At the dawn of the gaming industry, cybercriminals were primarily pirating games and creating illegal copies. It was a bane to game developers and publishers, but it did not bother gamers much. Today, however, new platforms with advanced features are far more complex than those in the days of yore, and with complexity comes vulnerability. For example, many games now come with keyloggers that might be easily turned into spyware if compromised.
The video games market keeps growing. According to the newest Entertainment Software Association survey, 48% of US households own “a dedicated game console” for playing video games and the average frequent gamer is a 38-year-old guy ready to regularly spend money on the hobby. This makes video games a lucrative target for hackers and scammers.
On top of that, games and gaming platforms, despite storing sensitive financial information and valuable in-game assets of their users, still lack precautions and regulations that are common in other high-revenue sectors like banking, finance, and health.
Recent attacks on Steam, big security breaches leaking account details, and the epidemics of ransomware that encrypts game files on your console together with credit card and other personal information, denying you access, unless you pay up – all these prove that today no one is safe.
The recommendations below aren’t really tips, because people usually know these things by heart, but prefer to overlook them for various reasons. Sometimes it’s due to laziness. Another reason is that gamers are usually highly competitive by nature and willing to take risks in the hope of getting an edge over other players. So let us call this piece of advice “good practices” or “commandments” of safe gaming.
- Keep away from sketchy forums and sites that offer you exploits, fancy add-ons, and patches. Always be careful where you download your games from, regardless of the platform. In addition, scan each downloaded file for threats before running it.
- Only buy in-game currency from trusted sites. Don’t buy currency and assets from “gray market” sites, as they are usually targeted by hackers. Also, be careful where you store your credit card information for in-game payments.
- Steer clear of suspicious links. If you need to follow the link you get in the message or email, but you feel uncertain whether it is what it seems, type it in the address bar rather than clicking on it. The general rule of thumb is that link is dangerous unless proven otherwise.
- Use multiple passwords for different services and change them regularly, avoid using names and dates that can be obtained elsewhere. Avoid storing your passwords on your hard drive. Do not discard 2-step authentication, use it whenever it is available.
- Keep your OS and security software up to date and do not disable antivirus software while you are playing. The notion that it decreases speed and interferes with gaming experience while being absolutely pointless is outdated: game medium today is just as prone to attack as the Web. Security specialists point out that in the name of keeping the highest possible system speed and frame rate, gamers are willing to risk their security, which is basically inviting cyber attackers in. Always use real-time monitoring that blocks attacks before they happen and identifies hacker-controlled servers.
- Protect your privacy, do not offer confidential information about yourself, your family or your location even in private chats. Use lock screens on your phone, laptop, PC, and other devices.
- You should be cautious about casual social games also. Game notifications and invites can be used as phishing technique, so unusual messages containing links should raise your suspicion.
- Teach your children the same rules, don’t let them be the weakest link in your family security system. If your children have their own devices, make sure you disable in-game purchases. Also, use trusted legal parental controls, like Pumpic or TeenLimit to monitor their phones and tablets for freshly installed applications – children are less experienced and incredibly trusting, so they can get malware even if you clearly forbid downloading anything without your permission, just because “It seemed ok, besides, it was John who sent it”. Monitoring will also come in handy against cyberbullies and griefers that might ruin the gaming experience for your kids or otherwise harass them.
- Back-up your data. Regular backups outside your computer can be a life savior if it falls victim to a ransomware attack. Having it all stored elsewhere will turn a cyber tragedy into a minor nuisance.
- Use your common sense. The more tempting the offer, the more reasons to treat is with suspicion. The best thing you can do is to remain vigilant while playing or communicating with other players within and outside the game.
It seems that the most important thing we must do is to change our way of thinking – as long as we cannot change the desire of hackers and scammers to feather our nest. We should start from the assumption, that no one will stop the attackers, unless we do. Of course, vendors and publishers also should implement necessary systems and procedures, but, unfortunately, it usually takes some major crisis and million-dollar lawsuits to make them think about the security.