Written by Aranza Trevino
Edited by Anne Cutler
Reviewed by Darren Guccione
To stay safe while playing online video games, you should follow cyber hygiene best practices to protect your anonymity. Best practices include using strong passwords, using a VPN and keeping your software updated.
Read our eleven recommendations for keeping sensitive information secure and protecting yourself while playing online games.
Unfortunately, gamers are common targets for cybercriminals. Anyone you encounter in an online video game could be a potential threat actor who may try to steal your sensitive information. Here are some of the threats to your data security and safety that you may encounter while playing games online.
Doxxing is when someone publishes your Personally Identifiable Information (PII) publicly and usually with malicious intent. People will then use that PII to harass and target you, even resulting in swatting in some instances. Swatting is a criminal form of harassment in which the cybercriminal uses your doxxed information to send the government a false tip, such as a bomb threat, which prompts them to send emergency services – such as a SWAT team – to your house.
According to a study by the Anti-Defamation League (ADL), 29% of people have been doxxed while playing video games online. That’s about 1 in 3 people. But the risk of being doxxed can be reduced if you follow good cybersecurity practices.
The ADL also discovered that 75% of online gamers experienced some form of harassment, which can affect mental health and general well-being. 65% of online gamers experienced “severe” harassment, which is defined as “physical threats, stalking and sustained harassment.” That means many incidents of harassment that originate from online gaming move into real-life environments. This is partially caused by poor data privacy, which can enable criminals to find where you live in order to commit stalking and other types of real-life harassment.
Video game accounts are targets for cybercriminals because they are often linked to credit cards and contain PII. They are also valuable for the achievements and rare in-game items earned while playing, which can be sold to others who want a higher status in a particular game. This means any account is vulnerable to being stolen via a variety of hacking methods, including phishing and brute force.
Any active online accounts associated with PII can make you vulnerable to identity theft. Video game accounts are no exception. Like people who overshare on social media, gamers with careless cyber hygiene may share PII with strangers without realizing how it can be used against them. This makes gamers vulnerable to having their identity stolen.
Phishing, a type of attack in which cybercriminals pretend to be a real person or organization in order to steal your information, doesn’t only happen through email – it can also happen through the chat feature of online video games. Threat actors may misrepresent themselves and send users to spoofed websites or infect their computers with malware to steal confidential information.
Any time you trust your PII with an online entity, including a video game provider, that entity can be the target of a successful data breach. If this happens to your video game provider, any PII you stored in your account can be leaked on the dark web and used to target you with other cyberattacks.
Luckily, the risks of online gaming can be minimized with cybersecurity best practices.
Using a unique, random password with at least 16 characters for each of your gaming accounts can protect you from many of the aforementioned threats, which can be carried out through techniques like brute force attacks, credential stuffing and other password attacks.
Remembering all of your unique passwords is a nearly impossible challenge, so we recommend using a password manager to remember them for you. A password manager uses an encrypted vault to securely create and store passwords, which are protected by a user-chosen master password – the only password you will need to remember.
MFA requires an additional method of authentication – usually a code sent to an authenticator app – which helps prevent an attacker from getting into your account with just your credentials. Most online gaming platforms offer sophisticated MFA options, as cyberattacks in online gaming are common.
A good password manager will be able to manage your MFA codes on your behalf, too.
Gamers sometimes avoid VPNs, which encrypt your internet traffic, because they are afraid it will slow their gameplay. However, a good-quality VPN using modern security protocols should not negatively affect your internet speed. In fact, some VPNs are made with gamers in mind.
A VPN is worth it for online gamers because threat actors who encounter you on a live gaming platform may be able to see your IP address, which can give away your location. Because a VPN hides your traffic, it also hides your location. Knowing your location is the first step in attacks like doxxing and swatting.
PII includes things like birthdays, names (including middle names), age and more. This usually seems like harmless information, but a threat actor can use any tiny piece of information to target you online. Choose a username that is completely anonymous so online gamers can’t connect your account with the digital footprint associated with your real name.
Online gamers sometimes befriend other gamers or get into conversations while collaborating on game objectives. But just because you conquered a digital fort together doesn’t mean that your gaming partner is safe to share information with.
Avoid telling other users your PII, such as where you are located, even if you answer broadly. If you need to, lying when asked questions like this is a legitimate strategy that can help prevent threat actors from putting together a picture of who you are and where you are located.
Software updates often contain security patches that fix known vulnerabilities. Cybercriminals often target users shortly after the security patch is released in hopes of exploiting a vulnerability before users have a chance to update and fix it. This applies to video game software, too. Download all software updates right away.
There are a number of phishing, spoofing and malware attacks that are common in the online gaming world. You can keep up to date on what common scams look like by following news from trusted sources, including the companies behind your favorite games or gaming news websites. Knowing the latest scams can prevent you from falling victim to them.
Credit cards have more protection against fraudulent charges, so it’s recommended to use them instead of debit cards to make purchases online – including in video game stores like Steam or Nintendo eShop.
Game downloads may be offered for free or for a discount on pirate websites or other non-official sources. However, these options are likely to expose you to malware and other types of cyberattacks. Only download games from official websites – it’s worth it to wait for a sale rather than downloading a suspicious game file that can place your computer and all of your data at risk.
If a user you encounter online acts strangely, sends you messages with suspicious links or harasses you, block them immediately. These kinds of behaviors can escalate into targeted attacks that put your cybersecurity, physical safety and emotional wellbeing at risk. You may be tempted to just ignore it, but not blocking the user means they still have access to your account information, and therefore, gives the user an opening for cyberattacks.
The default privacy settings on video game platforms are usually the least restrictive. Whenever you create a new account, check the settings and choose more restrictive options in order to further protect yourself online.
Gamers are particularly common targets for cyberattacks, so it’s important to take extra precautions if you play video games online.
If you take one step today, creating strong, unique passwords for all your gaming accounts might be the most important one. Start a free 30-day trial of Keeper Password Manager to see how we can help keep your accounts safe.
You May Also Like
The safest way to send your Social Security number (SSN) is by using a password manager. A password manager is a tool used to keep passwords and other sensitive data secure at all times. A little-known...
Choose Language