Are Online Games a Security Threat?

Without a doubt, if you’ve been playing online games for a while, you’ve probably had a friend or known about someone being hacked. You may have read articles or posts about accounts being compromised. Big gaming companies, such as Blizzard, have entire pages devoted to account security or remediation of theft.

battle net

As companies continue to integrate services with one another, the security risks grow. Games with online stores may have your credit cards registered for payments, and you may have your accounts linked up for posting screenshots on Twitter, Facebook or even for videos on YouTube. All of this is convenient, but it makes your account that much more attractive to hackers and other criminals.

Before going into what you can do to prevent account theft, hacking and other associated problems, let’s first look at how these security breaches actually take place. There are a number of ways your information can be compromised when dealing with online games, so let’s dive right in.

Malware and Keyloggers

A fair bit of stolen accounts come from malicious software, oftentimes mistakenly acquired by users. Malware may be obtained directly or indirectly; that is, by downloading it directly or by having it “injected” into your gaming device.

Directly downloading malware can be a simple mistake. You might be trying to find mods, music or other companion software to go with your game. Many modern games have add-ons that allow you to customize the game experience, but not all websites are reputable locations for these add-ons.

Companies, such as Curse, provide a fairly reliable source for safe installations, but performing a Google search and just downloading what pops up could land you with a fake program specifically designed to steal your account or other information.

Indirect malware is sometimes acquired by visiting a website that is reputable, but has been compromised or hacked by someone. In many cases, they use JavaScript to fool your computer into acquiring something, such as a keylogger, which keeps a record of your typing and reports it to someone for later use.

This is how some accounts are stolen. But there are other, more clever ways criminals steal your information.

Phishing and Scams

Your favorite MMO or online game probably has a forum or multiple fan pages dedicated to it. People post their thoughts, mods and other ideas to share and discuss their interests in the game. Hackers know that and use your hobby to their advantage.

A phishing scam generally involves posing as either another player or as a company representative. You may see a link posted on a game’s forum, or you may even be contacted in the game by someone posing as a company rep. The end result is usually the same—you end up being asked to login (on a fake website that resembles a trusted website) or to surrender your login information to the fake representative.

Some of these emails are very convincing, as they will come from fake addresses that sound remarkably similar to a company’s name. I once received an “invitation to beta” from something like wowgm@blizard.com. Of course I knew it was fake, and spam filters will sometimes pick it up for you, but they try very hard to make the phishing link convincing.

In most cases, phishing scams will focus on making you believe something that’s too good to be true. Free game time? Click here. Want access to exclusive content? Just login, and you’re all set. Don’t believe it though. Always check the web address, and as virtually every company will tell you, they will never ask for your account information because they already have it.

Unsecured Networks

Not everyone has an awesome gaming computer, so internet cafes have really gained popularity because some will have multiple high end computers ready to go. Unfortunately, public WiFi access tends to mean little to no security.

In these environments, hackers can literally hijack your computer or spy on your device to steal your information. Even if you’re on a laptop you own, the network itself can be what gets you in trouble rather than your own mistakes.

Weak Passwords

This really goes for any account you own; having a weak password means you’re an easy target for hackers. Weak passwords will consist of less than eight characters and typically not contain any numbers or symbols.

Supercharge Your Security

With all this talk of account security, you’re probably wondering what you can do. Surely you’re not interested in having your credit card information stolen just because you wanted to play League of Legends, right?

Thankfully, there are a few easy ways to dramatically reduce the likelihood of that scenario. A few involve software and a few are behavioral. First though, you’ll want…

  1. Anti-virus Software

You probably knew this one was coming, and it can be a nuisance because sometimes anti-virus software causes problems when you install games. But this is really your “last line of defense.” If you end up with malware, it won’t go away without an anti-virus. Grab yourself a free one such as Avast or Panda, as a paid version probably won’t be needed unless you also have a business.

  1. Virtual Private Network

A Virtual Private Network (VPN) is extra important if you ever access WiFi that isn’t password protected. A VPN is a paid service that allows you to connect to a remote server that will encrypt your internet traffic and prevent hackers from directly accessing your device. Though a paid service, it’s an extraordinarily worthwhile boost to your security.

It’s also worth noting that you can use VPNs, such as ExpressVPN, to access regionally restricted content.

  1. NoScript (Firefox users)

If you’re using Firefox, you’re in luck. One of the best add-ons I’ve ever come across for protecting yourself from bad JavaScript while browsing fan sites and forums is NoScript. It takes a bit of learning, but with this, you can shield yourself from a huge variety of scams by simply disabling the coding that makes them work.

  1. Strong Passwords

Since we discussed weak passwords, it makes sense to talk about what you do want in your password. Even if it isn’t required, you should make your passwords at least eight characters long, if not longer, and be sure to include capital letters, numbers and symbols.

  1. Never Share Your Account

Nearly every gaming company is going to tell you this: don’t share your account with anyone. The problem is that you just don’t know whether the party you’re sharing with is safe. A friend might not know as much about security and end up getting your account stolen. And official employees don’t need your info; they should never ask for it either.

  1. Use 2-step Verification

Recently most game companies have begun offering two-step logins. It means that when you login from a new computer or location, you’ll need to enter a temporary code or password sent to your phone or other authentication device to prove it’s really you.

By no means should the security risks deter you from playing online games. But you should certainly be aware of what those dangers are and how to keep yourself safe. Practice accessing safely so you’ll never have to contact customer support in the middle of a game just to say “I think I’ve been hacked.”