Hackers target gamers with 7,000 daily attacks recorded
According to data from KSN (Kaspersky Security Network ), Kaspersky Lab experts recorded 7,000 attempts to infect gamers around the world every day in 2012. These attacks are launched in an attempt to gain access to personal user data, such as passwords to online games and online banking systems. Where games are concerned, malicious users attempt to steal avatars and in-game items to subsequently sell these virtual goods for real money. In the case of online banking, cyber criminals aim to steal money directly from real bank accounts.
As Kaspersky Lab experts discovered, in order to do this, malicious users send an average of 10 emails with malicious links and attachments to gamers every day, in addition to making roughly 500 attempts to infect gamers via browser-based attacks.
One of malicious users’ most favored tactics in the world of online games is, of course, social engineering — phishing in particular. For example, cyber criminals invoke the names of well-known gaming worlds and desperately try to lure gamers to their fake websites in order to harvest passwords from registered gaming accounts. In 2012, Kaspersky Lab experts recorded 15 million attempted visits to phishing websites designed to look like the pages of one of the largest developers of online games. As it turns out, there were up to 50,000 attempted redirects to phishing sites each day.
Threats targeting gamers are found all over the world but are, of course, not found in equal concentrations everywhere as their numbers are in direct correlation to the number of active players found in different countries. In 2012, the top 3 unlucky targeted countries turned out to be Russia, China, and India. These are the countries were gamers face the highest risk of infection and subsequent theft of avatars and in-game valuables.
Nevertheless, it is entirely possible to protect oneself and one’s in-game alter-ego against attacks from cybercriminals. At first glance, expert recommendations appear to be obvious, although in practice they have proven to be effective time and again. Kaspersky Lab’s malware expert Sergey Golovanov suggests that gamers adhere to the following simple code of Internet conduct:
“First and foremost, one needs to be alert when receiving emails featuring, for example, a request from an online game’s admin server for personal information about your account or an authorization offer under some pretext. Don’t just click on the link right away – it could be a phishing site.
“Next, don’t download unofficial patches from dubious sources — you could easily end up downloading a ‘bonus’ in the form of a Trojan that would then infiltrate your system and start stealing all of your passwords. And I don’t mean just for online games, but also for bank cards, if your bank offers online services. With this in mind, gamers might consider keeping an up-to-date virtual debit card that lets them limit their spending to an amount they choose – with no risk of someone else cleaning out their account.”
All the same, malicious users are just that, and some of them can outsmart even the most cautious user. That is why experts strongly recommend using professional security solutions.