As the World marks Video Game Day, cybersecurity experts remind gamers of the dangers they face and explain how to stay protected
IT News Nigeria:
Why cybercriminal targets gamers
- To sell your virtual assets for real-world money – Cybercriminals will often breach gamers’ accounts and steal their virtual goods in order to then sell them to other users for real-world money. In many ways, video game economies have essentially been the forerunners of cryptocurrencies. It should always be kept in mind that the virtual money earned in a game cannot be used in the real world, but it has a value to gamers and be traded.
- To steal games from your inventory – Many games are published, sold and authenticated online via platforms such as Steam, Origin and GOG Galaxy. CPR reported on a major vulnerabilities in popular Valve games networking library, which if exploited could take over hundreds of thousands of computers without needing users to click on phishing emails, as victims will be affected by simply logging onto the game. People will typically manage all of their purchases from a single account, and long-term users are known to have libraries with hundreds of games. Cybercriminals will sometimes hack into accounts to steal some of these games for their own use.
- To gain as much information about you as possible for identify theft and bank fraud – With online transactions and monthly subscriptions, there is a lot of financial information at play, which is attractive to cybercriminals. Sometimes they can even track information as sensitive as your location or listen into phone calls in the case of a mobile game.
How to protected yourself against game targeting cybercriminals
- Use two-factor authentication (2FA): Many games make it easy for attackers to do their job; often, simply looking at another participant will reveal their username. For example, Battlefield 5 has a competitive mode for up to 64 players, meaning that a single game provides a cybercriminal with up to 63 usernames with which to test common or default passwords. It’s important to have two-factor authentication enabled – when a separate code is required if logging in from a new device – to keep accounts secure.
- Beware of phishing: Phishing campaigns frequently target users of popular games. A common tactic used by cybercriminals is to create a fake login page, or to impersonate a friend and attempt to send malicious links via chat platforms. The shared interest in video games lends credibility and builds trust. Make sure to look out for anything that doesn’t look right and never click on any links.
- Beware of ‘too good to be true’ promises: In this world, malware propagation vectors often coincide with phishing methods. If Steam chat can be used to spread links to fake authentication pages, it can certainly be used to send links to unintentional or ‘drive-by’ malware downloads. In the case of competitive gaming, many players can be convinced to willingly download malicious applications that promise ‘cheats’, hacks or other ways to gain advantage over other users. You need to be aware of any such offers and only download applications from official app stores. Add to this the risk of malware managing to spread to devices connected to a corporate network, and the danger is much higher.