Page 105 - Cyber Defense eMagazine December 2022 Edition
P. 105
Security in gaming: How to Recognize and Prevent Social
Engineering Attacks in Gaming
What is social engineering?
By Jenna Greenspoon, Head of Parenting, Kidas
As an avid internet user, it’s likely that at some point, you received an intriguing email with a subject that
says “Congratulations, you have won a…”. This is a scam used by exploiters to make you click on a link
that then introduces malware to your computer. It’s called social engineering.
Social engineering is when an exploiter takes advantage of human behaviors and natural tendencies. By
analyzing how users interact when faced with an everyday scenario, social engineering occurs by
exploiting human psychology to manipulate people into making security mistakes and giving away
confidential information. While this has been happening on the internet for decades, it’s now happening
to gamers, many of which are too young to decipher the dangers.
First let’s take a look at how a social engineering attack happens. It’s more than just the click of a link,
and happens long before the first click.
• First, the potential victims are identified. Next, a lot of background research is done on the
potential victim. They find out how they can best be exploited psychologically and then they select
their attack method.
• The attacker then starts attempting to psychologically take control of the victim by engaging with
them. They spin a story and then begin taking control of the interaction.
• Over time, they start executing the attack using the information they gained from the victim.
Cyber Defense eMagazine – December 2022 Edition 105
Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.