Why gamers are attractive targets for cybercriminals

Next story

The growing number of gaming enthusiasts, wide variety of methods to monetize attacks, and large sums of money that circulate in this industry are only some of the reasons that gamers are attractive targets for online hackers

Nowadays, people of all ages play video games. Of the approximately 7.5 billion people who live in the world, around 2.5 billion are gamers, a figure representing one-third of the world’s population. Data from Statista predicts that in 2021 that number will rise to over 2.7 billion. This is in part due to the technological evolution of video games along with new avenues opened by online gaming – a brave new world that has been drawing in droves of fans. The internet has brought an interactive and social component to the world of video games that did not exist before its arrival.

To understand fully why gamers are attractive targets for cybercriminals requires a deeper analysis than we can get into here, yet there are certain aspects of the gaming world that serve as telltale signs that can explain the increased interest given to it by cybercriminals.

First is the money that’s driving the gaming industry. According to the annual Global Games Market Report from Newzoo, the video game industry is on a steady climb. In 2016, the industry brought in $101.1 billion and for 2019 that number is expected to have risen to $152.1 billion, representing an annual increase of 9.6% year on year. The pool of gamers is itself quite diverse, including those who play casually via social networks or browsers and more avid fans who pay monthly subscriptions to dedicate more time to gameplay. The gaming world is segmented across mobile device gamers, including smartphone and tablet users, which represent the largest segment of the industry, followed in second place by those who play on consoles, while in third place are those who game on their PC.

A second sign that cybercriminals are increasingly turning to gaming is the higher level of attention paid to issues surrounding gaming software. This is seen by the frequent discovery of vulnerabilities on video game platforms by investigators, as well as by the large number of exploits engineered by cybercriminals.

On WeLiveSecurity we have published a number of cases in which gamers have fallen victim to cybercriminals via a variety of malicious attacks used to rip them off financially. For example, in one case we reported on scams surrounding the launch of the game Apex Legends, where attempts were made to trick users into thinking they were downloading an Android app version of the game – which in reality doesn’t exist and only showed malicious ads instead. In other scenarios, attackers have waged campaigns to distribute fraudulent ads via man-in-the-middle attacks, as happened to players of Fortnite, or to plant ransomware-laced links into online gaming forums for players hunting for game hacks. There are also cases in which attackers have leveraged vulnerabilities in video gaming platforms and in the social components of these platforms to conduct phishing attacks aimed at robbing user accounts and their financial information – data that quite often ends up being commercialized on the black market.

Another type of attack comes from cryptomining malware. According to Statista, around 1.2 billion players are active on PCs. These are gamers who are most likely to be playing on computers with large processing capacity to run the latest games – perfect targets for enslavement to cryptomining operations.

Online users should be more wary of cyberthreats

It is important to keep in mind that, on top of the cases we have described above, there are other dangers that can beset users, such as cyberbullying or grooming. In the popular game Fortnite, for example, there have been cases of stalkers contacting children to trick them into sending intimate photos in exchange for benefits in the game – something we all know as extortion.

Therefore, in some countries, initiatives are underway to educate and raise awareness about the risks and threats that exist in the online world. This is the case especially now in October, which is dedicated as European Cyber Security Month (ECSM), National Cybersecurity Awareness Month (NCSAM) and Cyber Security Awareness Month in the EU, United States and Canada, respectively.

We conducted a survey within our community of users in North America to discern how familiar they are with existing threats around connected home devices. The survey results show that there remains much to do in raising the level of awareness and education.

About 62% of people surveyed said that they do not use unique passwords for their connected home devices, a startling fact given that weak passwords are one of the most targeted forms of attack. Another revelation is that 62% don’t know what two-factor authentication (2FA) is, despite this being the easiest way to protect your online account in cases of compromised passwords. In addition, 64% were not concerned that cybercriminals could access other devices on their home network via a vulnerable device.

Advice to help you stay safe while playing online

With October’s cybersecurity awareness campaigns well underway, let’s review how you can enjoy gaming without being overcome by online threats.

  • Favor official sources whenever possible. You can’t trust what might be lurking under the download links of the thousands of unofficial websites and forums out there distributing games and cheats.
  • Keep your games updated. Games, like other software, can have vulnerabilities that can be exploited by malicious actors. Make sure you have all available patches applied.
  • Use a reliable security solution and keep it turned on while gaming. At any point during your gaming experience, things might take a wrong turn – and you want to be prepared for that. Use a security solution like ESET Internet Security, which also has a Gamer Mode option that lets you enjoy your games without interruptions while keeping your computer protected.
  • Keep in mind that there are other threats targeting gamers. Check out ESET’s further security tips for gamers.