Sift Logo Several blue dots forming a sphere to the left of the word Sift in italic font.
  • Products

    Digital Trust & Safety Suite

    Fight fraud without sacrificing growth

    Learn more →

    Passwordless
    Authentication

    Account
    Defense

    Content
    Integrity

    Payment
    Protection

    Dispute
    Management

    Sift
    Connect

    PSD2
    Solution

    New Releases & Enhancements

  • Partners

    Sift Partner
    Program

    Join the leader in Digital Trust & Safety

    Learn more →

    Commerce platform partners


  • Industries

    One solution, many applications

    Learn how Sift can work for your industry

    Learn more →

    Featured industries


    Fintech

    Retail

    Food & Beverage

  • Customers

    See case studies by industry

    Sift works across every use case and region

    Learn more →

    Featured customers


  • Resources

    Explore our resources

    Access trends, guides, and insights from Sift

    Learn more →

    Blog

    Ebooks

    One Pagers

    Demos

    Videos

    Webinars

    Infographics

    Podcasts

    Trust & Safety University

  • Fraud Center
  • Company

    Why leaders choose Sift

    Technology, community, and partnership

    Learn more →

    Our mission: Help everyone trust the internet


    About

    Careers

    News & Press

Request a demo
Products
  • Digital Trust & Safety Suite
  • Passwordless Authentication
  • Account Defense
  • Content Integrity
  • Payment Protection
  • Dispute Management
  • Sift Connect
  • PSD2 Solution
  • New Releases & Enchancements
Why Sift
  • Salesforce
  • Magento
  • Shopify
Industries
  • Fintech
  • Retail
  • Food & Beverage
Customers
Resources
  • Blog
  • Ebooks
  • One Pagers
  • Demos
  • Videos
  • Webinars
  • Infographics
  • Podcasts
  • Trust and Safety University
Fraud Center
About
  • Search Careers
  • Our Company
  • Contact Us
  • Engineering Blog
Request a DemoSign In
  • Blog Home
  • Fraud
< prev / next >
Share this article on LinkedIn
Tweet this article
Share this article on Facebook
SOCIALICON
Share this article via email

It’s All Fun and Games Until Someone Gets Hacked: Fraud in the Gaming Industry

By Angela Marrujo  / 

4 Apr 2018

The gaming industry is no stranger to fraud. Major data breaches, such as the Sony and NIS America breaches, received mainstream media coverage when they occurred. But most stories about fraud in gaming do not get that level of attention, despite the fact that there are 2.2 billion gamers in the world and 1 billion (47%) of them spend money while playing.

The reality is that fraudulent activities run rampant within gaming, threatening the safety and financial well-being of players. Smaller, more insidious forms of fraud rear their ugly heads at gamers every day, generally in the form of content abuse and account takeover (ATO).

What are some common schemes gamers run into online?

Content abuse and ATO: par for the course in online gaming

Fraudsters take over in-game accounts to send unsuspecting players links to malicious content. League of Legends recently became a hotbed for scams after accounts were being hacked and used to message random players with offers of free character skins and Riot Points. The hacked account sent a link that, when clicked, would ask the player to input their username and password to access the content —  a scheme that phished the player’s information and could potentially hack their account, as well. The problem became so prevalent that Riot Games had to warn League of Legends players that they will never ask for login credentials to give players free content, nor would the content be distributed from a random link sent by a random account.

Final Fantasy XIV players have also been targeted for ATO and content abuse. Fake accounts are created to conduct “Gil mining,” which involves racking up extremely large amounts of in-game currency called Gil and then spamming players’ chat logs with offers of RMT, or Real Money Trade. RMT is the exchange of virtual goods for real money. You can watch the spam in action below:

If a fraudster wants easy money, they might instead take over the account of a player they believe has a lot of Gil and sell off the player’s Gil via RMT. Aside from the fact that no one wants to get spammed with RMT ads while trying to play a game, RMTs pose the risk of connecting players with fraudsters looking to make quick cash and not deliver the promised Gil. Square Enix has banned RMT but is still struggling; areas in the game meant primarily for lower-level players are infested with RMT players, which might discourage newer players from continuing further into the game. This means fewer people paying Square Enix the monthly fee to play.

Fortnite, one of the most popular games in the world, is less than a year old, yet “compromised accounts have become something of a trend” for its players. Poor password hygiene has resulted in hacked accounts and fraudulent charges, sometimes to the tune of hundreds of dollars. That’s a lot of chargebacks for Epic Games – and chargebacks add up. Fortnite, like Final Fantasy XIV, offers two-factor authentication to protect its users, but Epic Games can’t do anything about players that don’t implement it or are reusing passwords between platforms.  They make easy targets for hackers that are looking for easy money.

Gamers can’t even let their guard down when checking their message inboxes outside of the games they play. Recently I’ve noticed messages from random accounts in my PlayStation Network (PSN) inbox, always from accounts featuring female names, no avatar or profile picture, and consisting only of “hi” or “hey.” Fellow PlayStation users in my life have also been receiving the same messages. I would hazard a guess that these are bots, and if we were to reply we’d be sent a link to some sort of malicious content.

Sorry to disappoint the curious, but I won’t be replying to those messages to test my hypothesis.

The gamer isn’t the only one hurt by fraud – the game developer is, too

No one wants to play games that are riddled with spam. If players can’t trust that they won’t constantly run into hacked accounts shilling malicious content – or worse, have their own account hacked – the number of players will drop and the developer will feel the hit, particularly if the game requires a fee to play.

Reputation is extremely important to a developer’s ability to survive in the gaming industry, and no developer wants to be known for creating games that get overrun by scammers and hackers. Games that suffer from toxic environments wind up losing players that aren’t willing to put up with endless ATO attempts by hackers and a barrage of spammy comments linking to dangerous content.

Even if a developer takes action, it’s often considered too late by the player base, particularly if the problem has become so far-reaching that it takes the developer days or weeks to rectify each player’s issues. The best course of action for preventing content abuse and ATO is to be proactive, rather than reactive, and stop abusive content in online gaming communities before it even happens.

Download our free Content Abuse Prevention Kit and learn how to protect your games’ communities from becoming breeding grounds of toxicity at the hands of bad actors sowing abusive, malicious content.

Related

account takeoverATOcontent abuseFinal FantasyFinal Fantasy XIVFortnitefraudgamergamersgaminghackerLeague of LegendsNIS Americaonline gamesonline gamingphishingPlayStationPlayStation NetworkPSNRiot GamesscamsSquare Enixvideo games

Angela Marrujo

Angela Marrujo, Content Marketing Manager at Sift, is a lifelong gamer with a deep love for Nintendo, in particular. Illustration and music are her other passions. Angela is a San Francisco State University alumna and, prior to Sift, worked in PR and Marketing in the video game industry.

  • < prev
  • Blog Home
  • next >
Company
  • About Us
  • Careers
  • Contact Us
  • News & Press
  • Partner with us
  • Blog
Support
  • Help Center
  • Contact Support
  • System Status
  • Trust & Safety University
  • Fraud Management
Developers
  • Overview
  • APIs
  • Client Libraries
  • Integration Guides
  • Tutorials
  • Engineering Blog
Social

Don't miss a thing

Our newsletter delivers industry trends, insights, and more.

You're on the list.

You can unsubscribe at any time. Please see our Website Privacy Notice.

If you are using a screen reader and are having problems using this website, please email support@sift.com for assistance.

© 2022 Sift All Rights Reserved Privacy & Terms

Your information will be used to contact you about our service and subscribe you to our direct marketing communications. You can, of course, unsubscribe at any time. Please see our Website Privacy Notice.