Game Point for E-Threats.

The financial stake combined with gamers

MMO Games. An Overview

MMO (Massively Multiplayer Online) Games are online games which have the capacity of simultaneously accommodating a large number of players (even tens of thousands). The use of Internet as a medium of communication makes this multi-player interaction possible.   Social Games, which are built around social platforms,can be considered to be a subgroup of the MMO category. In the context of social gaming, social platforms provide users with an identity and they can also deliver the backbone of simple forms of communication (such as notifications, e-mails, etc).

One of the distinguishing traits of this category of online games is that they rely on a persistent world players enter and act in. This is not a static environment as when they re-connect to the virtual universe, players do not necessarily find it the same way they left it (as a result of other gamers’ actions). It’s not uncommon to hear that people sometimes log in and find out, for instance, that their virtual enemies have destroyed their castle and burnt their crops over night. Still on the matter of peculiarities, different from single player games, Social Games are likely to continue indefinitely, as the concept of a “finish” proper is almost non-existent.

Psychology of Social Games

Social Games provide interesting resources for psychological research. The basic question to be answered here is: “What makes them so interesting and sometimes even addictive?”.

One answer is probably linked to the idea of a virtual world. Although game producers go to great lengths to abide by the principle of verisimilitude (e.g. are natural and accurate movements, even with a monster-like character?), games are based on ideal worlds, in which players have the abilities (or the potential to gain the abilities) that can transform them into heroes or better versions of themselves. A game such as Mafia Wars, accessible to Facebook users, allows them to lead a gangster’s life, without the associated “real” perils. FarmVille or Café World, on the other hand, puts players’ green fingers at work or tests their virtual entrepreneurial talents.  Moreover, the avatars players conveniently choose allow them to depict themselves as they wish to. A “girls only” game, such as Sorority Life, will fulfill virtual socialites and fashionistas dreams, 

A second point of interest in these games is the sense of control over one or several characters the players develop. With strategy games, gamers even have full god-like powers, as they can build a whole universe from scratch.

Success in the game world may create a sense of growth, materialized as accumulation of power, ammunition, wealth, community recognition, etc. In addition to that, the concept of socialization changes as a new layer of virtuality is added to the idea of community (i.e. avatars join forces to create teams, guilds or other parties for common purposes).

A fairly new addition to this mix is the idea of a virtual economy that links to the real one. We’ve reached a point where it all goes beyond spending and gaining virtual fortunes and where people invest in and sell virtual properties for not so imaginary money.

Gamers’ Exposure to E-Threats

The Internet users involved in social games are exposed to various types of e-threats, which can be divided in 4 major categories:

1. Identity theft through PHISHING

Knowing that online games are an attraction point for users who are trying to find a way to relax, the gaming log-in pages are, very often, cybercriminals’ preferred target of. The masterminds behind these phishing attacks replicate the login pages of the social network which “hosts” the game, thus tricking gamers into providing them their usernames and passwords. Under the pretext of a failed login error, some phishing sites request other types of information as well. In this way, gamers’ sensitive data may get into the wrong hands and the victims might even not be aware, for quite a while, that their bank accounts or e-mails are in danger.


How do gamers “land” on these fake-pages?  Usually, they receive e-mails fraudulently bearing the genuine game’s logo or social network’s logo, whereby they are announced that they must log in to the game/network (different reasons are provided: changes in the adopted security solution, game account will expire, etc ). These e-mails generally include a link, which redirects gamers to the fake login-page.  To be more credible, these pages are named using a word combination that also includes the game or the network name (ex: www.facebook_secure_account.com)


2. System Infection with different types of MALWARE

When it comes to malware infections, the cybercriminals’ approach is almost the same as the one used in phishing schemes. Users receive apparently legitimate e-mails with a credible subject line and a persuasive body-text, in which they are required to open an attachment. Of course, the attachment is a bit of malware that, once installed on the system, can lead to damage to the installed applications, data and information theft, remote control over the machine being gained by the cybercriminal.

A very recent example is the Facebook-password scheme

(http://www.hotforsecurity.com/blog/facebook-password-t-r-o-j-a-n-780.html, http://www.hotforsecurity.com/blog/malware-loaded-spam-waves-generously-wash-the-shores-of-facebook-and-myspacetm-789.html)

3. Increase in the Number of SPAM Messages

Gamers should be aware that an unhidden e-mail address exposes them to the risk of receiving a huge quantity of spam.


4. Illicit Use of Personal  PICTURES

Web 2.0 applications, in general, and social networking applications, in particular, are no longer just some friendly platforms where you spend the time and relax, but also the ideal place for data and identity theft.

Facebook®, a platform gathering a number of users that almost equals the US population (http://www.facebook.com/press/info.php?statistics), with about half of them logging in daily is one of the most criticized social networks for its loose privacy policy.

But recent attempts no longer focus on stealing valuable information about the user and his or her account. Pictures, e-cards and photo streams seem to be the preferred target of e-larcenists, as proven by the hijacked family Christmas cardemployed for a grocery commercial or the stolen picture of a babyused in a fraudulent scheme for an alleged adoption.


Gamers’ Online Security Guide

Here are a few pieces of advice that will keep gamers safe:

• Install and activate a reliable antimalware solution, which includes an antivirus, a firewall and a spam filter. The BitDefender solutions include a Gamer Mode, which reduces the system load and avoids requesting user interaction during games, so that you can play fast and safely.

• Update your antivirus, firewall and spam filter frequently, with the latest virus definitions and suspicious applications/files signatures

• Scan your system frequently

• Check with your operating system provider regularly – download and install the latest securities updates, malware and malicious removal tools, as well as other patches or fixes

• Do not click any links in spam e-mails – including the “unsubscribe” ones; you may trigger the downloading of other malware and compromise your system’s security

 • Check the privacy options.Social networking platforms offer several options for restricting access to the content you post, including uploaded photos. You can choose whether the data and images in your albums are public or available only to a limited number of people. Also, a good idea would be to refrain from involving third-party services or options, especially those asking you to reveal your social network login credentials.

• Do not open or copy onto your computer any file, even if it comes from a trusted source, before running a complete antimalware scan

• Do not open e-mails or e-mail attachments from senders you do not know

• Do not respond by submitting any personal information (such as user names and passwords, social security number, bank account or credit card numbers) to e-mails apparently coming from the social network and requiring you to update your profile. If you have any doubt about an e-mail you received, ask for an official response from your social network immediately.

• When browsing for online games, do not submit your e-mail address and personal information on suspicious Web pages

• Use at least two e-mail addresses. Create one e-mail account and use it for your correspondence with people you know and a second e-mail account for the gaming Web sites requiring an e-mail address to allow content access. Never use your company e-mail for game-related purposes!

Avoid uploading pictures.  Although a picture is worth a thousand words, if one is not really necessary, you should refrain from posting it. This is probably the simplest way to avoid image theft. If, however, you choose to publish your pictures on the Internet, make sure you watermark them so that they cannot be used for illicit gains.

About the author

Sabina DATCU

Sabina Datcu, PhD has background training in Applied Informatics and Statistics, Biology and Foreign Languages and Literatures. In 2003 she obtained a master degree in Systems Ecology and in 2009 a PhD degree in Applied Informatics and Statistics.
Since 2001, she was involved in University of Bucharest's FP 5 and FP6 European projects, as researcher in Information and Knowledge Management field.

In 2009, she joined the E-Threat Analysis and Communication Team at BitDefender as technology writer and researcher, and started to write a wide range of IT&C security-related content, from malware, spam and phishing alerts to technical whitepapers and press releases.