Players Beware: Cybercriminals Are Coming For You Next
Attention gamers and pioneers of the metaverse: cybercriminals will be looking to steal your money and data in 2023.
Experts say that while the targets of those seeking to steal consumers’ personal and financial information will be no different next year, they will be targeting new people and technology platforms in hopes of getting around their defenses.
As more people and businesses become more familiar with traditional email phishing, text messaging, and social media scams, cybercriminals will move into new frontiers online, such as gaming platforms, virtual reality worlds, and the technology used by children both for school and play. according to researchers at cybersecurity company Kaspersky.
With the security of many of these exciting new platforms still in their early stages and users not always aware of the potential dangers that lie ahead, untold amounts of data and consumer money could be at risk of being compromised. The bottom line: no one is safe from scammers.
The pool of potential victims is only growing. Kaspersky researchers noted an increase in the general population of online gamers as Sony PlayStation Plus Gaming subscription service begins to compete with Microsoft GamePass Service. That’s also driving criminal interest in account theft and related scams, Kaspersay said, adding that it’s not unlike the fraud surrounding streaming subscriptions.
Here’s a look at what some cybersecurity experts are predicting for 2023.
PlayStation VR a catalyst
After a year of supplies rebounding, Kaspersky researchers expect online criminals to try to exploit another potential shortage of ps5s next year derived from the next release of Sony Playstation VR 2 headset, which requires the console. It is also possible that Sony will release a “Pro” version of the console next year, potentially leading to scams involving bogus pre-sale offers, discounts, and giveaways.
The researchers also hope that cybercriminals will search for game accounts that contain in-game virtual currencies, hoping to sell them for real money. Cryptocurrency stored in game accounts could also be at risk.
Gaming platforms have been hacked for profit before. In March, cybercriminals seized over $600 million worth of cryptocurrency of a network used to process in-game transactions for infinity axisone of the most popular in the world nft video games.
In addition to keep your crypto off gaming platformsAndrey Sidenko, Kaspersky’s principal web content analyst, said gamers should also keep their credit and debit cards separate. He recommends using temporary or virtual cards that can be topped up when needed.
Metaverse scams will be a thing
when it comes to the metaversethe risks are less clear as there are only a few platforms in operation and they are mainly used for entertainment purposes, although industrial and commercial applications could soon emerge.
Daniel Clemens, CEO of cybersecurity company ShadowDragon, said he expects the metaverse to go through the same kinds of security issues as any new platform.
“The metaverse is no different when it comes to criminal behavior, which other users should be aware of,” Clemens said. “Where there is human interaction, there will be a free market mixed with the good and the bad.”
Patrick Garrity, vice president of Nucleus Security, said the prevalence of digital assets such as NFTs in the metaverse will make the platform prone to scams, pointing to its portability and lack of regulations and consumer protections built into the platform. platform. He stressed that users need to be extremely careful when it comes to their cryptocurrency.
“The best strategy is not to participate in the cryptocurrency portions of the metaverse, as there is a high probability that new users will be scammed,” Garrity said, adding that it is also easy to identify people’s wealth based on what their faces look like. accounts and wallet. .
Also, since the platforms are global, it is doubtful that they will follow regional privacy regulations, such as the General Data Protection Regulation in Europe or data breach notification laws, Kaspersky said. There have also been instances in the metaverse of virtual harassment and sexual assault. Without any kind of regulation to stop it, the researchers say they hope that kind of scary behavior will continue.
The threats to both players and users of the metaverse are especially frightening given that many of the people who fall victim could be children.
Cybersecurity experts say that children’s data will also come under increasing threat next year from ransomware attacks against schools and school districts. Meanwhile, the increasing amount of data collected from everyone and shared will put pressure on businesses and consumers to protect it and keep it private.
While it may not seem like there’s much parents can do, experts say making sure kids establish strong and unique passwords for your accounts and enable Two Factor Authentication whenever possible, it will keep a lot of the bad guys out of those accounts.
Kaspersky’s Sidenko adds that good anti virus With antispam and antiphishing tools you will go a long way in protecting everyone at home in case someone accidentally clicks on a phishing link.
School IT professionals will struggle
Ransomware attacks against schools and school districts took off in 2022, with school districts The Angels a small town michigan falling victim.
Even the smallest school can have hundreds of devices behind its firewall and connected to its network, giving cybercriminals countless potential entry points, said Andrew Wildrix, chief information officer at cybersecurity firm Intrusion.
At the same time, kids often use their devices for things like games they share with each other, unaware that those games and apps could be extracting school-related data, he added.
What’s worse is that, given tight budgets, schools are also unlikely to allocate money for cybersecurity until after an attack has occurred, Wildrix said. After that, you have to search for months to find the right cybersecurity protections, come up with the money to pay for them, and put them into practice.
By then, new threats have emerged and schools are back to square one, he said.
“This existing approach is reactionary,” Wildrix said. “In 2023, we need to start taking a holistic approach to cyber defense where we think ahead and take time to look at emerging technologies.”
It’s time to ask: ‘Dude, where’s my data?’
It’s hard to make sure your data is secure and private if you don’t know where it’s stored or who it’s shared with.
Jeremy Snyder, founder and CEO of cybersecurity firm FireTail, points out that even the simplest online act, like ordering takeout through a food delivery service, can involve three or more companies and no one knows. how secure is each company’s system.
In Snyder’s opinion, the biggest security and privacy risk going into 2023 is the lack of visibility. Companies collect and share so much data that they often don’t know where it is or who has access to it.
“Will 2023 be the year that companies finally start to recognize the magnitude of this problem?” asked Snyder. “I certainly hope so.”
Wildrix said it will also depend on consumers take stock of where your data is goingespecially when it comes to your collection of Internet of Things devices.
“How many things in your house are they talking about that you are not aware of?” she asked herself, noting that in one case she saw Wi-Fi traffic collected by a robotic vacuum cleaner sent to a power plant in Mongolia. “These are things that no one considers.”
Keeping track of personal data shared on social media should also be a top priority for consumers, said Jeff Hodgin, CyberGRX’s vice president of products. He points out that when people post on social media, they are promoting themselves as a brand, just like a business would. The bigger the brand, the greater the target of cybercriminals.
“People who want to promote themselves need to consider their individual risk,” Hodgin said. “What is my exposure? What would be the impact of a breach? What is the probability of that happening?”