Kaspersky experts have discovered cybercriminals exploited popular game titles to launch more than 7-million attacks on children in 2022, up 57% over 2021.
Kaspersky’s report, The Dark Side of Kids’ Virtual Gaming Worlds, explores the risks for young players in online gaming and analyses threats related to the most popular online games for 3-16-year-old children. Phishing pages used by cybercriminals to target young players mostly mimicked global titles, including Roblox, Minecraft, Fortnite, and Apex Legends.
To reach parents’ devices, cybercriminals purposely create fake game sites evoking children’s interest to follow phishing pages and download malicious files.
In 2022, over 230,000 gamers globally encountered malware and potentially unwanted applications that were disguised as popular children’s games. Since children of this age often do not have their own computers and play from their parents’ devices, the threats spread by cybercriminals are most likely aimed at obtaining credit card data and credentials of parents.
According to Kaspersky statistics, phishing pages used by cybercriminals to target young players primarily mimicked Roblox, Minecraft, Fortnite, and Apex Legends games. In total, over 878,000 phishing pages were created for these four games in 2022.
One of the most common social engineering techniques targeting young players involves offers to download popular cheats and mods for games. On a phishing site the user may get a whole manual on how to install the cheat properly.
There are specific instructions making a point about the need to disable the antivirus before installing a file. This may not alert young players, but it might be specifically created so malware avoids detection on the infected device. The longer the user’s antivirus is disabled, the more information might be collected from the victim’s computer.
“In 2022, cybercriminals even exploited games designed for 3-8-year-old children,” says Vasily M. Kolesnikov, a security expert at Kaspersky. “This highlights that cybercriminals do not filter their targets by age and attack even the youngest gamers, with the likely target of reaching their parents’ devices. When focusing on young players, cybercriminals don’t even bother to make deception schemes less obvious. They hope children and teenagers have little or no experience or knowledge of cybercriminal traps and will easily fall for even the most primitive scams. Therefore, parents need to be especially careful about what apps their children download, whether their devices have trusted security solutions installed and should teach their children about how to behave online.”
The full report on kids’ threats in online gaming worlds is available on KDaily.
To keep children safe online, Kaspersky recommends users:
- Don’t neglect to show interest in your children’s online activity. Ask them if you can watch their favourite series or listen to music tracks together. As an option, you can learn together some secure practices to stay safe online.
- A good option could be parental control apps. But it’s important to discuss this topic with your child to explain how these apps work and why they’re needed to stay safe online.
- Explain that sensitive information should only be shared via messengers and only with people they know in real life. You can be a role model and show them good examples of good behaviour.
- Spend more time communicating with your children about online safety measures. Try paying attention to your own habits. Do you use your smartphone while eating or talking? Are your children mimicking any of your habits or behaviour patterns? Do they react in a different way when you put your phone away?
- Make talks about cybersecurity more enjoyable and interesting by discussing them with your child through games and other entertaining formats.