Why would anyone want your gaming account?
Whether you play a free or paid online game, hackers can get plenty of value from your account. Remember all those crates unlocked over several years of collecting? There’s potentially hundreds of dollars worth of cosmetics across your Fortnite, PUBG Lite and Overwatch accounts. Hacking most accounts isn’t too difficult because many players fail to employ basic cybersecurity precautions. Once they take over your account, they might be able to:
- Listen to your gaming conversations and read your chats.
- Reuse your login details to break into other accounts (for example, social media).
- Use your details in phishing attacks to get even more information out of you.
- Sell your details on the dark web;
- Use your payment details to purchase virtual currencies, send them to the attacker’s account, then resell them on the gaming platform or the dark web.
- Use your account to launder money.
How do hackers break into your account?
Hackers have many ways to break into your account. Let’s look at some of the most common methods used.
1. Weak passwords
One of the biggest mistakes you can make when creating your gaming account is to use a weak password. The one that consists of just one word anyone could find in a dictionary or using common passwords such as ‘password1234.’ That Minecraft or Roblox account you made years ago before you had a decent knowledge of cybersecurity is probably protected by a weak password. If you don’t want to lose the progress across those games, it’s time to update your passwords. Hackers have large databases of common passwords that come in handy when performing brute force attacks.
To complete a brute force attack, the hacker only needs your user name or your email address. They will then use a bot that will try all passwords on their database until they succeed or until they go through the whole list with no luck.
2. Data breaches
Data breaches and leaks are another password goldmine for hackers. Unfortunately, there’s not much you can do to protect yourself as this depends on the cybersecurity of the company that stores your data. If they keep your passwords unencrypted, it’s very likely that they will end up on the dark web and in the hands of a hacker.
Data breaches seem to be a pretty widespread threat. In its research the cybersecurity company KELA discovered nearly 1 million compromised accounts associated with gaming clients and employees. 50% of them were offered for sale in 2020. KELA also found out over 500,000 leaked credentials of gaming sector employees.
3. Credential stuffing
If you reuse passwords on multiple accounts, you may also be vulnerable to credential stuffing attacks. If your login details have been previously leaked or a hacker breached any other account of yours, they will probably try to reuse the same login details on other platforms. If you used the same password for your gaming account and your online banking, you might be in huge trouble.
Credential stuffing is another common threat. Akamai, a cybersecurity company, published a report revealing that the video game industry experienced almost 10 billion credential stuffing and 152 million web application attacks between 2018 and 2020. The attacks especially peaked during Covid lockdowns.
4. Cross-site scripting
Cross-site scripting is another type of attack widely used by hackers to steal your login details. How does it work? Some website servers do not reconfirm authentication every time they exchange information. Hackers use this vulnerability to inject scripts into the website’s UI, which can then be used to steal the information you entered into that website.
Even though someone stealing your account is a scary thought, but it’s not the only threat looming in the online gaming world.
1. DDoS attacks
If you are serious about gaming and do it professionally or competitively, you may become a victim of a Distributed Denial of Service (DDoS) attack. Using a botnet, a hacker who knows your IP address could flood your router with artificially inflated traffic, forcing you offline. Your League of Legends teammates won’t be happy with the blackout your system will suffer from a DDOS attack.
Hackers can also try to trick you into downloading malware. For example, if you want a game not released in your country of residence, you may decide to download it from a P2P website. Hackers know what games are popular, and they can use them as bait. Don’t get tempted to download malware masquerading as a new game release.
Phishing can also be used to trick you into clicking on malicious or spoofed links. For example, Fortnite players have been tricked into clicking on links posted in gaming forums offering them discounted or free virtual tokens and other accessories. In reality, the links were part of a cross-site scripting attack that helped hackers breach players’ accounts.
They can also send you phishing emails using the information they already have (i.e., your email address). It will trick you into thinking that they are from a legitimate company. This way, they may steal even more information from you like your passwords, payment details, home address, etc.
4. Cyberstalking or cyberbullying
Cyberstalking and cyberbullying can also make your online and offline lives very bitter. Toxic behavior can be common in some video games. Opponents can look up your IP address, find out your location or even your identity, and then bully you on social media and other gaming platforms. By knowing your preliminary address, they can stalk you in real life too. Who said that gaming isn’t dangerous?
How to protect yourself
You can take simple precautionary measures to make hackers’ (and your most vicious opponents’) lives more difficult. This is how:
- Use strong passwords. Read these tips on how to create a unique password or use the automatic NordPass password generator.
- Enable 2 Factor Authentication. This way, getting into your gaming account or your email account will be twice as hard. What would happen if someone were to hack into your Origin account? They could gift themselves games until the card linked to your account is maxed out. Hackers will now need physical access to your phone to get a second verification code.
- Use the NordVPN’s Threat Protection feature. Threat Protection makes your browsing safer and smoother. It helps you identify malware-ridden files, stops you from landing on malicious websites, and blocks trackers and intrusive ads on the spot.
- Familiarize yourself with phishing techniques. The easier it is for you to recognize them, the bigger the chance that you won’t fall for them.
- Familiarize yourself with cyberstalking and cyberbullying. Learn what to do if you become a victim of either.
- Use VPN for gaming. It will encrypt your traffic and will hide your IP address from any hackers and snoopers. It will also protect you from DDoS attacks and ISP bandwidth throttling.
There is one extra key feature that makes NordVPN a great choice for gaming, and that’s the Meshnet feature. This versatile feature can be used to form a remote LAN with your friends’ devices so you can form fun, private game rooms with people you trust.