It’s been more than a year since the PlayStation 5, Xbox Series X and Xbox Series S hit store shelves. These releases, combined with the ongoing pandemic, have led to an unprecedented number of people turning to gaming to spend their free time. But with that increase comes more interest from scammers hoping to take advantage of unsuspecting customers.
People spent more than $60.4 billion on video games in the U.S. last year – an 8% increase over 2020. The first lockdown saw a 54% increase in gaming-related phishing attacks. But it’s not just the money that makes gaming attractive to criminals – it’s also the wide variety of information that can be stolen and exchanged for real-world dollars.
Criminals who target gaming can steal in-game currency, in-game loot, or even sell entire accounts. Some convert game items like skins or rare items to cash on Ebay, or use stolen currency to purchase and sell expensive items.
That’s why it’s more important than ever to secure your game accounts.
Level up your security
You should be following basic security measures, like using strong and unique passwords, for all of your accounts. That includes online games, subscription services, and payment methods. 1Password’s Watchtower can detect weak, reused, or compromised passwords and let you know if two-factor authentication (2FA) is an option. Note: you should always enable 2FA for an extra layer of security.
If you’re looking to sell or give away an old console, make sure to clear the history of all of your accounts to prevent accidentally giving someone access to your information.
Think carefully about who has access to your console, and whether you’re comfortable with them using your profile and store account. Let’s say you’ve just moved into a flat with total strangers, and decide to connect your PlayStation 4 to the living room TV. Until you’re familiar with your new cohabitants, it’s probably a good idea to set a passcode for your PS4 profile and sign out after each session.
Ditch the defaults – go custom
The default settings on your console and PC aren’t necessarily the most secure. Check your account settings to make sure your accounts are as secure as possible. Here are a few examples of security settings that are often available but need to be activated manually:
- Enable PIN codes for multiple accounts
- Remove the ability to sign in automatically
- Require a password for any digital store purchases
- Make entering a password mandatory for changes to settings
- Get notifications when a purchase is made
- Add security questions – but generate a random memorable answer with – 1Password rather than using actual information
- Turn on multi-factor authentication
These additional security steps will make your account more secure against anyone trying to gain access. Most game companies have a resource page with additional security features – find that page and get your account up to snuff.
Scammers' favorite game: phishing
Phishing scams offering free in-game currency have become increasingly common in the gaming industry. As Malwarebytes Lab explains, the popular FIFA series is often targeted by criminals due to its complex in-game economy, which includes a combination of currencies earned in-game and bought using real-world money. Many players are desperate to accumulate both in order to buy better footballers for their fictional teams, which leads them to scam sites offering too-good-to-be-true deals.
The popular game Fortnite has also had a number of successful phishing scams, exploiting young players' limited access to real-world currency.
We recommend you enable 2FA for your game account to reduce the impact if you’re caught up in one of these scams. This way, even if scammers get your login credentials, they won’t have the second factor of authentication needed to sign in.
But the easiest way to avoid these types of phishing scams is to resist the temptation to cheat. Few games have cheat codes for free currency and items – and if they do it’s likely well known, public information. Trying to get free in-game currency or items is just not worth the risk of losing your entire account.
Download games from verified sources only
Many of today’s games are free to download, which has created a rampant market of fake download links for games and content expansions. Apex Legends is available to play on Windows, PlayStation, and Xbox platforms, but scammers released a fake link to play the game on mobile which amassed over 100,000 clicks in under a week.
When you download files from an unverified source you’re opening yourself up to malware. To prevent downloading fake free games, or content drops, always make sure you’re getting your games from reputable sources. Carefully check the URL before entering sensitive information or clicking the download link.
Now is a great time to go back and make sure that all of your accounts are as secure as they can be – whether that’s setting up new, more memorable and secure passwords, using 1Password, or setting up two-factor authentication. It also means playing games in good faith – don’t try to get ahead by doing something illegal.