On average an estimated 1.2 billion of us are regularly logging on, signing up and playing online. Unfortunately, whenever money or personal data is changing hands online, criminals are watching, looking for some way to turn the situation to their advantage.
Recently there has been an increase in theft of virtual assets and exploitation of out of date mods, leading to devices being compromised with malware and accounts being hijacked and digital assets lost.
To prevent your gaming account being hijacked, you should:
Keep your devices and applications up to date - This includes the operating system. This will help prevent these attacks from being successful. Turn on automatic updates and where possible install antivirus like windows defender on your device to check for malicious executables installed on the system and keep it up to date. Make sure that community mods that you may have installed are also up to date as researchers have found an increase in cyber criminals exploiting outdated community mods to spread malware and hijack game servers.
Use strong passwords and turn on 2SV – You can protect your gaming accounts using unique long password consisting of three random words. Turn on 2-step Verification, this can be found in settings. It offers an extra layer of protection to prevent someone hacking into your account. Recently, we have seen an increase in fake phishing websites impersonating login portals, look out for suspicious links and URLs. Don’t follow links sent by other players, find your own way there through google.
Protect your privacy online – Be mindful of the information you are sharing, don’t share personally identifiable information with players you don’t trust. Apply privacy settings to ensure personal data isn’t visible to other players e.g. location. Hide your friends lists, to avoid scammers from impersonating your friends.
Use official stores or sources – When purchasing and downloading games, make sure that you are using the official store fronts to avoid inadvertently downloading malware.
Don’t follow instructions from other players - Cyber attackers often attempt to circumvent in-game security measures by persuading you to do something outside of the game itself. For example, a player you don't know may suggest that you install an 'upgrade' and supply a link for the download. The offer could also come in the form of a well-crafted phishing email, promising some kind of freebie related to a game you enjoy.
A lot of game distributors will not offer support if you have been using third party services to commence trades and link your accounts as these falls outside of their terms and conditions. It’s really important that you are cautious when using these services especially if another player ask you to sign up to these services. Genuine online services won’t require that you complete a trade to be able to login to those platforms or ask you to give your 2-step verification code to anyone else.
How to tell if you've been hacked
Check your online accounts to see if there's been any unauthorised activity.
Things to look out for include:
being unable to log into your accounts
changes to your security settings
messages or notifications sent from your account that you don't recognise
logins or attempted logins from strange locations or at unusual times
unauthorised money transfers or purchases from your online accounts
For help on recovering a hacked account visit: https://www.ncsc.gov.uk/guidance/recovering-a-hacked-account
For more information on how to stay secure when gaming online visit: https://www.ncsc.gov.uk/guidance/online-gaming-for-families-and-individuals