When Things Look “Phishy” in Gaming

Things can look "phishy" in online gaming if you don't use SMS user authentication from RingCaptcha.

Disclaimer: I’m not a video-game developer; I’m just a gamer speaking my mind.

The world of gaming has changed: what used to be a fun, carefree distraction from work has turned into a dangerous, thieving distraction from work. Phishing (and not the kind with the pole) has entered our world, making it a little more difficult to waste client hours playing League of Legends.

What am I talking about exactly? Well, you may remember what happened to Mat Honan of Wired, who was epically hacked.  Nothing was off limits to scammers that wanted –of all things – his three-letter Twitter handle.

For literally the gain of three letters and an @ sign, this guys took all his pictures off his MacBook (sadly of his one year old growing up), shut down his phone, among other things. So who are these new “bad guys and girls” who take our goods? Whoever they are, they can do a lot of damage, even for a little gain – and they’re way, way too smart.

I mean, admit it, we’ve all spent a little cash trying to pass that ridiculously hard level on Candy Crush or to buy a new weapon on World of Warcraft, and hey, that’s not a crime. What is a crime is scammers getting our account information and taking these goods away from us in the game.

After we (somewhat shamefully) shell out real world cash, these people take away our loot — and they do it pretty easily. But having my stash of goods online taken isn’t my biggest worry (though it’s pretty frustrating), what I’m afraid of is these scammers gaining access to my credit cards, Apple IDs, and real world bank information.

What’s worse is that game creators make it really easy and desirable to spend real money on online games, and the bad guys are just waiting for us to type in those credit card digits. So how can we stop this madness? What are we supposed to do – because obviously we’re going to keep spending money on games.

One trend I’ve spotted is gamers using two-step verification when a game account is accessed or altered from an IP address or location that looks a little “phishy.”

Even enabling two-step verification on Gmail helps keep those pesky scammers out of our lives. Game developers are now realizing this large looming threat (and how it will really negatively impact their sales), so we’re seeing more options to keep us safe and focused on our virtual worlds.

If you are a game developer and/or reseller, I highly recommend you to use RingCaptcha to quickly integrate plugins to allow 2-step-verification for all your apps. Sign up here, setup your app and go!

  • Henry Weber

    Thanks. I will have to try this.