Organized crime sets traps for gamers – fake sites of the FACEIT esports platform are multiplying on the Web. Such a threat was identified by specialists from the Solar Aura External Digital Threat Monitoring Center of RTK-Solar. About the schemes of deception, designed specifically for fans of shooters and rpg – in the material “Izvestia“.
Traps are set
More than 100 phishing sites imitating the popular video game contest resource have been discovered on the web since early summer.- Links to malicious resources are distributed under the pretext of participating in a CS: GO tournament (a tactical shooter. – Ed.), and the purpose of the attack is to steal data for entering the personal account of the Steam gaming service, – an expert from the external monitoring center told Izvestia. digital threats Solar AURA by RTK-Solar company Diana Selekhina. Photo: Getty Images/Westend61
Phishing sites, like two drops of water similar to the Steam site, appear daily, the interlocutor notes.
“In June alone, their number exceeded 600. And on the black market, you can find hundreds of ads for buying and selling hacked gaming service accounts. Depending on the number of games linked to the account and the availability of various bonuses, their price can range from a couple to several hundred or even thousands of dollars.According to Selekhina, the surge in the attention of cybercriminals to gaming services is associated with the expansion and diversification of the criminal business. New level: how scammers deceive Russian gamers — The identified sites are part of a large network that combines resources on various topics, from banking phishing to fraud on marketplaces. Their mass character is due to the appearance on the market of effective tools and services that largely automate the process of creating and maintaining such resources.
Global digital currency
“Plundering” hacked accounts with the sale of all in-game items in some cases can bring intruders much more income. Photo: Izvestia/Dmitry Korotaev
— a lot of time,” Vladimir Zykov, head of the Association of Professional Users of Social Networks and Messengers, explained to Izvestia. — For those who are too lazy to waste their own time, there is an opportunity to buy an account, this is done unofficially.
An account can contain several pieces of expensive virtual weapons and character equipment attributes. Some can be worth tens of thousands of dollars.
Confidential theft: scammers have found an easy way to access gamers’ accounts How to purchase new items for Xbox and PlayStation without the risk of being hacked “Sometimes it’s not about the power of the weapon, but about the originality. For example, an “achievement” (from the English achievement – “achievement”, in the game – a distinctive or bonus attribute) or even just a beautiful sticker that does not provide additional protection in a shooting game and does not cause damage to an opponent can cost thousands of dollars. After the “hijacking” of the account, all this is put up for special auctions, exchanges. These items can be added to the game, removed from the game and sold. These things, in fact, have become a kind of digital currency, and international. Photo: Global Look Press/Bdpa/Michael Matthey
According to the expert, many gamers do not particularly care about the security of their account. And it should.
– There are tools on the Web that are of significant material value and need to be protected. It’s one thing when an ordinary user’s account on a social network is “hijacked”, and it’s quite another when an advanced gamer’s or public administrator’s account, which has more than a million subscribers, is taken away. Social media is also a big problem. To date, VK, for example, has made a forced two-factor authentication for admins, which has corrected the situation – it is not enough just to enter a username and password, you also need to enter the code from the SMS that comes to the phone. He noted that in the case of the theft of virtual game items, it is quite difficult to hold anyone accountable – it is not entirely clear how to assess the damage from such actions. Understanding the inside of the playground itself is also problematic.
Outside the game
The names of popular games are often used as bait by the creators of malicious sites. Photo: Izvestiya/Alexander Kazakov “In this case, the goals of the attackers can be very different – to steal money, infect a device, gain access to a person’s non-gaming accounts, violate his privacy,” Dmitry Galov, head of the Russian research center at Kaspersky Lab, explained to Izvestia. — Interest in well-known or expected games, gaming platforms with a large audience can be used by phishers, scammers, authors of various malware, and not only. So, some time ago, under the guise of a long-awaited game, a Trojan encryptor for Android devices was distributed on the Web. This year, our colleagues discovered a scheme in which phishers tried to swindle the credentials of Telegram users — the attackers offered to get “robux” (the currency in the Roblox game). Under this pretext, they lured people to a phishing resource. On a fake page, a person was asked to enter a phone number and a confirmation code, as a result, these data were sent to the attackers. They ordered to show the passport: Russia may introduce identification for gamers As with other phishing scams, common sense will help protect against such attacks. “Check site addresses carefully, don’t follow suspicious links from emails, and finally, take your time,” cyber expert Diana Selekhina advises. – Your attentiveness will save you a lot of nerves and money. Photo: Getty Images/Westend61In order not to fall for the tricks of intruders, it is important to be critical of links to unfamiliar resources, even if they were sent by acquaintances. Mistakes of youth: why underage hackers are dangerous Young cybercriminals often do not understand the seriousness of their actions “Set up two-factor authentication in those services that allow it,” advises cyber expert Dmitry Galov. – Install a security solution that will prevent you from clicking on a phishing link or installing malware. Share: