iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
When we think of phishing and other online scams that involve a degree of social engineering, we often think of attacks with carefully designed fake sites, complex business email compromise campaigns, and other threats.
But a new report suggests that targeting children — especially young gamers — can lead to easy and particularly rich pickings.
A new report by security software company Kaspersky outlines some of the tactics hackers use when they target children, and in some cases, the “tactics” are pretty minimal. The rewards, though, can be impressive, especially if kids are playing games on a machine that a parent or other family works from home on.
The most common scam, according to the report, is to offer young players free in-game currency. Games such as Fortnite and Roblox have in-game stores that use an in-game currency, which can be earned by playing the game — but that takes time. However, rather than trying to trick personal details out of their targets, the scammers simply ask outright for the email a game account is registered to and its password, straight up promising free currency in return for the login details.
This leads to a game account being entirely compromised — including any in-game items or currency currently attached to it, which the scammer can then sell.
Other tricks are even clearer in their intentions.
One scam offers free game cheats to download, but to do so, the target must turn off all antivirus software first — otherwise, the cheats will be detected and won’t load properly. The downloaded file purports to hold the desired cheats but is, in fact, a malicious zip file that, once run — without any AV present — can now extract data from a machine at will.
If the machine is a shared one, with possibly important work information, the hack can be incredibly dangerous.
“The longer the victim’s antivirus is disabled, the more data the scammers can potentially pump out,” the Kaspersky report said. “It helps if the child has their own computer, but what if it’s a shared home computer full of parental data, including passwords and bank card details?”
“Almost any adult would smell the cheese in the mousetrap, but to kids who know little about cyber criminal tricks, nothing feels off.”
Older gamers can fall prey to similar scams, though the older the gamer is, the more subtle the scam needs to be. This can be done by using more mature titles, such as Rockstar’s Grand Theft Auto series, as the basis of phishing scams, or by mimicking a game’s online store entirely, tricking gamers into sharing their Steam account details, or even social media passwords.
Kaspersky recommends all the usual tactics to counter such scams — use a password manager, take advantage of two-factor authentication, install AV software — but these are all only useful if parents can convince their kids to follow suit.
As always, the best solution is to educate your kids and keep an eye on what’s happening on their devices at all times.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
