The trade in stolen game keys and digital credits is booming.
According to the Federal Association of Interactive Entertainment Software (Bundesverband Interaktive Unterhaltungssoftware; BIU), 29.3 million Germans play computer games, 37 percent of whom are gamers aged 40 and over. Gaming has long been a leisure time occupation for all the family, with increasing turnover statistics. In the first half of 2014, the turnover in digital games in Germany was 798 million Euros (Source: BIU). The business and the gamers are popular targets for cyber criminals. The perpetrators use computer malware, phishing emails or bogus offers of digital game keys or credits for online platforms to attempt to lure gamers into traps. Registration keys for bestsellers such as Battlefield 4 or Titanfall can be obtained in underground forums for 10 euros. The keys are purchased by fraudsters using stolen credit card data and sold on. In the run-up to Gamescom in Cologne, G DATA has been taking a look around the underground scene and offers tips on how gamers can use the net more securely.
"Stealing and trading in user accounts for online games is a very lucrative business for cyber criminals," explains Ralf Benzmüller, head of G DATA SecurityLabs. "Cyber criminals develop malware or set up well-planned and well-implemented phishing methods to steal user accounts. For performance reasons, gamers often disable their antivirus software and so walk right into the malware trap." Modern security solutions such as G DATA Internet Security or Total Protection are tailored to the needs of gamers. "Disabling the antivirus solution is not necessary with G DATA security software. Gamers should therefore leave their security solution permanently switched on," advises Benzmüller.
Data theft via phishing
Phishing attacks do not just take place in online banking. Gamers have long been in the sights of data thieves, who try to lure them onto fake websites using spam email.
Cyber criminals try to extract user data for gaming platforms such as Steam and Origin from gamers on well-copied websites. Such sites can often only be revealed as fake from the URL.
Fake Steam websites: There is no difference at first glance – the fake can be seen on the left, the original on the right.
The tip from the expert: Website addresses should always be entered in the browser manually. Always look carefully at links to update pages and study the entire address line.
Trade in illegally purchased game keys and credits
The perpetrators use stolen data, which is obtained by phishing or using so-called keyloggers, to purchase game keys or credits for online platforms such as Steam.
Currently much sought after in underground forums are game keys for current bestsellers and top hits such as Call of Duty, Battlefield 4, Watch Dogs, Diablo 3: Reaper of Souls or Titanfall. A key for Battlefield 4 Premium Edition can be obtained for 10 euros – it usually costs about four times as much. However, by doing so gamers risk losing their user account if the key is redeemed on platforms such as Steam or Origin.
Also still popular is the trade in illegally purchased digital credits for Steam, Xbox Live, PlayStation Network, iTunes and other web platforms. These are sold for a fraction of the original value. Steam credits with a value of 100 euros are traded in underground forums for 20 euros.
How online gamers can protect themselves
OnlineGaming_Safety: G DATA provides helpful tipps for gamers, so the game remains fun.