Hackers are drawn to the gaming world
It’s hardly surprising then that hackers are drawn to the gaming world like nails to a magnet. They largely zoom in on account theft, either as gamers themselves to plunder the credits others have built up, or for personal information which can be sold on to spammers or used by hackers for nefarious gain such as identity theft.
In fact many of the tricks and techniques used in the general online world such as phishing, malware and social engineering also apply in the gaming world. And if you’re a victim the effects can be equally devastating especially if, as many gamers do, hours and hours are spent in games mastering levels, building up credits, applying will and determination to develop a profile and downloading add-ons, only to discover everything has been stripped away. Or even potentially much worse, identity details have been lifted.
One of the biggest games publishers is the US Blizzard Entertainment the publisher of many renowned games including World of Warcraft, Diablo and Heroes of the Storm. The company is acutely aware of the damage that can be done from hacking online games and unlike some games developers is keen to promote awareness. So with a respectful nod to Blizzard, below are a series of tips to help identify and safeguard against potential hacks in the gaming world.
How to be safe against hackers when gaming
- Sharing account information
The simplest form of account theft occurs when a user shares login information with another player. This person may be someone you know and trust in real-life, or someone using ‘social engineering’ to get your information. If you suspect that your account has been stolen, change your password to avoid any further damage.
Phishing is the most common method used by account thieves. Emails and websites pretend to be official communications to trick you into willingly handing out your login information.
- Phishing emails will ask you for password or login information
- They often make urgent appeals about your account being under investigation for hacking/cheating and ask that you provide personal information to avoid these penalties
- Phishing emails and websites may also make offers that seem too good to be true, such as early entry into beta tests, special promotions and so on
- They frequently contain grammatical and spelling mistakes. If you see obvious typos and grammatical errors, more than likely it is a phishing email
- Some phishing emails link to fake websites that look like account management websites. Check to make sure your security software flags up suspicious sites
- Some phishing emails will mask, or ‘spoof’ their sending address, making it appear as though the emails are being sent from a legitimate source. Check the email’s header information to see where it is coming from. This link helps you check the source – it’s simple to use and covers all the major email providers
Phishing attempts can also happen during games. They usually come from people pretending to be a legitimate representative from the game creator. They might try and tell you about problems with your account, ask you for account information or even direct you to a third-party website to elicit your account information from you. You can generally identify these attempts by considering the requests. Gaming sites don’t ask for your personal details or generally don’t try and steer you towards another site.
This is perhaps one of the most pernicious of hacking attempts. Hackers inject computer viruses and other malware, including keystroke loggers, into legitimate game add-ons. This can lead to financial consequences such as credit card theft or real-life identity theft. The solution is to be careful when installing game add-ons. If an add-on asks that you to download an executable file cancel the download immediately. If you believe you have become a victim of a malicious add-on, have your anti-virus software run a full system scan, then change your password.
Malicious websites attempt to install harmful software on your computer much the same as malicious add-ons. These sites may be obvious, or they may be designed to look exactly like a legitimate gaming website. One way to tell whether a website is bonafide look at the site’s URL. If it’s not a legitimate gaming website URL but it claims to be official give it a wide berth. If you keep your antivirus software up to date, it will flag up these websites.
- Email addresses and passwords
If you use your gaming website account’s email address or password to create an account for another game or website, you’re putting the security of your account at risk. If someone gains access to your login information on the other game or website, they’ve got your original login information as well. In addition, someone deliberately targeting accounts could create a site for that purpose, such as a fan site or forum for a game. If you register on that website with your username and password, you’ve given that person the keys to your account.
The wisest thing to do is use an alternative when registering for other gaming sites. If that email account is compromised, at least your original account is safe. If you don’t want lots of different email addresses at least use a different password for each account that shares the same email address.
Big names in the gaming industry have had their servers hacked
While video games are billion dollar business it’s worth reiterating that hackers also see juicy gains. Recently, Electronic Arts, another big game publisher with a long pedigree in the industry, had a server hacked. The attackers created a phishing site designed to look like an Apple login page, and used stolen email addresses to embark on a large scale phishing expedition.
Even more recently, social networking gaming site Raptr had user data compromised. “User names, email addresses, password hashes, and some first and last names may have been accessed,” said the company. Passwords were encrypted but people with weak passwords were vulnerable.
Because video gaming is so popular these sorts of attacks will continue. It pays to be mindful of this and practice good security by being aware of the methods hackers use and the need, at the very least, for strong passwords.