The Anti-virus Times

Tuesday, April 5, 2022

Parents always try to protect their children from all kinds of dangers. However, the Internet is full of threats, and it still remains unexplored for most users, especially children. Despite the fact that Dr.Web Parental Control allows users to monitor sites, it is not always possible to track which games children spend most of their time playing. At the same time, this colourful virtual world harbours as many cybercriminals as the real world does.

"Diamonds" and "sapphires" instead of money

In almost every game, two types of gaming currency exist: the first is earned through game achievements, and the second can be bought for real money. Of course, the second currency has some beautiful, "expensive" name—for example, "diamond", "sapphire" or "platinum". Gameplay is often organised in such a way that people who buy objects for "diamonds" receive either a significant advantage or an aesthetically pleasant item that does not affect the game process. For the real world, the difference is not so important: in fact, both are worth real money.

The more time a person spends playing games, the more acute their desire is to buy a cosmetic object (that changes the visual image) to stand out from the pack of other gamers. It is expensive to buy "diamonds" in the game store, so players start looking for alternative routes. And that's where cybercriminals come in. They offer to buy the coveted currency at a price below the official exchange rate.

It looks like this: the buyer decides how many "diamonds" they need, pays for the purchase, but receives nothing in return. This scheme is accompanied not only by the loss of money, but also by the possible compromise of personal data. Here it is important to mention how the purchase was made. For example, if the fraudster sent a link to a phishing payment page and the user entered their bank card information, the attacker now owns the confidential data, which will lead to the loss of large amounts of money.

Attackers steal your "cookies"

What results is an analogue of the black market but in cyberspace: the same high risks, unregulated prices, and the risk of compromise. It is no secret that users buy most of today’s computer or mobile games for real money. For some gamers, the price seems justified, while others believe that a game is not worth its cost. Thus, gamers run into “black stores”, where, in addition to “diamonds”, criminals sell stolen accounts at enticingly low prices.

Sellers try to assure users that their store operates absolutely legally: they’ll say that some user got tired of playing and decided to sell their account. In reality, if you buy an account at a low price, you will get a compromised profile. Where do cybercriminals get tons of accounts from? The answer is obvious—they steal logins and passwords, or cookies. And, if in the first case, everything is very clear, the second may give rise to some questions. Cookies are a piece of authentication data stored in a browser. Thanks to saved "cookies", the user does not need to re-enter their password and login each time they sign in to a site. However, intruders also use this method because intercepting "cookies" is a way to steal an account that can subsequently be sold at a very low price.

And here logical questions arise: how do attackers get "cookies", and how can users protect themselves from this? We’ll tell you everything, point by point. Users can lose a coveted file when connecting to unverified public Wi-Fi networks or after "catching" malware. And sometimes, social engineering techniques can be enough. For example, cybercriminals can create a website where a user is asked to "sell cookies to Western companies". In reality, the victim simply loses their account and does not receive any benefit from the mythical Western companies that allegedly need their "cookies".

This scheme works in games where authorisation is carried out in the browser, not in the client. One of the most popular examples is Roblox, a game where the "cookie business" has reached incredible proportions. Almost every social network has a community where cybercriminals sell stolen accounts. Unfortunately, not all of them are aware of the consequences, and some users don't think they are doing anything criminal.

Social engineering techniques in practice

In addition, there exist a number of fraudulent schemes that use social engineering techniques. Many games are distributed through the subscription system—a user must pay to play. Sometimes a price turns out to be unaffordable for young gamers, so some developers add the option to pay for subscriptions jointly with other players. This works like this: on a special thematic forum or in a game chat, a gamer leaves the offer to "chip in and buy a subscription together", while also indicating their credit card number. Several people respond, send money to the stranger, but end up on the blacklist.

It is worth remembering that such collective subscriptions should only be used with friends or other trusted people. Don't send money to strangers — you are likely to be deceived. Cybercriminals occupy game chats and mainly message inexperienced gamers from among those who have just created a character and finished training.

Another popular method of deception involves transferring an account. An attacker can try to gain control over your account under various pretexts. This is often advertised as a character boosting service. It is assumed that you will pay the money, hand over your password/login, and after an agreed upon time, you’ll get your account, only now it’s much more levelled up than before. Certainly, honest offers exist, but if such a call is sent by a stranger in a chat, you can be sure that it is an attempt to deceive you.

And the icing on the cake is a rather cunning deception—the scheme involving the sale of an account. For many years, World of Warcraft has held the title of one of the most popular online games. The industry has reached such a scale that an account that has been boosted to the maximum level can cost tens of thousands of dollars. And if a character has rare in-game items, the cost can increase to hundreds of thousands of dollars. Sooner or later, a person gets tired of playing and puts their account up for sale with a text like this: "I am tired of this game. I am ready to sell my account for 200 dollars including the email address". Imagine such a situation: you pay money, get a login/password and email, and even log in to the game. One day goes by, then two days, a week, and a month—and suddenly Warcraft announces: "wrong password". In a rush, you check all the logins and passwords that you have, but none of them is correct. It turns out that the seller contacted the game’s technical support service and reported that the account was stolen. Developers are "plain dealers": they require a passport photo, proof of profile ownership, and instantly return the character to the seller. As a result, the "seller" received money and didn't lose their account.

Today, we have listed only the most popular schemes, while daily cybercriminals come up with new ways to cheat. But protecting yourself from them is extremely simple: do not communicate with strangers in a game and follow the rules declared by the developers.