Fake Bridge Scams on Discord
Fraudulent cross-chain bridge links are distributed through Discord communities via compromised accounts, impersonated admins, and fake support bots, directing users to phishing sites that steal bridged assets.
Part of: Fake Crypto Bridge Scam
Last reviewed: 9 June 2026
Cross-chain bridge phishing on Discord is meaningfully different from the search-ad variant covered in the wave-10 sibling. Rather than intercepting users at the point of searching for a bridge, Discord-based fake bridge scams insert themselves into the moment of need within communities: when a user asks how to bridge assets in a DeFi server, a fraudulent response appears before the legitimate answer.
The community-based distribution is more dangerous in some ways because it exploits a context where users expect trustworthy technical guidance. A response from what appears to be a helpful community member or server bot carrying an authoritative role badge triggers far less skepticism than a promoted search result.
How this scam works on Discord
Discord-based fake bridge scams operate through several vectors. Compromised moderator or admin accounts in major DeFi servers post fake bridge announcements or quietly update pinned messages to replace legitimate bridge URLs with phishing ones. Impersonator accounts with names nearly identical to real admins respond to bridging questions in general channels.
Dedicated fake support bots are also deployed: when a user asks about bridging in a channel, a bot with a credible-looking name DMs them with a support link that leads to a phishing site. The site is visually identical to the real bridge and processes the source-chain deposit normally while diverting the destination-chain release to an attacker-controlled wallet. Because the user initiated the interaction by asking a genuine question in a community they trust, their guard is lower than when visiting an unknown site.
Common red flags
- Bridge support arrived as an unsolicited DM after you asked a question in a server channel
- The admin or support account DMing you has a username that closely mimics a known moderator but differs by one character
- The bridge URL provided in the DM or bot response does not exactly match the protocol's official site
- Pinned messages in a server were recently updated and the new link cannot be verified against the protocol's website
- A bot in the server claims to provide official support and directs all bridging queries to a private link
- After initiating a bridge transaction, the destination chain shows no incoming balance after a reasonable wait
- Support account is unable or unwilling to direct you to an official page that confirms the bridge address
How to protect yourself
- Only use bridge URLs from the protocol's official documentation site, accessed via a bookmarked URL not shared links
- Never click support links sent by DMs in Discord, even if the account appears to be a server moderator
- Report any DM you receive with a bridge link to the server's verified moderators before clicking
- Before submitting a bridge transaction, verify the contract address on the protocol's published list of verified contracts
- Complete a small test bridge before transferring significant amounts through any interface
- Check that moderator account usernames match the official admin list published in the server's verified channels
How to report it
- Report the impersonating or compromised account to Discord Trust and Safety at discord.com/safety
- Notify the legitimate protocol team immediately so they can alert their community
- Report the phishing domain to Google Safe Browsing
- File a report with the IC3 at ic3.gov if financial losses occurred
Frequently asked questions
How do scammers gain access to moderator accounts in Discord?
Moderator accounts are often compromised through phishing attacks targeting the moderators themselves, password reuse from breached services, or social engineering. A compromised moderator account can make fake announcements that appear official.
Why do fake bridge sites look identical to the real ones?
Modern phishing sites download a complete copy of the legitimate site's front-end code. The only difference is the back-end: the deposit address or contract interaction is redirected to the attacker's wallet.
What should I do if I submitted a transaction to a fake bridge?
If the source-chain transaction has not yet confirmed, check whether it can be cancelled with a higher-gas replacement transaction. If confirmed, preserve all evidence and report to law enforcement and the legitimate protocol team immediately.