Stealing gaming accounts is big business for cybercriminals as an account with thousands of games can be worth a small fortune on the Internet. Hackers can also sell rare in game items to make a quick buck. Moreover, a threat actor can harvest data from a gaming account to learn more about a target, breach their financial pages, launch doxing or swatting attacks, or target their friends and family. And with a growing number of gamers aware of usual cybersecurity threats, hackers are employing more creative measures to breach the cybersecurity of their targets.
Gamers know how dangerous phishing attacks are. After all, phishing emails can hide spyware, keylogger, or any other kind of malware that breaches password security. But smishing can be equally dangerous. So, what is smishing and how can it be an infection vector for a computer virus?
In a nutshell, smishing is the same as phishing, but the attack vector is text messages. In fact, the word smishing comes from “short messages” and “phishing.” Any unsafe text with an attachment or a link can help a hacker steal a gamer’s account.
Trojan Horse Malware
All Trojan horses use trickery to infect their targets. While this malware may appear to be legitimate software or files, they try to harm a computer or a network. Gamers need to be exceptionally watchful against Game-Thief Trojans and Password-Stealer Trojans. Both types of malware can allow threat actors to steal gaming accounts.
Pirated software is becoming less popular with gamers for several reasons. For one, it’s a hassle to download and install with companies implementing more stringent anti-piracy measures. For example, many games require players to play online, even in story mode, to stop piracy. For the other, pirated software, whether it’s an operating system or a game, usually can’t access patches. And patches can have critical security fixes and performance enhancements.
Another reason to avoid pirated software is that it can carry viruses and spyware. For example, the ThiefQuest malware for Macs is a spyware/ransomware hybrid embedded in pirated gaming software. Gamers should steer clear of spyware because it allows its author to read usernames, passwords, and other confidential data.
As its name suggests, scareware is a type of malware that scares victims into making bad decisions, like sharing their passwords. Scareware often uses popups that might say a gaming account has been hacked. It may offer a link that uses a drive-by download to infect the visitor’s account with spyware or offer a phone number that leads to a vishing attack. Vishing, of course, is like phishing, but the medium of attack is voice.
Hackers may take weeks, if not months, for a pretexting scam. It may start with a stranger befriending a gamer online, possibly feigning romantic interest. Once the scammer has befriended the gamer, they may ask questions to learn sensitive information. Alternatively, they may send a text containing malicious software designed to drop a rootkit or open a backdoor in the gamer’s computer.
These are five surprising ways hackers can steal gaming accounts. Gamers should use anti-malware software, firewalls, security patches and keep their guard up to protect their digital lives.