When the world isn’t in lockdown due to a pandemic, notable Hollywood movies can earn $400 million during the weeks or months they run in movie theaters. That’s a huge amount of money, but it’s nothing compared to the mountains of cash that video games can earn.
In 2011, “Call of Duty: Modern Warfare 3” earned $400 million within 24 hours of it being released, eventually earning a total of $1.23 billion. To date, all titles in the “Call of Duty” franchise have earned an estimated $9.7 billion. That’s more than all earnings from every Star Wars movie combined.
And even that is chump change: in 2020 alone, thanks partially to the pandemic, video games earned about $180 billion. Clearly, gaming is a massive business. Not surprisingly, with billions of dollars of profit on the line, gaming companies make it incredibly easy to spend your money on their products.
But stop for a moment and ask yourself: How securely are game makers protecting their users’ identities, privacy, and financial information? More importantly, how much time have you taken to ensure that your identity, financial information, and privacy are all properly secured?
Given how high the stakes are, let’s take a few minutes to explore some of the ways that occasional and everyday gamers can help to protect themselves while enjoying a few rounds of first-person shooter adventures…!
Table of contents
- 1 How Bad Is It Really?
- 2 How To Stop It
- 2.1 Use a VPN While Gaming
- 2.2 Restrict (Or Change) The Personal Information You Share
- 2.3 Use an Email Relay to Set Up Different Emails for Each Game
- 2.4 Use Difficult To Remember Passwords
- 2.5 Use A Password Manager
- 2.6 Set Up and Use 2FA on ALL of Your Gaming Accounts
- 2.7 Resist Providing Your Financial Information
- 2.8 Avoid ALL Pirated or Unlicensed Software
- 2.9 When In Doubt: Use Common Sense
How Bad Is It Really?
Where there’s money, there’s crime. Gaming platforms are very popular, very successful, and that makes them a very sweet target for malicious hackers. Have a look at the following partial list hacks, breaches, and thefts:
- 2011, Playstation Network: 77 million accounts hacked revealing personal information about the users
- 2011, Valve/Steam: credit card and personal information is stolen from untold numbers of users
- 2015, Minecraft: Phishing Hacks lead to 1800 stolen accounts
- 2016, Minecraft: Hackers steal info on 7 million accounts
- 2019, Zynga: info from 218 million accounts stolen by one hacker
- 2020, Capcom: thanks to ransomware, the company’s own financial and HR information was hacked along with up to 350,000 breached accounts
- 2020, billions of accounts from Fortnite, Roblox, Minecraft and other gaming platforms are hacked and sold on the black market
- 2020, AnimalJam: the popular kids game admits that personal info from 46 million accounts have been stolen in a cyber breach.
As large scale hacks like these aren’t likely to stop anytime soon, learning how to protect yourself and your very valuable personal information becomes essential.
And make no mistake: personal information like your birth date, name, mailing address, and gender, and credit card information is extremely valuable to hackers.
How To Stop It
To stop a malicious hacker, you need to think like a malicious hacker… for a few moments, at least!
Hackers prefer to spend the least amount of time to gain the biggest possible advantage. Therefore, your job is to delay, prevent, stall, or complicate matters for anyone who seeks to steal your personal information. The following approaches all help make gaining access to your accounts more difficult or impossible.
Use a VPN While Gaming
The Internet is built on open technology. That’s what makes it so easy (and fun!) to use. Unfortunately, that’s also what makes it so easy to hack. Using a VPN like Switcherry allows you to reclaim some of your privacy and security in several, important ways:
- While using a VPN, any data you send or receive while you’re online is encrypted and, therefore, far more difficult or even impossible to hack.
- While using a VPN, your IP address – which is like your Internet ID number – is hidden.
These benefits are crucial because they place a difficult-to-pass barrier between you and the data you constantly create. And you’re ALWAYS creating data when you’re online. Consider that many online games encourage the use of headsets so users can talk to one another. If you’re behind a VPN connection then anything you say, type, send, or receive while you’re connected to your game will be encrypted.
That makes you a far less attractive target for malicious hackers.
Here’s a good rule of thumb: never share your personal information unless you have to. While it might make sense to be asked for your date of birth when you visit the doctor, it’s completely insane to provide that information when you sign up for an online gaming account.
If possible, NEVER share any of the following information on any gaming website, application, or platform:
- your actual first or last name;
- your residential home address;
- your date of birth;
- your social security or any government-issued ID number;
- your personal email address;
- any financial/banking information.
A far better plan is to get and use a second set of personal data. Doing so is 100% legal in most countries. For example, you can use a P.O. Box or work address instead of your home address for a mailing address if one is REQUIRED. Additionally, you can use a Google Voice or Pinger Textfree phone number in place of your personal cell phone number.
Most importantly, never provide your banking or credit card information to anyone or any company unless it is 100% required. And, even then, read about WHY it’s required first to determine if that makes sense for you.
Don’t volunteer your personal information if it’s not actually required. For example, even if a company “requires” you to enter your name or birthdate just to open an account, that’s not a legal contract or document. Therefore, you’re not required under law to provide your ACTUAL info. Feel free to get… creative with what you enter and where.
Lastly, a very important warning to gamers who use headphones and mics to communicate with team-members while in-game: never, EVER assume that what you’re saying is private. Don’t share personal information about yourself out loud while you’re playing. This includes your name, address, vacation plans, school name, or any other information that might be useful to a malicious hacker.
