Young gamers targeted by cybercriminals

The number of unique users targeted by cybercriminals using popular children’s games as bait increased by 30 percent during the first six months of 2024 compared to the second half of 2023, according to Kaspersky experts.

Researchers analyzed the risks facing young gamers and found that more than 132,000 users were targeted by cybercriminals. More details can be found in the latest the report by Kaspersky on cybercrime targeting young gamers.

The most abused children’s games

Kaspersky company investigated the threats hidden behind popular video games for children and analyzed the period from July 1, 2023 to June 30, 2024. During this period, Kaspersky’s security solutions detected more than 6.6 million attempted attacks, where cybercriminals used children’s game brands as bait.

Of the 18 games selected for this study, the majority of attacks involved Minecraft, Roblox, and Among Us. According to Kaspersky statistics, during the reporting period, more than 3 million attack attempts were launched under the guise of the Minecraft game. Cybercriminals likely chose this method of attack based on the popularity of games among gamers, as well as gamers’ ability to use passwords and mods. Since most mods and cheats are distributed on third-party websites, attackers disguise malware by posing as these apps.

Kaspersky experts believe that higher attack success rates during 2024 can be attributed to observed trends in the field of general cyber security. On the one hand, following popular trends, cybercriminals are launching more cunning attacks, exploiting the current agenda and creating less obvious schemes, rather than using generic attacks.

However, cybercriminals increasingly they use artificial intelligence to automate and personalize phishing attacks that are more likely to trick young gamers. At the same time, new advanced phishing packages, i.e. pre-made phishing page templates that are created using automated tools, consistently appear on the dark web, allowing a growing number of attackers to deploy highly effective phishing sites that mimic popular gaming platforms.

Cheats in favorite children’s games

One of the most common scams in games is an offer for new skins, i.e. clothes or armor for your hero that improve his skills. Some skins are common, while others are extremely rare and therefore more desirable.

Kaspersky experts have found an example of fraud in which the name of the popular game Valorant and the name of the world-famous YouTuber Mr. Beast. By choosing this blogger and using his photo, scammers aim to get the attention of children and lure them into their scam. In order to get the desired Mr. Beast skin, young users are asked to enter their gaming account login and password, allowing fraudsters to potentially steal their credentials.

Picture of Mr. Beast is used to attract children

Another popular trap is receiving in-game currency. In one of the discovered scams abusing the Pokemon GO brand, users are asked to enter a username for their gaming account. They are then asked to take a survey to prove they are not a bot.

When they complete the survey, they are redirected to a fake website, usually one that promises free prizes or giveaways. This is where the real scam begins. Scammers aren’t actually asking for personal information like credit card information; they hide behind gaming to lure users into another scam involving fake downloads, winning prizes or other deceptive offers. The whole process is a cleverly designed way to redirect users to another, more dangerous scam under the guise of a legitimate verification step.

A scam that abuses the Pokémon GO brand

“During our research, we have seen that attacks on children are becoming a common vector of activity for cybercriminals. That is why cyber hygiene education and the use of reliable cyber security solutions are essential in building children’s safety in the online environment. By nurturing their critical thinking, responsible online behavior and strong understanding of risk, we can create a safer and more positive online experience for this generation of digital natives.” comments Vasily M. Kolesnikov, security expert at Kaspersky.

A full report on threats targeting young gamers is available at KDaily.

To keep your children safe online, Kaspersky recommends that users follow these guidelines:

• It is crucial for parents to have open communication with their children about the potential risks they may encounter online and to implement strict guidelines to ensure their safety.
• Help your child choose a unique password and try to change it occasionally.
• Set clear rules about what they can and can’t do online and explain why you set them. You need to adjust them as the child grows.
• To help parents introduce their children to cybersecurity amid a constantly changing threat landscape, Kaspersky experts have developed Kaspersky Cybersecurity Alphabet with key concepts from the cybersecurity industry. In this book, your children will be introduced to new technologies, learn the main rules of cyber hygiene, learn how to avoid online threats and recognize tricks used by fraudsters.
• With dedicated digital parenting apps like Kaspersky Safe Kidsparents can effectively protect their children online and offline. These apps help adults ensure a safe and positive digital experience for little ones by establishing healthy habits, protecting them from inappropriate content, balancing screen time and monitoring children’s physical location.
• To protect your children from downloading malicious files while playing games, we advise you to install them reliable security solution. It works seamlessly with Steam and other game services.

Photo: pixabay