Privacy Tip of the Week: Protect Your Online Gaming Accounts

The three most popular online video games of 2019 are Fortnite Battle Royale, PlayerUnknown’s Battlegrounds, and League of Legends. Combined, they have more than 750 million active players. Take into consideration all the other hundreds of video games that people around the world play. You have an enormous community of players with personal accounts ripe for hacking. Unfortunately, many people don’t realize that the fantastical virtual worlds they visit can majorly affect their real lives outside the gaming world. This often results in profiles unprotected against threats. What exactly are those threats and how do you protect your online gaming accounts?

• Why do hackers want your account?
• How do they hack them?
• How do you stay safe?

Why Do Hackers Want Your Account?

In order to start playing most video games, those games require you to open an account and create a profile. These profiles, as well as user activity on them, contain a wealth of information that hackers may find valuable. They can also sometimes use a person’s profile for their own means. If a hacker acquires account access, they can:

• Reuse login details to break into other accounts, if you use the same email/username and password across multiple platforms.
• Hold accounts hostage and demand money (or some other type of compensation) in order to return it to you.
• Read chats and learn personal information from them.
• Use your details to send you tailored phishing attacks via email.
• Sell those details to the dark web.
• Use linked credit cards to buy virtual currencies for their own accounts, which they could then sell to other players.

How Are Accounts Hacked?

One of the most effective ways to protect your online gaming accounts is to understand how hackers may breach them. There are several different methods they employ:

• If you use a weak password, hackers can employ a “brute force” attack to gain account access. In this type of attack, they only need to know a user’s username or email address. Then, using an extensive database of common passwords, they simply have a bot try every password until they either crack an account or run out of options from the database. A weak password is more likely to be on the list of possibilities.
• Hackers can also gain account access through data breaches. Unfortunately, there is little you can to do protect your online gaming accounts from this type of attack because they’re entirely dependent on the security of the company behind the game. If they don’t encrypt user passwords, then they’re ripe for the taking. You can, however, take a look at a company’s security and privacy policies to learn how they protect your data.
• Credential stuffing is another popular method employed by hackers around the world. If you often reuse usernames and passwords across accounts, a hacker only needs to breach one account. Then, they can get into others (such as your gaming accounts) by simply trying the stolen credentials on other platforms.
• Because many gamers also frequent forums associated with those games, malware and phishing attacks are common methods of breaching accounts. A person who downloads a game using a P2P website must be especially vigilant with popular games. If they aren’t, they may accidental download malware. Hackers can also use phishing attacks by tricking users into thinking a link benefits the gamer. They can also send phishing emails that look as though they have come from the actual company behind a game.
• Hackers are also not the only people who can benefit from your account information. Cyberbullies and cyberstalkers may be able to learn your IP address from certain games. This allows them to stalk you online and possibly in person if your IP address reveals your real-life address.

How Do You Protect Your Online Gaming Accounts?

Although the threats from video games may seem concerning, there are many effective methods of keeping yourself safe.

• Use strong, unique passwords. A strong password that can’t be easily guessed is unlikely to be on any hacker’s database. This protects you from blunt force attacks. If that password is unique (hasn’t been used on other websites) you are also protected from credential stuffing attacks.
• Enable two-factor authentication if the platform offers it. This type of security requires a person to know the username and password for an account along with a second code which can be sent to a cellphone or email address. A hacker would have to access to the code as well in order to successfully breach an account.
• Stay up-to-date on common phishing attacks. By knowing what attacks are popular, you can help yourself recognize them instead of falling for them.
• Don’t use public wifi. Strangers share public networks. Any of them could potentially see and intercept your traffic, along with your sensitive information.
• However, if you have to use public wifi, connect to a trustworthy VPN (like HotBot VPN) first. VPNs encrypt your session information so that no one but you and the websites you interact with can see it. In fact, we recommend using a VPN for all gaming activities regardless of the network you are using. The extra layer of security is worth it.

]]>