30% more young gamers targeted by cybercriminals in the first half of 2024

According to experts at Kaspersky, the number of users targeted by cybercriminals using popular children's games as bait increased by 30% in the first six months of 2024 compared to the second half of 2023. Researchers analysed the risks of games to young gamers and found that more than 132,000 users were targeted by cybercriminals. More details can be found in Kaspersky's latest report on cybercrimes targeting young gamers.

The children's games in focus

Kaspersky looked at the threats that appear as popular children's video games and analysed the period from 1 July 2023 to 30 June 2024. During the reported period, Kaspersky's security solutions identified more than 6.6 million attack attempts where cybercriminals used children's game brands as bait.

Of the 18 games selected for this research, the majority of attacks involved Minecraft, Roblox and Among Us. According to Kaspersky's statistics, more than 3 million attempted attacks under the pretext of Minecraft were carried out throughout the reported period. Most likely, cybercriminals chose this method of attack based on the popularity of the games among players, as well as the ability of players to use cheats and mods. Since most mods and cheats are available on third-party websites, the attackers camouflage the malware to appear as these applications.

Kaspersky experts believe that the higher rates recorded in 2024 can be explained by trends in recent developments in the overall cyber threat landscape. On the one hand, following popular trends, cybercriminals are launching more devious attacks, taking advantage of the current agenda and crafting less obvious tricks instead of just using attacks.

On the other hand, cybercriminals are increasingly using artificial intelligence to automate and personalize phishing attacks that are more likely to deceive young gamers. At the same time, new advanced phishing kits - pre-built phishing page templates - created with automated tools are steadily appearing on the dark web, allowing more and more attackers to develop highly effective phishing pages that mimic popular gaming platforms.

Scams in children's favourite games

One of the most common scams in gaming is offering new skins for your character - essential clothing or equipment - that enhance the hero's skills. Some skins are common, while others are extremely rare and therefore more desirable.

Kaspersky experts found an example of a scam that uses both the name of the popular game Valorant and that of world-famous YouTuber Mr. Beast. By choosing this blogger and using his photo, the scammers aim to grab the attention of children and trap them in their scam. In order to receive the Mr. Beast skin, young users are asked to enter their credentials for their in-game account, meaning their details can potentially be stolen by the scammers.

Another popular trap is the ability to receive in-game currency. In one of the scams discovered exploiting the Pokémon GO brand, users are asked to enter the username of their in-game account. They are then asked to participate in a survey to prove that they are not a bot.
Once the survey is completed, they are referred to a fake website, which usually promises free prizes or giveaways. This is where the real scam begins. The scammers aren't actually going after personal data, such as credit card information, but use the guise of games to lure users into another scam - one that involves fake downloads, prize claims or other misleading offers. The whole process is a clever way to redirect users to a different, more dangerous scam under the guise of a legitimate verification step.

To keep your children safe online, Kaspersky recommends that users follow these guidelines:

• It is important for parents to communicate openly with their children about the potential risks they may face online and to enforce strict rules to ensure their safety.
• Help your child choose a unique password and aim to change it regularly.
• Set clear ground rules about what they can and cannot do online and explain why you have implemented them. You should review them as your child gets older.
• To help parents familiarise their children with cybersecurity in an ever-evolving threat landscape, Kaspersky experts have developed Kaspersky Alphabet Cybersecurity with key concepts from the cybersecurity industry. In this book, children will be introduced to new technologies, learn the basic rules of cyber hygiene, learn how to avoid cyber threats, and recognize the tricks of scammers.
• With specific digital parenting apps, such as Kaspersky Safe Kids, parents can effectively protect their children both online and offline. These apps help adults ensure a safe and positive digital experience for young children by establishing healthy habits, protecting them from inappropriate content, balancing screen time and monitoring children's location.
• To protect your child from downloading malicious files during their play time, we advise you to install a reliable security solution on their device. It works easily with Steam and other gaming services.