The 10 biggest online gaming risks and how to avoid them
Online games and video games are fun. They are a way to connect and interact with others. Many people love playing games, whether on gaming consoles, computers, or mobile devices. But there are dangers of online gaming, including viruses, identity theft, and phishing attacks. Read on to find out the biggest online gaming risks and how you can protect yourself.
Dangers of online gaming
The biggest risks of online gaming include:
Malware and viruses
If you try to find cheaper or free versions of your favorite games, then you risk inadvertently downloading viruses and malware instead. This is also the case when you access cheat codes or purchase items through third-party sellers. Even if you download a game legally, a security gap could still place you at risk. Once malware is on your machine, hackers can steal your personal information.
Cybercriminals collect personally identifiable information to build profiles on their potential victims. One of the potential dangers of online gaming with strangers is the chat function which allows you to talk with other players. Criminals can potentially use the chat function to gather sensitive information such as your name, phone number, and house address. That's why it's essential to be careful about the information you share when gaming.
If you use the same username and password for all your favorite gaming platforms – which is not recommended – then if hackers get hold of your credentials, they can access all your accounts and potentially take them over. Sometimes hackers use brute force attacks – this involves using automated scripts to try to break into your account using credentials they have stolen from other sources.
Swatting and doxing
If hackers get hold of your personal details, they could publish your home address or phone number online – an act known as doxing. The purpose of doxing is to punish, intimidate, or humiliate the target. There are numerous reasons behind doxers’ actions – including having fun online and not appreciating the harm they inflict, exacting justice (often mistakenly), revenge, jealousy, harassment and even profit. Doxing is something that can happen once and disrupt a person’s life entirely, without them ever foreseeing it. Even worse, there have been game-related examples of swatting – which is when criminals send law enforcement to your address by reporting a fake emergency in an attempt to intimidate you.
Gamers can sometimes be targeted through spyware schemes, especially if they are dealing with an untrustworthy online gaming operation. Spyware monitors a person’s online activity without their knowledge. If this information is recorded, it can then be sold to third parties, causing a breach of privacy.
Hackers can attack games’ publishers directly. If they gain entry to a publisher’s systems, they can steal a wealth of information – everything from the source code to the games themselves to the personal information stored in users’ accounts. A notable example was the Zynga data breach, which saw the login information (usernames, passwords, and email addresses) for players of Draw Something and Words With Friends stolen by hackers. Over 172 million accounts were affected, making it one of the most significant data breaches of all time.
Older gaming platforms might use insecure methods to process your login credentials. This leaves them vulnerable to a hacking technique called cross-site scripting (XSS), enabling criminals to intercept and steal those details.
Distributed Denial of Service (DDoS) attacks occur when hackers attempt to overload gaming servers, causing a crash that takes the service offline. This doesn't involve stealing user data but is still an annoyance to users – and the downtime and recovery time can be costly for the game’s provider.
Phishing emails or phishing links distributed through the chat during online gaming can be another way hackers deceive people into installing game malware onto their machines. For example, the emails or chats may appear as though they come from legitimate srouces, inviting you to download bonus content or access a login page. In reality, the emails are fake and have malicious intent.
Sometimes, gamers can experience abuse from other players. As well as attempting to humiliate their victims, cyberbullies may also try to manipulate their targets into disclosing personal information which they can use against them.
How to protect yourself from the dangers of online gaming
Online gaming is enjoyable but to maximize safety, it's vital to practice cyber hygiene. Here are some sensible precautions to follow:
Use strong passwords
One of the simplest ways to protect yourself is using a strong password. A strong password comprises at least 12 characters (ideally more) and is a mix of upper- and lower-case letters, numbers, and symbols. It avoids the obvious, such as using sequential numbers (“1234”) or personal information that someone who knows you might guess, such as your date of birth or pet’s name. Keeping track of numerous passwords can be difficult – so using a password manager could help.
Set up multi-factor authentication
If a game or distributor offers two- or multi-factor authentication, enable it. This adds another step to the login process, such as sending a code to your phone number or email address. Two- or multi-factor authentication provides additional security to your game account – some games even offer in-game rewards to players who enable it.
Protect your personal information
Don’t include identifying information in your gaming usernames – such as your name, date of birth, or location – and avoid sharing personal details on gaming forums. When using your gaming headset, be mindful of what personal information you say aloud.
Only download from legitimate sources
Keep your computer and yourself safe by avoiding downloads from illegal sources. Whether it's games, third-party add-ons, or cheat codes, downloading from unofficial or pirated sources risks introducing viruses or game malware onto your machine. Stick to reputable download sites to maximize game security.
Be alert to hidden charges – as well as potential scams
Read the manufacturer or hosting company’s terms and conditions to make sure you understand any immediate or future hidden charges. Keep an eye out for potential scams when buying or selling 'property' that exists inside a computer game.
Keep software up to date
Make sure that you keep your devices and software up to date. Up-to-date software will ensure that you benefit from the latest security patches to address cyber vulnerabilities.
Be vigilant against phishing emails
Be wary about emails that claim you must click, call, or open an email attachment immediately. The golden rule is to avoid clicking on any links, opening any attachments, or responding to any email you feel unsure about.
Dispose of your gaming device safely
When the time comes to dispose of your gaming device – either by selling it, scrapping it, or giving it away – make sure your personal information has been deleted. The way to do this will vary by device, but from a privacy point of view, it's important to delete your account details and backup or transfer your games to your new device if appropriate.
Install and use a VPN when playing games
If you play games on a desktop computer, concealing your location is important to protect your identity. When you use a virtual private network or VPN, your computer can appear to be somewhere else in the world, preventing attackers from finding your location.
VPNs are easy to install and require little configuration to use, and other benefits include:
- Increasing your protection against attacks such as DDoS, which can be used against online gaming opponents, especially in competitive gaming situations.
- Extra safety when carrying out data and bank transactions — since VPNs give you an untraceable connection.
There are VPN clients available for Mac, Android, PC, and Apple iOS.
Kaspersky offers VPN Secure Connection, which you can install across several devices and operating systems. There are free VPNs available – however, these will typically have data restrictions and may not provide you with complete protection.