Use an Email Relay to Set Up Different Emails for Each Game
Only use your personal email address to contact close family and friends. For everything else, use a free relay service to automate your emails. Services like 33mail provide: unlimited and customizable email addresses which – if used correctly – reflect the service or company to which you’re subscribing. Here’s how it works…
33mail lets you pick a username – say “HugeGamerDude2021” – which then gets embedded into every email address that you create. Want to sign up for accounts to play Fortnight and Call of Duty? Awesome! Now, instead of using your personal email address when creating your accounts, you can instead create and use the following email addresses:
As you can see, your 33mail username is at the root of every email address that you can now create. Even better, all emails sent to those new 33mail addresses are auto-forwarded to your personal email address. Just remember: don’t provide your personal email address to 33mail either. Instead, grab a free secondary email from Gmail, ProtonMail, or other notable providers.
Use Difficult To Remember Passwords
Now that you’ve got your email solution in place, you’ll also need to create equally safe passwords for every one of your gaming accounts. Each gaming account you create needs to have a unique, long, and complex password. That means you’ve got two options here…
The first option is a totally random string of 15-30 characters which includes upper and lowercase letters, numbers, and special characters. That might look something like this: 7rm!iedJ4C6FFfv#LbwCVyE7QL. According to the always awesome https://howsecureismypassword.net, that password would take a bazillion years to crack.
The second option is to use a passphrase consisting of three or more random words along with special characters and numbers. That might look something like this: Cardinal5-Lagging-Detention-Spousal23?. That passphrase, according to the same website, would take a bazillion bazillion years to crack.
Which is a lot.
Now, if you’re wondering how your brain will be able to remember hundreds of these longer, random, and complex passwords, let me reassure you: it won’t. That’s why you also need to…
Use A Password Manager
You’ve probably heard this recommendation before, because it’s a good one. You need to start using a free and open-source password manager like BitWarden to create and then manage all of your passwords for you. BitWarden = not you!!! – is easily able to generate and then remember the long, complex, and unique passwords that you’ll want for each of your accounts.
BitWarden is free, open-source, and available for all major computers and mobile devices.
Set Up and Use 2FA on ALL of Your Gaming Accounts
Two-factor authentication (also called “2FA”) is a very effective technology that can minimize or prevent malicious hackers from logging in to your account — even if they manage to steal your username and password! If that sounds miraculous, it gets better: Google’s own 2FA device stopped all malicious hacks for its 85,000+ employees’ email accounts. Yup, all of them.
How it works is simple: when you log in to an account protected with 2FA, you’re not only asked for a username and password, but you’ll ALSO be asked to provide an always-changing, 6-digit number that lives on your smartphone on an app. Because your smartphone is always on your person, it’s considered a second proof (or “factor”) of who you are. Here’s what a 2FA challenge looks like on a website (left) and on your smartphone app (right):
Since a malicious hacker might be able to obtain or purchase your account’s username and password, your account is STILL protected unless that same hacker can guess the six-digit password showing on your phone. And, since those numbers change every thirty seconds, that makes logging into your account nearly impossible.
Most gaming platforms have simple instructions on how you can set up 2FA on your account. Here is the link that Microsoft provides for its platform. Information (and links!) to the other gaming platforms that permit it can be found here.
Resist Providing Your Financial Information
While it’s important to have 2FA enabled on all of your financial accounts — including banking, crypto, and credit card websites — that’s not actually the most important step to take.
The most important step to take is training yourself to STOP giving away your information whenever some person or company asks. Instead, start asking yourself this question:
“Which personal information – if any – do I really want to give to share right now?”
Are you a casual gamer? Great: have fun and remember: there’s no need to provide your financial info simply because the game says so. Instead, wait. Take your time. See if this is a game that you’re going to like. Then, if it is, read the company’s privacy policies and confirm for yourself (and with your parents if you’re under the age of 18) that it’s a company you can trust with your personal data.
Avoid ALL Pirated or Unlicensed Software
Maybe you’ve found a pirated version of a game and think it will save you money. Maybe you want to power up your character to be able to pass a certain quest or challenge. I get it: these both seem like very attractive options, don’t they?
They aren’t, though.
Malicious hackers embed malware (code that will damage or lock your computer) into pirated versions of popular games. Some also put ransomware or in their unlicensed power-ups which can lock your computer and force you to pay a ransom to the hacker (why it’s called “ransomware”) to unlock your computer and return it to a functional state.
Don’t. Do. It. You’ll pay more in time and money in the end for your cheating. Remember, malicious hackers don’t just do this to gamers like you, they do to the makers of the games as well, like they did in early 2021 to the makers of Cyberpunk 2077.
When In Doubt: Use Common Sense
Lastly, even if you take every precaution to lock down your accounts and guard your privacy using technology, don’t let any social interactions be the way that your accounts get hacked:
- If you don’t recognize the person who sends you an in-game message, then don’t click on any links you find there. Do NOT link your gaming accounts to your social media accounts.
- If you’re contacted — either in-game or via email — by someone who claims to be from the company that makes the game, contact the company and confirm that the account and person is real before clicking on any link.
If the offer sounds too good to be true — Free upgrades! Free power-ups! Free versions of the software! — then it probably is. Ignore it and keep playing the game you love.
Keep it safe!