The company of cybersecurity Kaspersky found that in 2022, cybercriminals launched more than seven million attacks exploiting popular game titles targeting audiences between the ages of 3 and 16, representing 57% more attacks compared to 2021. To infect devices, Scammers create fake websites imitating popular games to trick young gamers into downloading malicious files.
The phishing pages -according to Kaspersky– used in these scams mostly imitate the games of Roblox, Minecraft, Fortnite and Apex Legends. In total, more than 878,000 fake websites were created last year, misusing the brand name of these four games. In addition, in the same period, there were nearly 40,000 attempts to install malicious files, including malware and PUAs disguised as popular children’s games. These attempts were blocked on 232,735 unique players, with Brazil and Mexico ranking second and 15th, respectively, out of the Top 15 countries worldwide with the highest number of affected unique users.
An important alert is the fact that children and adolescents often use the family computer or use the parents’ data when registering the games. In this context, scams targeting young gamers not only threaten them, but also jeopardize parental financial information and passwords that may be associated with children’s accounts.
To infect computers, criminals use simple social engineering techniques, such as offering cheats and mods, the well-known game modifications that allow you to customize characters, settings, etc. Although popular, mods are not official developer resources and may contain malware. In fact, on the phishing site, the user can get a complete manual on how to install the mod correctly.
What is particularly interesting is that there are specific instructions that point out the need to disable the antivirus before installing a file (mod). This may not be an alert for young gamers, but it is a pre-thought so that malware is not detected on the infected device. The longer the user’s antivirus is disabled, the more information could be collected from the victim’s computer.
“In 2022, cybercriminals also exploited games designed for children ages 3-8. This demonstrates their immorality and their focus on topics that can be effective in stealing information and infecting devices. By exploring this audience, we found that criminals are not bothered with creating sophisticated schemes to trick them, relying on children having little to no knowledge of online scams, making them easy targets for these types of campaigns. This trend highlights the importance of parents being aware of their children’s online activities. Having a security solution helps to avoid problems, but the presence of parents when installing a game is essential, both to guide them and to avoid simple scams like those discovered in our report”says Fabio Assolini, director of the Research and Analysis Team for Latin America at Kaspersky.
Listen Dale Play on Spotify. Follow the program every Monday on our available audio platforms.