Online gaming is a billion-dollar industry that attracts millions of internet users of all ages who delve into the digital realm for social and entertainment purposes each day.
Although video game sales skyrocketed during the pandemic, digital game distribution services and game development companies already discovered a matured gaming community that likes to spend big.
On what you might ask? In-game economies such as character cosmetics, skins, equipment, and more, the rarest of which can sell in the real world for thousands of dollars.
The frenzy surrounding in-game items has attracted the attention of specialized scammers, who recognize the monetary value of gaming accounts and use social engineering tactics to rip off victims.
But scam artists are not just after the items in a gamers’ treasury. User accounts on popular video game distribution services such as Steam and Battle.net hold diverse pieces of personally identifiable information (PII) that can be exploited, including:
- Phone numbers, physical addresses and emails
- Financial information in the form of in-game transaction logs and monthly subscriptions
It doesn’t matter if the virtual price of your account is high or low. You may still be targeted by scammers who can use your profile to defraud your friends.
Malicious actors deploy a variety of tricks to fool unsuspecting gamers, including:
- Phishing emails and private messages – fraudulent emails may be used to steal login credentials from users. Their accounts can be stripped of valuables or sold to the highest bidder
- Fake game apps promising exclusive freebies and content – In reality, these apps are used to harvest users’ personal and financial information or install malicious software on victims’ devices
- Item trading propositions – Cosmetic items and upgrades for gamers are not taken lightly, and many fraudsters take advantage of the popularity of trending skins or items. Users’ may receive a message from individuals who wish to trade or purchase your items via PayPal. They will pressure you into accepting the offer, and after paying for the items, the scammers will immediately dispute the transaction.
Protecting online gaming accounts, items and information
In addition to setting up a strong and unique password when creating an online gaming profile, users can follow these easy steps to maintain the security of their account and information:
- Activate two-factor (2FA) or multi-factor authentication (MFA) where possible and regularly change the password for your account
- Install a local security solution to block and detect malicious software and alert you to any phishing attempts
- Use the privacy settings on your online account to control how your profile appears to other members of the gaming community. Some platforms allow you to choose between public, friends-only or private options
- Log out of your account when using shared or public machines
- Don’t click on unsolicited emails that portray a sense of urgency or ask you to provide particular information to confirm your identity. Be especially suspicious of any request to verify your password
- Download apps and extensions from the official website
- Don’t provide your personal or financial information to someone you’ve just met in an in-game chatroom
- Make your in-game purchases from official sources
- Report any suspicious activity to the gaming platform
- Never follow instructions provided by someone who says he reported you by mistake and asks you to contact an authorized representative via communications channels such as Discord to solve the issue