Phishing Attackers Take Aim At Online Gamers

Dennis Faas's picture

A new report finds that phishers are increasingly targeting online gamers. The report, which was released this past week by the Anti Phishing Work Group, says that phishing attacks targeting gamers increased from 2.7 per cent in September 2012 to 14.7 per cent in December.

Phishing involves luring targets into giving up important personal information, such as a name, address, password, and credit card number. Usually phishers use fake web forms accessed via bogus emails to get people to give up this critical data.

Virtual Items Exchanged for Real-World Cash

So, why target video gamers?

Because there are people who will pay big money for online gaming credentials, the report says. Items unlocked in a game, such as a rare piece of armor found in Diablo III, can be exchanged for real-world cash by phishers. (Source:

"Virtual currencies are on the rise and gaming credits are worth money," said Anti Phishing Work Group (APWG) founder, Dave Jevans. "Anything that's worth money is going to get attacked." (Source:

Of course, the greater concern is that gamers will have their identities stolen rather than just their in-game loot. Since many games ask players to upload their credit card information, home address, email address, and phone number, potential victims have a lot to lose.

"Any personal identifying information is extremely valuable in the underground markets," Leonard said.

Gamers, Game Services, Face Growing Security Threats

And with games like Diablo III and SimCity forcing gamers to create online accounts as a way to avoid piracy, more and more people are headed online all of the time. The problem: not all of them know how to protect themselves against attack.

"Online games are very popular -- lots of people are attracted to them -- and phishers like to go where the people go," noted Carl Leonard, a senior manager at Websense Security.

The other problem is that some gaming sites and services aren't protecting gamers from attack. "Many websites are using vulnerable web servers that they haven't kept up to date," Leonard said.

"That's what malware authors seek out." (Source:

Rate this article: 
No votes yet