With EGX, the biggest gaming event in the UK opening its doors today, we thought it’d be timely to remind you of some of the threats currently facing gamers. No matter what type of game, client, or system you use, there’s always something waiting to try and give you a bad day where the safety of your account is concerned.
GTAV cash generators
Some games, like GTAV, involve an amount of “grinding” (performing potentially repetitive tasks) to get what you want. In this case, incredibly expensive items/additional content which are free to download, but cost in-game money to make use of. In GTAV, you can buy in-game currency with real money to speed up the process, grind, or turn to the internet in search of free money tools. While modders in game sessions can – and do – spawn money from the sky, or only add cash to your account, the huge pile of YouTube videos and web comments claiming to offer free services online are all fake. The so-called money generators are merely survey scams, which lead to requests for personal information or downloadable files (which may or may not be malicious).
These are very popular, especially with accounts being able to buy and sell (expensive) digital items for various titles, adding extra desirability to scammers wanting to make a quick buck. Phishing is a mainstay of Steam scams; other attacks, such as swiping a Steam SSFN file to bypass Steam Guard are much more sophisticated. Be wary of fake item trades, especially if they don’t lead to an official Steam URL – you may well be looking at a static phishing page, or one which scrapes some elements from the real thing to appear legitimate.
The act of sending armed law enforcement round to a game streamer’s house, which could potentially be fatal. Streamers usually get caught by this by being too open with their personal information – quite often, you’ll find out all you need to know about your target simply by listening to them stream. Before you know it, they’ll have casually mentioned locations, even nearby streets where their friends live, and much more besides. Calls to said friends pretending to be someone else, for example, will fill in the missing pieces of the puzzle.
Ironically, the main way to avoid swatting (for the most part) is to tell people who make a living out of talking, to stop talking about themselves (just a little bit). This is no guarantee of safety; many other ways exist to obtain a home address via publicly available information. All in all, Streaming is a bit of a dangerous past-time.
Game company hacks
There’s not a huge amount you can do when the gatekeepers of your data get popped, but that doesn’t mean you should be complacent. Many game companies and hardware makers now offer additional forms of security such as key fobs and two-factor authentication, which you should make use of whenever possible. You may also wish to use a password manager to ensure you’re not just reusing the same passwords everywhere, which could lead to additional compromises. Modern gaming can require multiple passwords across different gaming platforms just to play one game, so it’s fairly common to see video game password burnout – don’t fall for it!
It’s becoming increasingly difficult to obtain old game consoles, much less play the original titles. Even on consoles where backwards compatibility exists, titles differ from how they were originally, or licensed music has been replaced, or the control scheme is different, or maybe it works on this console but not that mobile properly, and anyway its funded by ads, and so on.
Entering stage left: fake emulators. It is still challenging to emulate most of the last generation (or two) of consoles, and you should be extremely wary where such claims are concerned.
These are some of the most common problems we see on a daily basis in gaming land; feel free to offer up some of the scams you’ve seen doing the rounds in the comments below. Safe gaming!
The Malwarebytes Labs Team
*** This is a Security Bloggers Network syndicated blog from Malwarebytes Labs authored by Malwarebytes Labs. Read the original post at: https://blog.malwarebytes.com/cybercrime/2017/09/dont-let-these-gaming-threats-give-you-a-game-over/