Gamers, who also include a huge number of children, are increasingly being targeted by cybercriminals, with more than 6.6 million attempted attacks detected.
This is according to cybersecurity experts Kaspersky who looked into the threats disguised as popular kids’ video games and analysed the period from July 1, 2023, to June 30, 2024.
The number of unique users targeted by cybercriminals using popular children’s games as a lure surged by 30% in the first six months of 2024 compared with the second half of the year in 2023. Researchers analysed gaming risks for young players and discovered that more than 132 000 users had been targeted.
Out of the 18 games chosen for the research, the majority of attacks were related to Minecraft, Roblox, and Among Us. More than three million attempted attacks under the guise of Minecraft were launched throughout the reported period.
Kaspersky said cybercriminals likely chose this method of attack based on the popularity of games among players, as well as the ability of gamers to use cheats and mods. Since the majority of mods and cheats are distributed on third-party websites, attackers disguise malware by posing as these applications.
One of the most common scams in gaming is the offer to receive new skins for your character – essentially clothing or armour – that enhance the hero’s skills. Some skins are common, while others are extremely rare and, therefore, more desirable.
Another popular trap is the offer of receiving in-game currency. In one of the discovered scams exploiting the Pokémon GO brand, users are asked to enter the username for their gaming account. Next, they’re asked to take a survey to prove they’re not a bot.
“Once the survey is complete, they are redirected to a fake website, usually one promising free prizes or give-aways. This is where the real scam kicks in. The scammers aren’t actually after personal data like credit card details; they’re using the guise of gaming to lure users into another hoax – one involving fake downloads, prize claims, or other deceptive offers. The whole process is a clever way to redirect users to a different, more dangerous scam under the pretence of a legitimate verification step.”
They also found an example of a scam that uses both the name of popular game Valorant and that of the world-famous YouTuber, Mr Beast. By selecting this blogger and using his photo, cybercriminals aim to capture children's attention and hook them into their fraudulent scam.
“Throughout our research, we see attacks on children are becoming a common vector of cybercriminals’ activities. That’s why cyber hygiene education and the use of trusted cybersecurity solutions are a must-have in building children’s safety in the online environment. By fostering their critical thinking, responsible online behaviour, and a strong understanding of the risks, we can create a safer and more positive online experience for this generation of digital natives,” said Kaspersky security expert Vasily Kolesnikov.
To keep your children safe online, Kaspersky recommended:
- Parents having open communication with children about the potential risks they may encounter online and enforcing strict guidelines to ensure their safety.
- Helping children choose a unique password and aim to change it periodically.
- Setting clear ground rules about what they can and can’t do online and explain why you have put them in place. You need to review these as your child gets older.
- Using dedicated apps for digital parenting to help adults ensure a safe and positive digital experience for little ones by establishing healthy habits, protecting them from inappropriate content, balancing screen time and monitoring children’s physical location.
Cape Times