Hackernoon logoHow online players can secure their privacy while gaming & streaming? by@aurangzeb-durrani

How online players can secure their privacy while gaming & streaming?

Aurangzeb Durrani Hacker Noon profile picture

@aurangzeb-durraniAurangzeb Durrani

Technology, Privacy, Games & Marketing. Publications TechCrunch, VentureBeat, The Next Web & more.

Ever wondered what would happen if someone ransacks your Steam account and leaves the inventory empty?

I can tell you that a PANIC ATTACK would set in because my friend went through a similar situation last summer. He lost his Steam account having games worth US$2000 to some hacker. He must have clicked on a suspicious link or downloaded a malicious file, who knows. But his major fault was not being responsible enough to take precautionary measures which are important for online safety.

It’s not just him; there are countless cases of online gaming players and streamers falling victim to some form of cybercrime because they fail to be cautious. Some of the crimes or threats range from hacking to DDoS attacks, fake marketplaces, swatting, identity theft, and cyberbullying.

So, in this article, I will discuss these threats in detail, highlight some past cases, and list down various methods through which you can protect your privacy while gaming and streaming online.

Threats faced by players during online gaming and streaming

There are multiple threats for any online player, whether playing a game or streaming. Some of the noticeable threats are highlighted below:

DDoS attacks: The term stands for distributed denial of service. In a DDoS attack, an abundance of data is flooded to the targeted IP address that its network crashes.

The very first DDoS happened in 2000, and it took security professionals until 2011 to create systems strong enough to withstand DDoS attacks. The gaming industry is a prime target of DDoS attacks. In 2017, 79 percent of all the DDoS attacks were experienced in the gaming industry, followed by internet and telecom services.

Source: Statista.com

There have been various high profile cases of DDoS attacks involving game developers, but what about individuals?

Famous League of Legends streamer, Kaceytron was a victim of a DDoS attack in 2014 where she was unable to login to her LOL account or visit any website. A YouTube clip shows a stream of Kaceytron crying while being subjected to cyberbullying.

Take another case of a Reddit user (named TheRegGuy) who posted a thread explaining how he was a victim of a DDoS attack while streaming and playing Fortnite. The said player got a friend request from an unknown streamer while live-streaming his Fortnite game. As soon as TheRegGuy joined the anonymous streamer’s party, his internet goes offline due to a DDoS attack. So, what happened was that the perpetrator got hold of the IP address and targeted a DDoS attack, causing internet failure.

IP location tracing: Location tracking is another problem faced by players and streamers. Tracing you means finding out your actual physical location. Once that happens, you can expect anything; maybe the person is a stalker or someone who can harass you.

Through IP tracing, cybercriminals can access your personal information and can blackmail you if they wish to make some money or gain any private objective.

Speaking blackmail, an Xbox user’s son received numerous voice mails demanding 1600 Microsoft points and threatening to damage their gaming console and router because he knew their IP address.

If a game involves a peer-to-peer connection, this can also expose your IP address. Things can get heated during competitive gameplay, and we’ve all heard stories about empty threats being thrown around.

These threats become a little more tangible, though, if the person on the other end of the connection can gain some info on your location like this. Last year, a famous Twitch streamer Dr.Disrespect’s house was shot at twice. It once happened during his live stream.

Identity Theft: Identity theft can land you into hot waters; it could be the worst thing to happen because criminals can do anything they want. Using your ID, they could access the dark web and commit illegal activity.

IP tracing can also lead to identity theft. With a rogue IP, perpetrators can carry out illegal activities via your address and pretend to be you. There would be no proof that you are not the real culprit.

A person could go and transfer your online credits to his accounts or perform the malicious activity while pretending to be you. This can range from simply spamming by your name to gain access to your other accounts as well. Cause usually, people link their multiple accounts.

Hacking: Another widespread issue that players often face is of hacking. Earlier this year, hackers accessed thousands of Fortnite players’ accounts and pulled in hundreds of dollars at a time.

And it is not just players who are victims; many streamers are also a target for hackers. Russian hackers gained access to Twitch accounts and retrieved users payment details tied to their accounts.

Hackers use a wide range of tools like viruses, keyloggers, spyware, and other malicious codes to steal your Steam or Twitch Account credentials and you would never know which software did it. Usually, such accounts get compromised when an email password is leaked.

Phishing Scams: This is a pretty interesting trick that criminals play. They create baits that you would most likely click on because of their similarity to your acquainted services and platforms. They might come up with something like ‘f1fa.com’ and if you, as a user, fail to see this little trick that’s been played, then you are in trouble.

Possibly, they have embedded malicious code on your system by the time you realize what has happened.

One more way could be an email that looks pretty genuine, asking for your confidential or billing information while pretending to be a genuine website. For example, in 2017, someone tried to scam people pretending to be Netflix asking about their billing information, luckily a police officer who did not have a Netflix account received the mail as well.

