Comment on page
Shielded Mass Mentions
/postcommand is an important security measure in disguise! A key to most discord hacker's tactics is to spread their malicious links and scams to as many people as possible, as quick as possible. In discord, the hacker relies on mass mentions like @everyone, @here, and @<roles> to ping large groups of people and draw them in, creating FOMO around their scam. Restricted access to mass mentions is an integral part to any server's setup. Usually, the
Mention @everyone, @here, and All Rolespermission is restricted to admins and trusted mods.
When a hacker compromises a trusted account with
Mention @everyone, @here, and All Rolespermissions, your server is at risk. In addition, admins and mods may have access to other bots that can mass mention users through message builders, webhook managers, or other features. This has led security-conscious servers to eliminate mass mention permissions from mods which requires a lot more work from admins.
Unlike other bots, mass mention commands are password protected through the Good Knight
/postcommand. This means that servers can give mods the power to use mass mentions without worrying about them falling victim to hackers. Another upside is that mods can mass mention users to warn them if a hacker is detected.
Mention @everyone, @here, and All Rolespermissions from all users and channels (any user with
Administratorpermissions can still mass mention)
- Remove access to bot commands that can mass mention. Individual commands can be turned off by going to
Integrations -> Manage Bot
- Give any user that needs mass mentions the permissions to use Good Knight with the
If Good Knight is ever down or kicked from your server, these users will not be able to mass mention. We believe this is still a better scenario than risking a hacker sharing their scam