programs, and sometimes doing nothing is the smartest move.
Urrutia recommends pausing before clicking or signing anything. Use separate devices for fun and finances, and keep access limited. Communities can help by blocking stranger messages, checking new members, and talking more about safety.
In the end, it's about building better habits online. These scams thrive on rushed trust, so slowing down can make all the difference.