Online gamers and shoppers beware — you’re the biggest target for hackers after financial services

Online gamers and shoppers beware — you’re the biggest target for hackers after financial services
Young generation crowd seen playing video games during the Video Gaming fest in BengaluruBCCL

  • Gaming and shopping accounts are the biggest targets for hackers after financial services.
  • In 2019, gaming faced the largest amount of distributed denial-of-service (DDoS) attack events — even more than the financial sector.
  • The primary reason for these breaches is recycling passwords.
It’s not surprising that financial services like PayPal and other digital wallets are among the top targets for hackers. But hackers can just as easily access your bank account from your shopping and gaming accounts.

Gaming and consumer goods are the top two targets for unique distributed denial-of-service (DDoS) attacks after financial services, according to data shared by Akamai. But overall, most of the attack events were still targetted at the gaming industry.

A DDoS attack is like traffic congestion that causes a jam along the highway — it overwhelms the target with a flood of internet traffic. When suffering a DDoS attack you probably will not be able to connect to your game’s server since the aim is to overwhelm a server’s processing power.

Online gamers and shoppers beware — you’re the biggest target for hackers after financial services
DDoS attacks most often target gaming companies, but attacks against the financial services industry are much more dispersed across multiple targetsAkamai Year in Review report

Here’s why hackers want your gaming accounts

Credit abuse is nothing new for the gaming or retail industry. But, it’s not just money that hackers are after. Most of the market demand for hacked gaming accounts comes from users who have been banned and need a new way to gain access to a particular game.

Online gamers and shoppers beware — you’re the biggest target for hackers after financial services
Although gaming organizations are only the target of a small percentage of the attacks Akamai sees, they have still been targeted by more than 35 million attempts in the first nine months of 2019Akamai Year in Review report

Others are looking to play from accounts which were able to obtain a unique item or rare skin. Something the hacker sells the items within the compromised account separately.

It’s only if these accounts are connected to a valid credit card or digital wallet do they become even more valuable. In such cases, not only does the hacker have access your gaming account but they can use it buy even more items within the application.

Shopping accounts are more likely to already be linked. Either way, once an account is breached — it’s nothing but pure profit for hacker thereon in.

Where are these attacks coming from?

Most of the web attacks on gaming come from the US, Russia and China. The hacker doesn’t try and breach the application that runs the game but the website of the gaming companies.

Online gamers and shoppers beware — you’re the biggest target for hackers after financial services
Most of the attacks on gaming come from US, Russia and ChinaAkamai Web Attacks and Gaming Abuse report

According to a BBC report from last year, some of these attacks are perpetrated by kids as young as 14 years old. Once an account is compromised, it’s only a matter of hours before it’s sold off or traded.

More gaming accounts to be hacked in the foreseeable future

Attacks which are focused on stealing financial information are only going to increase in the foreseeable future. Out of 55 billion credential stuffing attacks over a 17-month period, 12 billion were aimed at gaming accounts.

Credit stuffing attacks are when account credentials are stolen — usually in the form of usernames or emails — along with their corresponding passwords. These credentials are used to gain unauthorised access to user accounts through automated login requests.

“For now, attackers see credential abuse as a low-risk venture with potential for a high payout, and these types of attacks are likely to increase for the foreseeable future,” said Akamai’s report on Web Attacks and Gaming Abuse.

It’s not just that the gaming industry is easy to break into, it’s also growing rapidly. The video games market could hit $300 billion by 2025, according to a report by GlobalData. Companies are adding more features into their games like cosmetic enhancements and special weapons to reel in users.

“Criminals are essentially creating mini-botnets that exist solely to focus on validating massive lists of login credentials,” said the report.

So stop recycling your passwords

It’s the primary reason why credential stuff attacks work in the first place. This includes using your Facebook or Google account to log-in to third-party applications.

“The common factor in each successful attack is a shared password or a password that is easily guessed,” the report added.

A data breach of a gaming website, retail platform or anything account that you don’t think is important — can easily transform into a compromised bank account if you’re using the same password for everything.

See also:
Biggest data leaks of 2019 that hit Indians

TCS was hacked for its clients by China’s cyber spy campaign: Report

The creator of 'Pokemon Go' is suing an 'association of hackers' that it says helps players cheat at its games