Automod was introduced in 2022 and this feature allows you to delete messages before they are sent, meaning no more unread messages icon anymore after cleaning up spam or abusive content. There’s an option to automatically have the member be timed out as well, so you can check on it later. In combination with logging the flagged messages to a channel like #automod-logs to send alerts to, it helps you understand what content was shared and if it broke server rules.

In this guide you will find explanations for each Automod rule and what to configure for them. I recommend enabling everything except custom words, as that will be configured based on how your community grows, as well as what kind of spam appears in your server.

Basic Setup

Mention Spam

The Mention Spam rule allows you to configure the max amount of @Mentions that members can post in one message. The default settings are fine, although I still recommend sending an alert to a private logging channel. Be sure to allow official roles (@Admin, @Mod, @Community manager, etc) to mass-ping users when needed, like informing members affected by a bug that it has been fixed.

Suspected Spam Content

This addresses suspected spam messages that are internally flagged by Discord. Discord is not infallible though, so sending an alert to a private logging channel is helpful to be able to assess whether it was indeed a malicious message or account.

By default I allow the logging and automod-flags channel to be exempt, just in case. While this kind of spam content is unlikely to appear in these channels, it’s not impossible.

Commonly Flagged Words

This addressed a myriad of profanity, slurs, and NFSW content. Some servers like to allow a little profanity as shown below, so bear in mind if you allow these words you need to put them in there.

All staff-only channels and read-only channels should be exempted to allow more leeway for those with elevated roles, discussing things outside any public area.

Words to consider allowing:

shit, fuck, hardcore

Frequently posted scams

@everyone, @here, and Server Invites

This is for those who still try to ping @everyone, @here or share server invites. The pings are often used by bot / spam accounts (or people unaware of Discord etiquette), and blocking server invites is helpful to prevent other types of spam that involve other servers. This block list will look the most exotic, as spam accounts try many different ways of formatting the text in order to circumvent traditional filters.

In this specific case, the Allow list has the server’s unique invite URL to prevent users from getting their message removed when sharing links to in-server Events or Voice Channels. The three possible domains are discord.com/invite/, discord.gg/ and discordapp.com/invite/. 

Phrases to filter:

*@everyone*, *@here*, *discord.com/invite/*, *discord.gg*, *discordapp.com/invite/*, *////*, *#@discord.gg*, *%64*, *%65*, *%67*, *discord:///$%E2%82%AC*, *discord:///$%E2%82%AC@discord.gg*, *discord:/#@discord.gg*

Four images showing famous figure giving away free crypto

This scam consists of hijacked accounts sharing 4 images that show a fake screenshot of accounts like Elon Musk and MrBeast, stating that they are giving away free crypto. Users will have to manually input the malicious URL and create a (fake) account to get their account stolen, upon which their account will start sharing the same set of images with all their friends and servers.

This scam circumvents traditional message blocking as there are no links shared, just attachments. Sometimes they are embedded links instead of attachments, so it can be helpful to keep an eye out what URL’s to block.

Example
Follow this link for an archived Reddit post about the scam with images: https://archive.is/1qGNC

Things to look out for
Another method is it being posted while tagging @everyone or @here, which is covered with the previous rule. They also seem to hide the actual content by abusing the spoiler tag bug on Discord (in short: repeated spoiler tags will eventually break the message and not show any content, like it’s an empty message), but that doesn’t seem very helpful if they are trying to scam people by showing them pictures.

How to counter it
Provided they only share four attachments once and do nothing else, it is not possible to use Automod to block these kinds of messages. The best alternative I’ve found is to set up a bot like Dyno and instantly remove the message when four attachments are shared at once. 

Sometimes they keep posting in every channel which is helpful to us, as then you can increase the limit to 10+ attachments within X seconds to decrease the rate of false positives.

Earn money with trading (Ponzi scheme)

This scam is basically a ponzi scheme where you will be told how to make profit on the condition of sharing 10-15% of your profits with the scammer.

Example

Hello everyone I'll help the first 10 people interested on how to start earning $100k or more within a week, but you will reimburse me 15% of your profits when you receive it

Note: only interested people should send a friend request or send me a dm! ask me (HOW) via Telegram

@rossi_gram

Or Click /use the telegram link on my bio

How to counter it
Set up a Custom Rule and skip the first input field as we’re going to use the Regex filters to customize the ruling. Expand the Regex field and add the following lines:

• Any Mention of Crypto + Telegram: (.*crypto.*)(telegram)
• Keywords + Telegram link: (.*earn.*|.*profit.*|.*crypto.*)(https://t\.me/\w+)
• Keywords + Phone Number: (.*earn.*|.*profit.*|.*crypto.*)(\b(\d\s*){8,16}\b)

Make sure to block the message and send a flagged message to your logging channel for future reference.

Giving away free hardware

Unsure what the end goal is of this scam, but I've seen this for a few years now so worth a mention. I imagine you either have to pay a deposit or shipping or something and then they ghost you.

Example

Hello @everyone, I’m giving away my Sony ZV-E10 camera along with the 18–105mm f4 lens for free as a Christmas gift, both in their original boxes and in nearly brand-new condition. I purchased them during Christmas 2023 but only used them for a few test shoots before keeping them stored. Since I recently got a drone, I decided to pass these on to someone who truly needs a camera but may not be able to afford one.

This is strictly on a first-come, first-served basis.
IF YOU ARE INTERESTED DM.

Things to look out for
The hardware and year mentioned changes, but the essence is always the same: slightly used, free to claim, only via DM.

How to counter it
Use the rule for @mentions and server invite.