Impassable level: hackers have come up with a new scheme to cheat young gamers
Fraudsters have come up with a new way of cheating gamers, which most often affects children. They create fake sites where it is supposedly possible to get game currency for games popular with teenagers, but in fact the scammers simply lure away valuable data. "Izvestia" found out how the scheme works and how to protect yourself from it.
A trick with free donations
Fraudsters have come up with a new scheme to deceive gamers. They trick out logins and passwords through a website offering free donations for games popular with children, Kaspersky Labreported.
The hackers have developed a site where it is supposedly possible to get game currency - robux, gold and gems - for games such as Roblox, Standoff 2 and Brawl Stars. Visitors are asked to follow a few simple steps: choose a game, specify the number of bonuses, and then authorize through a Telegram account. But if a person enters their data there, they will fall into the hands of fraudsters.
- In eleven months of 2024 in Russia, more than 1.7 million attempts to go to phishing pages in the field of online games were recorded. Phishers are coming up with more and more new lures and using social engineering methods. They create a feeling that you need to hurry: the site says that the promotion is limited in time - supposedly bonuses are given out for advertising purposes," said Olga Svistunova, Senior Content Analyst at Kaspersky Lab.
In turn, Andrei Sidenko, head of the company's child online security division, noted that children often suffer from such schemes: they have no critical thinking and are often gullible, which is what scammers take advantage of.
- The latter may be interested in accounts in messengers, social networks and games, game items - but also often children become an intermediate link to get to the data or funds of parents. In addition, hacked profiles in social networks or messengers can be used to continue attacks: for example, for mailings with offers to participate in a "win-win lottery" or to vote in a "children's drawing contest"," the expert explained.
Therefore, he added, it is important for both adults and children to be cautious about any generous offers on the Internet and use technical protection measures.
Victims of fraudsters
Fraudsters often target gamers, as they are a very "malleable" audience. In search of free versions of games and easy opportunities to earn in-game currency for upgrading, gamers are ready to visit dubious sites and download files, says Alexandra Shmigirilova, GR-director of the IS-company "Security Code" in a conversation with "Izvestia".
- Of course, now the gamer audience is increasingly moving away from "piracy" and buying games for money, but the temptation to get something for free is very great. In this context, children are particularly at risk, as they usually do not have money for large purchases, and cyber hygiene is not always at a high level - ideal candidates for the role of a victim," the expert explains.
The role is also played by the fact that many parents do not quite understand what modern games are - they think that it is something from the category of "played - deleted", adds Dmitry Ovchinnikov, head of the Laboratory of strategic development of cybersecurity products of the Analytical Center "Gazinformservice". But now many games have switched to the conditionally free mode. That is, there is in-game currency, internal economy and players invest money in these games.
- In addition, there are game stores, where a player's account may contain many games, items and other game assets that are of in-game value. In addition, there are games, inside which boils a stormy political life, and game assets also have a virtual value. All this - monetization, gamification - and encourages fraudsters to use game communities for quite real theft of accounts: game, mail, messenger, - says Ovchinnikov.
Therefore, he notes, the danger can wait in any games where there is a conversion of in-game currency into real money. This includes all donate games. Also at risk are the owners of accounts on game marketplaces, where it is possible to have a separate account.
Gamer schemes
According to Alexandra Shmigirilova, usually all fraudulent schemes in the network are reduced to phishing - only the legends differ. The most popular one is mailings to e-mail or accounts in social networks and messengers, in which scammers offer to buy a game or some in-game goods for free.
- In addition, malicious software is often contained in so-called "cracked" games - hacked licensed versions. By downloading a "crack", the user automatically downloads the malware onto his or her PC. At the same time, users come to the sites where there is a malicious version themselves: they look for it on the Internet, in messengers and social networks, - says the expert of "Security Code".
Also, she adds, fraudsters can deceive people in the games themselves. For example, pretend to be a support service and under various pretexts try to extort credentials from the game account. The "childish" schemes include cases when scammers offer a newcomer to the game to provide credentials to help him generate in-game currency allegedly due to some bug.
- It should be noted that developers are actively fighting fraud inside games - for example, they forbid sending links in private messages. This means that the attacker can be recognized by how actively he will offer to go from the game chat to the messenger: there you can send links, and they, of course, will lead not to sites where you can really get some bonuses and game currency, but to phishing portals with VPO, - she concludes.
Risks for gamers
"Gamer" schemes carry many risks for users. In the best case, the victim will lose a game account, which costs a lot of money if the gamer has managed to "rock" his character. But there are more serious consequences, such as theft of payment data and finances themselves. In the case of a phishing portal requires you to enter, for example, credentials from online banking.
- Criminals often force child gamers to go on a kind of crime: for example, they offer to buy a version of a game or the same in-game currency for a small amount of money. If the child says they don't have it, the scammers force them to steal their parent's card and enter the relevant details on the phishing portal. Then they can steal the entire amount from it, " says Alexandra Shmigirilova.
In addition, adds Andrei Sidenko, scammers can blackmail children, demanding money or additional information, threatening to reveal their "secrets". Also, such situations can negatively affect the emotional state of the child, especially if he is afraid to tell his parents about what happened.
A separate group of risks is carried by versions of games with VPO that can be downloaded online. This can range from spyware that can steal data from a browser to a trivial malware that turns a PC into a botnet.
Ways to protect yourself
In order to protect yourself from hackers, you need to know - and explain to your child - the rules of cyber hygiene: do not follow links from strangers, do not enter credentials on any sites and in general do not provide anyone with confidential information, use complex passwords and two-factor authentication.
- At the same time, parents should always be interested in what their child is playing and what risks these or those games may carry. It is clear that it is impossible to keep track of everything, but there is a "parental control", which can be used to ban certain sites and processes. There are both built-in functions in the OS and specialized applications," says Alexandra Shmigirilova.
Other technical means of protection include the mandatory installation of an antivirus; in addition, it is possible to provide "passive" security by linking a separate bank card to the game account, where a minimum amount of money will be kept.
- This way, if the child wants to buy something, he will firstly use his own card and not the parents' card, where there is more money. Secondly, if the child needs a different amount of money, he will tell his parents. They will be able to find out what exactly is planned for purchase and, only after making sure that the goods (games, in-game currency, etc.) are safe, will transfer the required amount to the game card," explains the Izvestia interlocutor.
If a child has already become a victim of fraudsters, it is important to support him or her and explain that it is not his or her fault. And contact specialists (for example, law enforcement agencies or the technical support service) to minimize the damage and prevent recurring situations, concludes Andrei Sidenko, head of the company's online child safety division.