Swatting: Swatting means triggering an aggressive response by law enforcement or emergency services such as SWAT or Fire Department to someone’s house by making a false report of a serious threat. It started as a prank played by online gamers on each other, but it became fatal with time. Many online gamers have been swatting their opponent’s house just to shake them up or terrify them. Since the hype of online streaming, many swatting incidents have been reported among gamers, some of them are even caught live on camera.

When people are online, they believe they are safe behind the screen of a computer. Such is the case with gamers, but if someone gets the hint of your location, things start to take the wrong turn. Anyone can call a whole squad of SWAT to your front door.

The worst case of swatting was witnessed in 2017 when a 28-year-old male, Andrew Finch, died after getting shot by a responding police officer. The irony is that he wasn’t even a gamer. His family had a life-altering moment when a feud between two gamers caused the death of the father of two.

Is there a way for players to safeguard their privacy?

There are numerous guides and tools available online on how to secure your privacy. However, I will specify some of the measures online players can take to secure their privacy while gaming and streaming.

Avoid Using or Sharing Personal Information: Try to avoid using your real name or personal information on your stream and related social media channels. Any information related to your physical location, be it your house address or your real-time check-in could get you in trouble.

In fact, I would recommend using a different email account for each of your gaming, streaming, and social media platforms. You should at least use an email which is different from your main email account, and the email you use for financial services such as PayPal, etc.

Being Cautious When Streaming: It can be fairly easy for someone to identify your location or pick up your personal information if you’re not careful while streaming. Something in your background, such as a letter, your utility bill, or a popular landmark. Especially, something on your screen open in the background of your stream — these things could cause trouble for you.

This means making sure you are ALWAYS aware of what is in your surroundings or on your screen when you are streaming. Do not accidentally show your personal email, PayPal, or bank account. Be aware of the information displayed and opened browser windows in the background. I would recommend you not to have any such thing opened in the background which could be accidentally displayed while streaming, compromising your personal information.

Use Two-Factor Authentication: The first thing any player can do is set up two-factor authentication on all of their accounts. Be it Steam, Twitch, Origin, or any other gaming client. Having two-factor authentication provides an extra layer of security along with strong passwords.

Two-factor also safeguards your sensitive information in case hackers can break through your password. For instance, in Steam, you would need to enter a secret code for logging in after entering your password. The code is either sent via email or text on your phone number.

Avoid Using Public Internet: Sometimes streamers will have to play and record on the go. Perhaps they are at a convention, or taking a trip, and want to maintain their schedule. This means potentially tapping into public Wi-Fi connections or home networks that they haven’t set up themselves.

No matter who you are, you should always be cautious when connecting to an unknown network. Opening yourself up to man-in-the-middle attacks or MAC spoofing is never a good idea, and you should take necessary precautions.

Use Antivirus and Anti-Malware Software: Most malware can be protected if an antivirus or anti-malware is installed on your system. It is also critical that the software is updated. Various providers constantly renew the virus definitions, and it is important that they are updated so that new forms of threats can be mitigated.

Encrypt your traffic using a VPN: Most of your worries could be sorted out by using a virtual private network (VPN). There are tons of consumer-grade VPN services available that players can use to encrypt their web traffic. A VPN offers different encryption ciphers and protocols to tunnel internet traffic. It also hides your actual IP address and assigns you an address of the server you’re connected too.

Therefore, using a VPN can help save you from exposing your IP address. Having a different virtual IP can prevent DDoS attacks, as the attacker wouldn’t be able to direct the bogus traffic to your location. It will also protect you from IP tracking. Many commercial VPN services like CyberGhost offer DDoS protection features.

When asked about the key issues and solutions, Mr. Timo Beyel - CTO of CyberGhost, commented, ”Some games might expose your IP address to other players, for example, as part of a P2P Chat System. The IP address could be used to obtain geolocation information or as a potential target for a Denial of Service (DoS) attack. Using a VPN negates these possibilities since the IP address displayed would no longer be your real one. Even the game itself will always only see the VPN IP address.”

No matter who you are, you should always use a VPN service when connecting to an unknown network. Opening yourself up to man-in-the-middle attacks or MAC spoofing is never a good idea, and you should take necessary precautions.

What more needs to be done to secure online players and streamers?

The online gaming industry is growing at a rapid rate, and with the rise of esports, the privacy and security of players become paramount. With numerous tournaments exposed to DDoS attacks and hacking incidents, organizers, and the industry’s leading development, companies need to take a closer look at the solutions to prevent such attacks from happening in the future.

And with IoT on the rise, expect a lot more cyber attacks in the gaming industry. Hackers can utilize different devices to send a DDoS attack your way. Likewise, streaming platforms like Twitch and game management software like Steam or Origin should help players securing their accounts.

But since all of this is speculative and only time will tell what game developers and companies come up with, players can do their due diligence and take small precautionary measures to protect their privacy. The steps outlined in this article should provide a good starting point for any only player and streamer. With the growing numbers of streamers, it’s very important that they emphasize on protecting their privacy as well.


Join Hacker Noon

Create your free account to unlock your custom reading experience.