Although gaming started as a single-player activity, most now involve multiple players with an online community that is able to talk and interact with each other through headsets or send instant messages during the games.

Online gaming flourished especially during the global COVID lockdowns, as online gaming provided a much- needed outlet for entertainment and social interaction, with hundreds of thousands new accounts created and new communities born.

This was obviously a boon to would-be hackers, with an estimated 1 billion online gamers worldwide in 2020, with China, South Korea, and Japan having the biggest online gaming reach amongst the population according to Statistic.

They estimate that by 2025, online gaming audiences are projected to surpass 1.3 billion.

Check Point® Software Technologies Ltd., a leading provider of cybersecurity solutions globally, warns that now that gaming is one of the world’s largest entertainment industries, it is also one of the major targets of cybercriminals. Companies in the gaming industry that have fallen victim to cyberattack include CD Projekt Red, Electronic Arts and Ubisoft.

This is because gamers often hand over as much personal information to companies in this industry as they would to their employer, bank or when online shopping.

Three key tips from Check Point Software to stay ahead of online gaming threats:

1. Use two-factor authentication (2FA): 

Many games make it easy for attackers to do their job; often, simply looking at another participant will reveal their username. For example, Battlefield 5 has a competitive mode for up to 64 players, meaning that a single game provides a cybercriminal with up to 63 usernames with which to test common or default passwords. It’s important to have two-factor authentication enabled – when a separate code is required if logging in from a new device – to keep accounts secure.

2. Beware of phishing: 

Phishing campaigns frequently target users of popular games. A common tactic used by cybercriminals is to create a fake login page, or to impersonate a friend and attempt to send malicious links via chat platforms.

The shared interest in video games lends credibility and builds trust. Make sure to look out for anything that doesn’t look right and never click on any links. 

3. Beware of ‘too good to be true’ promises: 

In this world, malware propagation vectors often coincide with phishing methods. If Steam chat can be used to spread links to fake authentication pages, it can certainly be used to send links to unintentional or ‘drive-by’ malware downloads.

In the case of competitive gaming, many players can be convinced to willingly download malicious applications that promise ‘cheats’, hacks or other ways to gain advantage over other users.

You need to be aware of any such offers and only download applications from official app stores. Add to this the risk of malware managing to spread to devices connected to a corporate network, and the danger is much higher.

“Video games are an open door for many types of cyberattacks and taking extreme precautions is no longer an option but a necessity. Having two-factor authentication to access the account, installing protection software or knowing the signs of a phishing attack are key to avoid becoming the next victim. Online games are becoming more and more popular and by using them on a daily basis, it is very easy to let your guard down and become overconfident. The main problem is that cybercriminals are always alert and will not miss an opportunity to strike,” says Pankaj Bhula: Check Point’s EMEA Regional Director: Africa.

The leaked documents give insight into the targeting of children by predators on the platform and how the platform attempts to fight child grooming.

Additionally, one issue identified in the documents is that although Roblox’s systems scan 100 percent of submitted abuse reports, only around 10 percent of those are actionable.

This suggests that even on a gaming platform, where content is moderated, there remain a large number of risks for children.

Roblox is an online gaming platform that allows users to create their own game simulations and virtual locations, where they can play in different locations themselves or invite other users.

There are both harmless and very popular locations, where users can choose a pet and take care of it or go through an obstacle course with their characters.

The genres of such games are almost unlimited and the number of daily active users was 50 million by the end of 2021, most of which were school-aged children.

However, in the game world they may also meet fraudsters, who can either be members of the selected playthrough or even be its authors.

Threats from them can come both inside the game world – they often show aggression, deception or intimidation. For example, the theme of the Roblox game world might be used to create phishing resources in order to steal login and password from the account and further withdraw funds from the victim; or under the guise of in-game currency (Robux) users can be offered to register with a real name or pay for a “no-lose lottery,” participation in which will bring nothing but loss of money.

“Although Roblox has a system of content moderation, you should not rely on it completely. It can be especially dangerous for school children, who due to their lack of experience may not be aware of many cybersecurity rules,” comments Andrey Sidenko, Lead web content analyst at Kaspersky.

Here are a few rules to help not only protect your data, but also not to find yourself in a location that can harm you or your children psychologically:

1. Do not share your real name, place of residence, school, or other personal information that can help attackers identify you in the real world;
2. Only chat with those users who you know personally; do not chat with strangers in Roblox or anywhere else;
3. Use a complex and unique password and always end the session at the end of the game, especially if you choose to connect from an unfamiliar device. Don’t forget to use two-factor authentication;
4. Roblox is using internal content monitoring system and if you come across any unwanted ads, cheating, online grooming, different types of harassment or aggression towards you or other users you should report it to the moderators;
5. Critically evaluate the information you encounter in the game world. Abusers may use a variety of techniques, including social engineering. For example, they may offer you a reward in the form of in-game currency (Robux) for detailed information about yourself. If someone offers you this, then in all likelihood it’s cheating, and the fraudster clearly has “own interests”;
6. Use antivirus solutions and parental control programs to be sure that your child can use the Internet safely.