Locked and loaded, online gamers draw phishing attackers

Online gamers have become rich targets for cybercriminals, according a report released this week by the Anti Phishing Work Group.

Over the last two quarters of 2012, phishing attacks aimed at online gamers jumped from 2.7 percent in the September frame to 14.7 percent in the December quarter, the APWG said in its Phishing Activity Trends Report for the fourth quarter of 2012.

Online gaming credentials are valuable to certain criminals, who sell them on the black market, the report explained.

In-game items held in those accounts can also be sold by phishers for real-world cash, it continued.Ã'Â Depending upon how much information is revealed, the victims can even have their real-life identities stolen.

"Online games are very popular -- lots of people are attracted to them -- and phishers like to go where the people go," Carl Leonard, senior manager of Websense Security Labs, said in an interview.

Within online games are value systems used to make in-game purchases that can be turned into money by cybercriminals, explained APWG chairman and founder Dave Jevans.

"Virtual currencies are on the rise and gaming credits are worth money," he told CSO. "Anything that's worth money is going to get attacked."

Gamers are a rich source of another prize for phishers: personal identifying information. "Any personal identifying information is extremely valuable in the underground markets," Websense's Leonard said.

To cybercriminals, gamers can be easy pickings because game culture plays into a scammer's hands. "The generation that's grown up with this stuff has a different level of concern about privacy and interaction with people on the Web," the author of the APWG report and President and CTO of Internet Identity (IID), Rod Rasmussen, said in an interview.

[Slide show: 9 classic hacking, phishing and social engineering lies]

In addition, many gamers engage in dubious activities themselves. "There's a lot of people trying to get a leg up on others playing a game," Rasmussen said. "A lot of the stuff is done in a gray market fashion."

"Because a gamer may already be in a gray area already, it can be easier to slip something passed somebody because they've already lowered their guard to get what they want," he added.

While gamers may take security precautions lightly, the operators of the games don't. "Gaming sites are interested in using good security," Websense's Leonard said.

Security measures implemented by the sites include PCI compliance to protect credit card information, SSL, two-factor-authentication and encryption.

That doesn't mean that hackers haven't found ways to compromise gaming sites, he added.

"Many websites are using vulnerable web servers that they haven't kept up to date," he said. "That's what malware authors seek out."

Those authors use kits that can analyze many websites for vulnerabilities that can be used to inject malicious code into the sites. Once infected, the malcontents use phishing messages to lure victims to the sites to infect them.

For some time now, phishers have been drifting away from their traditional practices and gravitating toward malware propagation, IID's Rasmussen said.

In a classic phishing scam, you receive an email from a trusted source -- a bank, for example -- that contains a link to a phony website emulating the source's. There, personal identifying information is cajoled out of you.

"That continues," Rasmussen said, "but what we're also seeing those same techniques being used to drive people to exploit sites."

"When you arrive there your browser gets hit withÃ'Â a series of exploits," he continued. "If it hasn't been patched, then your computer can get infected."

"That's upping the game a bit from the phisher's perspective," he added.

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.

Join the CSO newsletter!

Error: Please check your email address.

Tags applicationsData Protection | Malwarelegalsoftwarephishingdata protectioncybercrimewebsenseonline games

More about CSOWebsense

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John P. Mello

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place