Remember when online gaming was all about head shots and healing spells? All you needed to stay safe online was your trusty MP5 sub-machine gun and a guild watching your back. Then came the “social” revolution, changing the way millions of people use the Internet and play games.
Anywhere that people congregate online can quickly turn into a hive of scum and villainy — particularly when in-world commerce is involved. From Second Life to World of Warcraft, the same old scams turn up time and again. In-world phishing attacks are common, for example receiving a message promising free gifts if you register at a bogus web site with your gaming account name and password. Then there are messages from fake administrators, threatening account suspension if you don’t log into a bogus web site with your account details.
Of course you’ve got old chestnuts such as “duping” scams — players who claim they’ve found a bug which lets them duplicate precious items. So you hand them your hard-earned magic sword, never to see it again. While hardcore gamers may be awake to such scams, the rise of social networks as gaming platforms has delivered a whole new wave of newbies who are ripe to be scammed. FarmVille might seem safer than Azeroth, but griefers and scammers have been quick to move in.
Social games tend to be browser-based, free-to-play games tightly integrated into online social networking services. Although their topics vary dramatically, they all have a similar premise — you play with and against your online “friends”. Facebook has become the world’s largest gaming platform — more than half of its 500 million users play social games on a regular basis. FarmVille has over 51 million players and Mafia Wars has 15 million. In just a few months Zynga’s CityVille acquired a whopping 96 million players — a larger population than many countries.
Mafia Wars has more than 15 million players
Of course as soon as something becomes popular on the Internet it starts to attract the wrong crowd. It’s been clear for some time that Facebook is a gold mine of information for cyber criminals. The addition of social gaming makes it an even more attractive target for nefarious guests — making it easy to win people’s confidence and catch them with their guard down. Social networking games require players to have lots of friends and supporters playing the same game in order to attain higher scores, so people tend to accept new “friends” fairly easily. This creates the perfect opportunity for those looking to win your trust.
Hackers often create detailed false profiles to trick people into accepting them into their social network. Oblivious to such threats, many people allow anyone who is part of their network to view all their recent activities, which is a potential online security minefield. What’s so dangerous about playing along when a lonely Ugly Duckling wanders onto your farm, or a friend’s just served spitfire roasted chicken in their cafe? Installing a game grants people certain access to your personal information – something which has obvious consequences.
New social networking games pop up all the time, but don’t assume they’re legit just because your friends already play them. Always check who is behind the game to ensure it’s a legitimate title from a real company you can trust. Double check the options to see exactly what permissions you’re granting. Are you surrendering all your information? Are you allowing the game to make wall posts on your behalf?
Just as in the real world, watch out for deals which seem too good to be true. Be very cautious of enticing offers of free or exclusive in-game items such as coins, gifts and other rare items. Be wary of schemes which promise access to “secret” content, or hacks, bots and cheat programs offering you an unfair advantage. These offers can come from tweets, emails, fan pages, forum messages, chat rooms or in-game messaging. They’re typically attempts to steal your account login name and password or other personal information. Finally, be sure not to log into your banking web site or other sensitive services while using an untrustworthy game, as the game could be logging your details. Also ensure your anti-virus software is kept up to date. This will give you the best possible protection in case you do fall prey to the bad guys.
Lloyd Borrett is the security evangelist for AVG (AU/NZ). He's also a scuba diver, self confessed web nut and an ex IT geek.
Agree? Disagree? Add your comment below.