World Gaming Day celebrates a market that continues to grow in both revenue and participants. Although games began as a single-player activity, most now involve multiple players in an online community, in which they are able to talk and interact with each other via headsets or instant messages during games.
Online gaming has particularly flourished during the lockdowns imposed by COVID, as online gaming has been a sought-after outlet for entertainment and social interaction, with hundreds of thousands of new accounts being created and new communities being born. This was obviously a boon for would-be hackers, with an estimated number of 1 billion online gamers worldwide in 2020, with China, South Korea and Japan having the biggest online gaming appeal to the population according to Statistic. According to estimates, by 2025 the online gaming audience is expected to exceed 1,3 billion.
Η Check Point Software Technologies Ltd. provider of global cybersecurity solutions, warns that now that gaming is one of the largest entertainment industries in the world, it is also one of the most important targets for cybercriminals. Companies in the gaming industry that have fallen victim to cyberattacks include CD Project Red, Electronic Arts in the upcoming years, while Ubisoft. This is because players often hand over as much personal information to companies in this industry as they would to their employer, bank or when shopping online.
There are different reasons why a cybercriminal targets gamers:
- To sell your virtual assets for money – Cybercriminals often hack players' accounts and steal their virtual goods to then sell them to other users for real money. By many opinions, video game economies were essentially the forerunners of cryptocurrencies. We should always keep in mind that virtual money earned in a game cannot be used in the real world, but it has value for players and can be exchanged.
- To steal games from your archive – Many games are published, sold and certified online through platforms such as Steam, Origin and GOG Galaxy. THE CPR reported on a major vulnerability in Valve's popular game networking library, which if exploited could take over hundreds of thousands of computers without users having to click on phishing emails, as victims would be affected simply by logging into the game . People usually manage all their purchases from a single account, and longtime users have been known to have libraries of hundreds of games. Cybercriminals sometimes hack accounts to steal some of these games for their own use.
- To obtain as much information about you as possible for the purpose of identity theft and then a bank fraud – With online transactions and monthly subscriptions, there is a lot of financial information at play, which is attractive to cybercriminals. Sometimes they can even track information as sensitive as your location, or in the case of a mobile game, eavesdrop on phone calls.
So how can you stay protected? Here are three key tips from Check Point Software:
- Use two-factor authentication (2FA): Many games make it easy for attackers to do their job. For example, Battlefield 5 has a competitive mode for up to 64 players, which means that a single game gives a cybercriminal up to 63 usernames with which to try common or default passwords. It's important to have two-factor authentication turned on—when a separate code is required when signing in from a new device—to keep accounts secure.
- Beware of Phishing: Phishing campaigns often target users of popular games. A common tactic used by cybercriminals is to create a fake login page or impersonate a friend and try to send malicious links through chat platforms. Shared interest in video games lends credibility and builds trust. Be sure to watch out for anything that doesn't feel right and never click on any links.
Beware of "too good to be true" promises: In this world, malware distributors often coincide with phishing methods. If Steam Chat can be used to spread links to fake authentication pages, it can certainly be used to send links to unintended or “drive-by” malware downloads. In the case of competitive games, many players can be persuaded to voluntarily download malicious applications that promise "cheats", hacks or other ways to gain an advantage over other users. You should be aware of any such offers and download apps only from official app stores. Add to that the risk of malware being able to spread to devices connected to a corporate network, and the risk is much greater.