Just because online games take you to an imaginary world doesn't mean that they can’t have real-life threats. Continue reading to find out what to expect in the gaming world and how to protect yourself from hackers or vicious opponents.
May 19, 2021 · 5 min read
Whether you play a free or paid online game, hackers can get plenty of value from your account. Remember all those crates unlocked over several years of collecting? There’s potentially hundreds of dollars worth of cosmetics across your Fortnite, PUBG Lite and Overwatch accounts. Hacking most accounts isn’t too difficult because many players fail to employ basic cybersecurity precautions. Once they take over your account, they might be able to:
One of the biggest mistakes you can make when creating your gaming account is to use a weak password. The one that consists of just one word anyone could find in a dictionary or using common passwords such as 'password1234.' That Minecraft or Roblox account you made years ago before you had a decent knowledge of cybersecurity is probably protected by a weak password. If you don’t want to lose the progress across those games, it’s time to update your passwords. Hackers have large databases of common passwords that come in handy when performing brute force attacks.
To complete a brute force attack, the hacker only needs your user name or your email address. They will then use a bot that will try all passwords on their database until they succeed or until they go through the whole list with no luck.
Data breaches and leaks are another password goldmine for hackers. Unfortunately, there's not much you can do to protect yourself as this depends on the cybersecurity of the company that stores your data. If they keep your passwords unencrypted, it's very likely that they will end up on the dark web and in the hands of a hacker.
Data breaches seem to be a pretty widespread threat. In its research the cybersecurity company KELA discovered nearly 1 million compromised accounts associated with gaming clients and employees. 50% of them were offered for sale in 2020. KELA also found out over 500,000 leaked credentials of gaming sector employees.
If you reuse passwords on multiple accounts, you may also be vulnerable to credential stuffing attacks. If your login details have been previously leaked or a hacker breached any other account of yours, they will probably try to reuse the same login details on other platforms. If you used the same password for your gaming account and your online banking, you might be in huge trouble.
Credential stuffing is another common threat. Akamai, a cybersecurity company, published a report revealing that the video game industry experienced almost 10 billion credential stuffing and 152 million web application attacks between 2018 and 2020. The attacks especially peaked during Covid lockdowns.
Cross-site scripting is another type of attack widely used by hackers to steal your login details. How does it work? Some website servers do not reconfirm authentication every time they exchange information. Hackers use this vulnerability to inject scripts into the website's UI, which can then be used to steal the information you entered into that website.
Even though someone stealing your account is a scary thought, but it's not the only threat looming in the online gaming world.
If you are serious about gaming and do it professionally or competitively, you may become a victim of a Distributed Denial of Service (DDoS) attack. Using a botnet with hundreds or thousands of infected devices create a botnet, a hacker could flood your router (if the IP is known) or the game server you’re connected to with requests. This creates a system overload and shuts it down. As a result, your game is disrupted or you get disconnected. Your League of Legends teammates won’t be happy with the blackout your system will suffer from a DDOS attack.
Hackers can also try to trick you into downloading malware. For example, if you want a game not released in your country of residence, you may decide to download it from a P2P website. Hackers know what games are popular, and they can use them as bait. Don't get tempted to download malware masquerading as a new game release.
Phishing can also be used to trick you into clicking on malicious or spoofed links. For example, Fortnite players have been tricked into clicking on links posted in gaming forums offering them discounted or free virtual tokens and other accessories. In reality, the links were part of a cross-site scripting attack that helped hackers breach players' accounts.
They can also send you phishing emails using the information they already have (i.e., your email address). It will trick you into thinking that they are from a legitimate company. This way, they may steal even more information from you like your passwords, payment details, home address, etc.
Cyberstalking and cyberbullying can also make your online and offline lives very bitter. Toxic behavior can be common in some video games. Opponents can look up your IP address, find out your location or even your identity, and then bully you on social media and other gaming platforms. By knowing your preliminary address, they can stalk you in real life too. Who said that gaming isn't dangerous?
You can take simple precautionary measures to make hackers' (and your most vicious opponents') lives more difficult. This is how:
Want to read more like this?
Get the latest news and tips from NordVPN