Published on May 4th, 2013 | by Zach (beezn) Beason0
Account Security And Online Gaming, Are You Doing It Right?
Security is key to having any type of online gaming account. Between Xbox Live, PlayStation Network, Steam, Facebook, and the Nintendo Network everything that you do is tied to you and, a lot of the time, to your wallet. All too often people don’t take their account security seriously. It leads to frustration, confusion, rage, and the sudden realization that you may have just been robbed from the comfort of your couch.
After the epic debacle of the PSN attack that happened in April of 2011, companies across the internet took a serious reexamination of the security measures that they had in place. Many websites required you to change your password on their site if you happened to use the same password on multiple networks. The way that PSN was attacked was by a direct assault to their network. That attack was the largest data breach in history compromising over 77 million PSN accounts. However, as bad as that was, when it comes to your login information, the biggest security hole is the end-user.
When someone “hacks” into a Xbox Live account, that isn’t hacking. That’s called social engineering. There are a few different ways to do it, but more likely than not, someone was able to learn enough about a user to convince a tech support agent to reset the users password. Doing this isn’t terribly complicated and can be done pretty easily in about 20 minutes. All it takes is patience and a little effort.
Another surprisingly effective way is by simply asking a user to give them their email address and password. A very frequently used manner of this happens when a user tries to pay another gamer to play and level up their character for them. This happens a lot with the Call of Duty: Black Ops series. I’ve personally seen the aftermath of several of these arrangements gone bad back when I was a tech support agent. Much too often I would have to break the bad news to account holders that they had their account stolen, debit cards charged, and their gaming history, including game saves, ripped out of their hands because they were trying to cheat the system. The worst ones were the parents that didn’t know that their kids had access to their bank cards or that their child was lying or straight up stealing from them.
You see, parents would buy a gaming system for their kids. During setup either the kids or the parents would have to set up an account on the console, a lot of the time only one account would be made. It would be set up as adults account but the kid would be the one that uses it. it was a lot less of a hassle because you only had to make one and nobody would think about it until something happened. Usually, it was because the child made purchases with the bank card on the account, and the parent would call tech support complaining that their kid made purchases on the adults account that had no password. Basically it was almost always the users fault for not implementing basic security measures.
This last week my 14-year-old cousin had something like this happen. A deal was struck between he and someone who was going to earn him prestige on Call of Duty: Black Ops 2. The deal fell through, luckily the account information had not been exchanged. Shortly after that the person on the other end told my cousin his IP address (not hard but looks like magic to non techies) as well as the email address (his dad’s) on the Xbox Live account. Shortly after that the email address was hijacked and so was his dad’s Facebook account. Once the attacker was into the Facebook account he told my cousins’ dad to ground him for being a liar. Because my cousin’s parents aren’t tech savvy they didn’t know what might happen next, so they cancelled the card that was on the XBL account instead of just removing it from the account. Then they reset all of their passwords for every site and service that they could think of and then got in contact with me. Fortunately the passwords for the accounts that the hijacker used weren’t changed and all the accounts were recovered but this is rarely the case.
How do you keep yourself and your family safe?
Always remember that account security is of paramount importance if you’re going to be online. As much as we all want to have a good time playing with our friends, you have to take steps to make sure that your information and money is safe. Never give anyone your password for any accounts. If you want to use an online service or buy goods through them keep in mind that they all have prepaid cards available both online and at major local retailers, sometimes for less than what they cost through the console. If you are a parent, please set up your own account and lock it down. Make your children their own accounts and make sure to use their info on them so that, until they are adults, you are able to protect them from things like this. Also, remember that you can always take a credit card off of an account after a purchase as well.