Cybercriminals set sights on gamers
Kaspersky Lab claims 7,000 infection attempts a day in 2012
Cyber-security company Kaspersky Lab today said its distributed network had identified an average of 7,000 attempts a day in 2012 to infect gamers with malware.
The data was gathered from Kaspersky Security Network, the company's connected users that have agreed to collaborate with Kaspersky researchers on the discovery of cyber threats. According to Kaspersky Lab, the attacks against gamers were launched in an attempt to gain access to personal user data, such as passwords to online games and online banking systems. Where games are concerned, malicious users attempt to steal avatars and in-game items to subsequently sell these virtual goods for real money. In the case of online banking, cybercriminals aim to steal money directly from real bank accounts.
As Kaspersky Lab researchers discovered, in order to do this, malicious users send an average of 10 emails with malicious links and attachments to gamers every day, in addition to making roughly 500 attempts to infect gamers via browser-based attacks. Kaspersky Lab reported that its catalogue of malicious programs targeting online games is increasing at a rate of 5,000 new entries each day.
One of the most favored tactics in the world of online games is social engineering, phishing in particular. For example, cybercriminals invoke the names of well-known gaming worlds in an attempt to lure gamers to their fake websites. Once the target is on an infected site cyber criminals will harvest passwords from registered gaming accounts.
In 2012, Kaspersky Lab recorded 15 million attempted visits to phishing websites designed to look like the pages of one of the largest developers of online games. There were up to 50,000 attempted redirects to phishing sites each day.
Threats targeting gamers are found all over the world but are not found in equal concentrations everywhere as their numbers are in direct correlation to the number of active players found in different countries. In 2012, the top three targeted countries were Russia, China, and India, a list that Kaspersky claims has remained more or less unchanged over several years.
Kaspersky Lab's Sergey Golovanov suggests that gamers adhere to the following simple code of Internet conduct: "First and foremost, one needs to be alert when receiving emails featuring, for example, a request from an online game's admin server for personal information about your account or an authorisation offer under some pretext. Don't just click on the link right away; it could be a phishing site.
"Next, don't download unofficial patches from dubious sources; you could easily end up downloading a ‘bonus' in the form of a Trojan that would then infiltrate your system and start stealing all of your passwords. And I don't mean just for online games, but also for bank cards, if your bank offers online services. With this in mind, gamers might consider keeping an up-to-date virtual debit card that lets them limit their spending to an amount they choose, with no risk of someone else cleaning out their account."