Online gaming: a passion that can cost you dearly

Security Awareness
7 December 2022
gaming malware

Young, old, men, women, professionals and housewives. Online gaming is the new fad that embraces all ages and all categories. In Italy in the last 12 months, there have been over 16 million people who have played games online, or about 37% of the population between 6 and 64 years. Of these, 54% are men, and the remaining 46% are women.

According to the Iidea Annual Report (Italian Interactive Digital Entertainment Association) 2021 recorded an unprecedented growth in the market: a turnover of 2 billion and 243 million euros, up +2.9% compared to 2020.  
According to Statista, in 2020, players from all over the world numbered about 1 billion, with China, South Korea and Japan at the top of the ranking. By 2025, the online gaming audience is expected to exceed 1.3 billion.
eSports tournaments have now entered the sector fully, some of which guarantee millionaire jackpots, comparable to the most popular and highest-paying sports competitions. The spread of electronic sports and competitive video games is so wide that it seems that they will also be introduced in the Paris 2024 Olympic Games, although with the exclusion of games that refer to violence. In short, 
we are talking about one of the largest entertainment industries in the world.

It is therefore no coincidence that the sector is being targeted by cybercriminals.
Objective: to steal data and sell virtual assets in exchange for money, also because gamers, in order to chase their adrenaline-pumping fun, often give companies in this sector a lot of personal information. 
In addition, we are talking about a context without barriers and that is difficult to control, where there is a large number of people who exchange information and who do not know each other.
Most video games, in fact, involve several players who become part of an online community in which they interact through calls or instant messages during games. All connected at the same time from the most diverse places in the world, eager to make friends and write in chats, but not always aware of the danger.

It goes without saying that it can become fertile ground for all types of offenders and lends itself easily to a series of illegal activities that are very difficult to monitor and counter.
Behind that name or that photo of an apparent fellow player, there may, in fact, be an expert cyber criminal who is studying us and extorting useful information in order to pull us into some scam. 
Accessing the personal data of users is among the main objectives of hackers, in order to use them for identity theft and bank fraud. It is always good to remember that, especially in this world, nothing is given to us for free. So if we don’t take out our wallet to play, it means we’re paying with our personal data.  
We all know that today our personal data and information concerning our lives have great commercial value and can be used as an exchange commodity, often without our consent.  
There are many traps that gamers can fall into. Here we try to consider some of them and suggest some solutions.

Weak passwords

The classic passwords that use name and date of birth, or a trivial sequence of progressive numbers. While it’s true that they’re easy to remember, it’s also true that they’re easy for a hacker to guess. So, it’s always better not to use them and rely on a password generator. Moreover, two-factor authentication is always recommended.

Malware downloads

When hackers conceal malware behind a game-related download, to induce the gamer to install it. Once the malware has entered a personal device, it can steal sensitive data or take control of the account. The advice is therefore to download games only from official sources.  

Phishing emails

Another effective way hackers induce people to install malware. It is always good to check emails that invite you to download content of any kind and make sure that they actually come from the publisher of the games.

Ransomware attacks

Those who take control of a user’s computer and perform data encryption, then ask for a ransom to restore normal operation. The numbers, however, say that it is statistically proven that once the cyberattack has been launched and that it has been successful, it is utopian to believe that, despite paying, the criminal can decide to return it to the legitimate owner. 
But the objectives of ransomware are also money laundering, through the creation of accounts and the resale of these in the dark web; frauds such as those of fake gift cards, which give away virtual currency for the game in question, in exchange for filling out forms, which will turn out to be fake pages created ad hoc to extort information (access credentials).
Again, it is important to reinforce the entry barrier, using strong passwords and changing them frequently. 

Brute force attacks

Brute force attacks are the ones through which hackers try to force accounts using credentials stolen from other sources. This is likely to be successful, because people often use the same passwords for multiple accounts. The advice, therefore, is never to reuse the same password for access to different sites.

Data breaches

Data breaches happen when hackers directly target the publisher of the games. Once they enter the publisher’s systems, they will steal everything they find, including personal information stored in users’ accounts. To minimise this, it is best to change your password regularly.

Distributed Denial of Service (DDoS) attacks

These are attacks that are typically used, rather than to steal personal data, to take a gaming service offline. Hackers try to cause a crash by overloading the gaming servers. This is no small damage, because the cost of downtime and recovery can reach hundreds of thousands of dollars for the company.

Risk awareness can make a difference

In short, the world of video games is a great virtual arena where strangers challenge each other by putting real money on the table. If at first glance it may seem just fun and maybe even harmless, it is not at all so. It is a world that we must enter prepared and aware of the risks that we are taking. Especially if you play daily, which often leads to lowering the threshold of attention.

We’ve listed a few things you can do to protect yourself from major violations. But the most important recommendation is always to be aware of every action that is taken online. The most powerful antivirus, in fact, is precisely that of knowledge and training. Today we can no longer afford to use the internet, let alone the world of video games, without adequate preparation.  


Articoli correlati

Digital Operational Resilience Act (DORA)

Digital Operational Resilience Act (DORA)

The Digital Operational Resilience Act (DORA) is a EU regulation that entered into force on 16 January 2023 and will apply as of 17 January 2025. It aims at strengthening the IT security of financial entities such as banks, insurance companies and investment firms and...

read more