The gaming sector saw an increase of 167 percent in web application attacks in 2021. That number looks terrifying, but it is an almost inevitable consequence of a similar increase in the number of online gamers, a number which currently stands at about three billion.
It is easy to look at the year in question and assume this was some sort of blip brought about by the world grinding to a halt for several months. True, the number of gamers leaped by 26 percent between 2019 and 2021, but it was rising before, and it has continued to rise since – researchers estimate there will be about 3.3 billion active gamers in 2024. So, the events of 2020/21 only served to accelerate a trend that was already in place and that continues to this day.
Increased monetization attracts more scammers and hackers
Criminals will follow the money. Build a dozen McMansions in a rural village and attempted burglaries will increase. Create platforms where billions of people make financial transactions and they will attract cybercriminals, too.
The rapid increase in the popularity of gaming inspired developers to find new ways to monetize their games. This led to the creation of in-game currencies, such as Robux (Roblox) or V-bucks (Fortnite), which players can either earn in-game through skillful play or can purchase with fiat currency, just as you might buy Euros or Australian Dollars with your USD.
Gamers spend their in-game money on micro-transactions, which allow them to buy power ups, or unlock special features. Some games also offer loot boxes, which are a little like “lucky dips” – you buy the box, and only then do you find out what is inside. All this has led to controversy, ranging from developers being accused of predatory monetization to charges that buying loot boxes is a form of gambling and should be treated accordingly.
In-game currency is also a target for money launderers, who can buy it using a pre-paid card and then sell in-game assets on third-party websites, exchanging them for cryptocurrency and leaving no trace of the seller’s identity or original source of funds.
It sounds like the plot of a crime thriller, but this really happens. There was an example earlier this year in India concerning the laundering of INR 4,000 crores (about $49 billion). These companies were registered in tax havens like Curaçao and were linked to Indian bank accounts opened with fake identities.
Online casinos – not such a soft target
Not all gaming-related cybercrime is so sophisticated or on such a large scale, of course. Most criminals look for soft targets and seek to obtain access to private information so they can gain access to payment cards or bank accounts. Online casinos seem like tempting targets. After all, this is a form of gaming that has financial transactions at its heart, with players depositing money and withdrawing winnings every day.
However, reputable online casinos have security measures that are just as tight as real ones. These include two-factor authorization, encryption and secure off-site storage of customer data. That is fine, but players have to take responsibility for their own security too, especially at mobile gaming sites.
Mobile gamers face greater risks
Let’s stay with the casino example for a moment. A physical casino might have top-notch security. But if you win $1,000 and carelessly shove the ten $100 bills in your back pocket as you walk out into the night, you’ve only yourself to blame if they disappear.
Whether it is casino gaming or Candy Crush Saga, mobile gamers can be blasé and do the equivalent of the same thing. Smart phones are vulnerable, but those vulnerabilities are easy to manage. Always lock your screen and protect all important apps with either strong passwords or ideally, biometrics such as fingerprint or facial recognition. Finally, keep your phone on you all the time.
