A user by the name of Victoria sends me her menu through a Discord direct message.
“Selling PayPal, credit cards and Amazon gift cards,” it reads. “Price list below. Please don’t contact me if you are not serious, can provide evidence and vouches. Refunds always.”
She offers every piece of contraband at a huge discount on its face value. A gift card supposedly worth $200 costs $25; a $1,000 gift card costs $80. Stolen credit cards come with “full info on how to use them, including security numbers and CVV,” and they “can be used in EU, U.S., or the UK.”
For most purchases, Victoria says she uses a half-and-half payment system. After a customer selects what they want to buy, they deliver 50% of the fee to Victoria’s Bitcoin wallet. Once the item has been delivered, the customer wires over the remaining money.
Discord was founded in 2015 as a platform for gamers to communicate through voice chat and text chat. Similar to Slack, anyone can start a server, and issue an invitation for anyone else to join. Over the years, Discord has grown into a more generalized social media platform — with servers dedicated to everything from basketball to political debate, and a user base of over 250 million around the globe. Discord has no mandatory identification verification, and the promise of anonymity occasionally attracts dangerous activity. Earlier this year, OneZero reported on the platform’s unregulated teen dating channels. Now, there’s evidence that Discord is being used by some users to facilitate a wide variety of possible financial crimes.
In a conversation over a Discord call, Victoria, who claims to be 20 years old, says she works as a “middleman” for another hacker that’s active on the dark web. Her job, essentially, is to bring the hacker’s wares to the Discord marketplace. So, Victoria posts her advertisements on the many “market servers” on Discord with names like Plug Central, House of Cards, and E-Walmart, all of them are filled with people just like Victoria, canvassing the chatrooms with fugitive goods.
A gift card supposedly worth $200 costs $25; a $1,000 gift card costs $80.
OneZero found and accessed six market servers while reporting this story, and we spoke to seven different vendors operating on the Discord black market through voice calls and text chats. The primary sources for this story requested anonymity. Because they are allegedly peddling criminal services, their claims ought to be taken with some skepticism. Though OneZero was unable to verify every transaction described, the publication did speak with individuals who provided proof of their illicit purchases.
Brian Krebs, a cybersecurity expert, says that this type of petty internet crime is “all too easy.” “There probably have never been more resources available to those who wish to engage in this type of fraud than ever before,” he says. “And there are more people coming online each day who have no clue about how much just a bit of security hygiene can keep them from becoming the lowest-hanging fruit.”
Market servers are accessible via a one-click invite, and can be found on server directories like Disboard under tags like “carding,” “dark web,” and “black market.” Victoria says that Discord makes for an ideal venue for illicit activity because it’s “accessible and easy to reach,” and the fact that the service keeps its users anonymous. “As long as you have an email, you can sign up for [an account].”
Every vendor OneZero spoke with had their own Discord trade. One vendor specializes in “PayPal transfers.” The vendor describes an elaborate money-laundering technique as part of his process. After cracking into a PayPal account, he makes a transfer of funds to a new, dummy account that he himself owns. After that, he transfers the money into his older, more established PayPal account, which, he says, makes it look like a “legitimate transaction,” and not a robbery. After that, he moves the money to his customer. “You have to be fast and transfer it at least twice,” he explains.
Once the original owner of the cracked PayPal recovers their account and reports a stolen balance, the vendor says PayPal takes the refund out of the dummy account rather than the eventual place where the transfer ended up. That, says the vendor, gives the dummy account a “negative” balance. “The owner of the account usually gets their money back,” he says. “So it’s all good.”
In response to a request for comment, a spokesperson for PayPal said, “The security of our customer’s account information and money is always a top priority for PayPal. The company takes all steps, including working with law enforcement agencies and industry partners, to ensure the security of customer accounts.”
“[My customers] are interested in buying [these services] but they don’t know how to access the darknet,” he adds, when asked why he does business on Discord. The vendor also sells stolen gift cards and makes “around $2,000 a week.” (Right now, he says his biggest seller are gift cards, because “people want them for Christmas.”)
Another Discord seller refers to himself as a “refunder.” For a fee and some basic personal information, he says he will call up a company like Apple and convince them that a recently purchased iPhone failed to arrive, or was missing from the box, and advocate for the retail fee to be returned back to the customer’s account. “Most stores have an 85% to 99% chance of [the refund] going through,” he says.
“The owner of the account usually gets their money back,” he says. “So it’s all good.”
One Discord server reviewed by OneZero is entirely dedicated to the refunding hustle, where customers allegedly pay vendors to fraudulently return goods at a wide variety of stores. “Thank you for the Bloomingdale’s order!” reads a post by one supposed customer, who added a screenshot of a $1,639 refund they claim they received from the retail giant.
Every vendor OneZero spoke to for this story warned that purchasing illegal goods on Discord is a dangerous game. According to these users, scams are apparently common — vendors will sometimes steal a customer’s money without delivering the promised contraband. “Goodbye to your $25,” says Victoria. “Scamming is everywhere, there are entire servers dedicated to just catching scammers.”
The administrators of these market servers say they attempt to implement vetting processes for the people selling contraband on them. One server has two distinct channels; one for “verified sellers” and one for “unverified sellers.” To earn access to the verified channel, a vendor must be thoroughly vetted by server staff. Hackers will also provide “vouches” — screenshots of their contraband, previous sales, or positive reviews from previous customers — to let potential patrons know that they’re legitimate. “I make sure my sellers are legit by asking for vouches,” says one server administrator, who posts as Swipe God. “In my server, I have a scammers channel where people can expose the scammers.”
Discord says the platform has a zero-tolerance policy when it comes to illegal activity on their servers. A company spokesperson said in a statement that the company “works quickly to take action when it becomes aware of it, including content removal and account deletion. We use a combination of proactive and reactive tools to keep activity that violates our policies off the platform.”
But it remains to be seen how effective those countermeasures are in practice. The hacker who allegedly cracks PayPal accounts says that while he’s been banned “quite a few times,” he’s able to boot up his storefront with a temporary email address and a new username in “five minutes.”