Kaspersky experts have found that in 2022, cybercriminals launched more than 7 million attacks on children and young people, exploiting some popular game titles.
Kaspersky’s latest report, titled “The dark side of the virtual gaming world of children,” reveals the risks for young gamers in online gaming and that attacks targeting this age group have increased by 57% compared to 2021. The phishing pages used by cybercriminals to target young players mostly imitate popular titles like Roblox, Minecraft, Fortnite, and Apex Legends. To reach parents’ devices, cybercriminals purposely create fake gaming sites that piquet children’s interest in following phishing pages and downloading malicious files.
The most exploited games for children
In this report, Kaspersky experts analyzed the threats related to the most popular online games for children aged 3 to 16. Kaspersky security solutions detected more than 7 million attacks from January 2022 to December 2022. In 2021, cybercriminals carried out 4.5 million attacks, an increase of 57% in 2022. In 2022, 232,735 gamers came across nearly 40,000 files, including malware and potentially unwanted applications, hidden behind the most popular children’s games. Since users of this age often do not have their own computer and play games from their parents’ devices, the threats spread by cybercriminals most likely aim to obtain credit card data and parental credentials. In the same period, nearly 40,000 users tried to download a malicious file, simulating Roblox, a popular children’s gaming platform. This resulted in a 14% increase in the number of casualties, compared to 33,000 gamers attacked in 2021. Since half of Roblox’s 60 million users are under the age of 13, most of the victims of attacks by these cybercriminals are potentially children who have no cybersecurity knowledge.
Scams in the virtual world of children
According to Kaspersky’s statistics, the phishing pages used by cybercriminals to target young gamers mainly imitate Roblox, Minecraft, Fortnite, and Apex Legends. In total, more than 2022,878 phishing pages were created for these games in 000. One of the most common social engineering techniques, aimed at young gamers, involves the ability to download popular cheats and mods for games. On a phishing site the user can receive an entire manual on how to properly install the cheat. The particularly interesting aspect is that there are specific instructions that emphasize the need to disable the antivirus before installing a file. This may not arouse suspicion in young gamers, but it may have been created specifically to prevent malware from being detected on the infected device. The longer the user’s antivirus is disabled, the more information that could be collected from the victim’s computer.
The report also includes the following key findings:
- Minecraft and Roblox are the most exploited titles by cybercriminals in both 2022 and 2021.
- The ranking of children’s games by number of attacked users also includes those for the little ones: Poppy Playtime and Toca Life World, designed mainly for players of 3-8 years.
- Kaspersky experts observed a 41% increase in the number of affected users who downloaded malicious files disguised as Brawl Stars, reaching around 10,000 affected gamers in 2022.
“In 2022, cybercriminals exploited games developed for 3-8 year olds. This highlights that cybercriminals do not filter their targets based on age and attack even younger players, with the possible goal of reaching parental devices. When focusing on young gamers, cybercriminals don’t bother to make deception schemes less obvious. They hope that children and teens have little or no experience or knowledge of cybercriminals’ traps and that they will easily fall for even the simplest scams. For this reason, parents need to pay special attention to what apps their children download, whether reliable security solutions are installed on their devices, and they need to teach them how to behave online,” Vasily M. Kolesnikov, Security Expert at Kaspersky.
The full report on the threats of children in the world of online gaming is available on Kaspersky Daily.
To protect children from these online threats, Kaspersky recommends that you:
- Show interest in your children’s online activity: ask them if they want to watch their favorite series together or listen to music, alternatively, you can learn some safe online safety practices together.
- A good option could be represented by parental control applications, but it is important to discuss them with your children and explain how they work and how important it is to navigate safely.
- Explain that sensitive information should only be shared through messaging tools and only with people known in real life. Role models and show them examples of good behavior.
- Spend more time talking to your children about online safety measures. It is also important to pay attention to your digital habits. Do you use your smartphone while eating or talking? Do your children imitate your habits or role models? Do they react differently when you put your phone away?
- Make cybersecurity talks more enjoyable and interesting by engaging with your children through games and other forms of entertainment.