Attention, gamers and metaverse pioneers: Cybercriminals will be looking to steal your money and data in 2023.
Experts say that while the goals of those seeking to steal consumers’ personal and financial information will be no different next year, they will target new people and technology platforms in hopes of getting around their defenses.
As more people and businesses get smarter about traditional email spam, text and social media scams, cybercriminals will move to new online frontiers such as gaming platforms, virtual reality worlds and the technology used by children for both school and play, according to researchers at cybersecurity company Kaspersky .
With the security of many of these new and exciting platforms still in their infancy and users not always aware of the potentially lurking dangers, untold amounts of consumer data and money could be at risk of compromise. The bottom line: No one is safe from scammers.
The pool of potential victims is only growing. The Kaspersky researchers showed a growth in the general population of online gamers asvideo game subscription service begins to compete with . That also boosts criminal interest in account theft and related scams, Kaspersay said, adding that it’s not unlike the fraud surrounding it. .
Here’s a look at what some cybersecurity experts predict for 2023.
PlayStation VR catalyst
After a year when supplies returned, Kaspersky researchers expect cybercriminals to try to exploit another potential shortage ofs next year stemming from Sony’s upcoming release a headset that requires the console. It is also possible that Sony will release a next year, which could spur scams involving fake pre-sale offers, discounts and giveaways.
The researchers also expect cybercriminals to seek out game accounts that hold stashes of in-game virtual currencies, hoping to sell them for real cash. Cryptocurrencies stored in gaming accounts could also be at risk.
Gaming platforms have been hacked for profit before. In March, cybercriminalsof a network used to process in-game transactions for Axie Infinity, one of the most popular NFT video games in the world.
In addition to, Andrey Sidenko, chief web content analyst at Kaspersky, said players should also keep their primary credit and debit cards separate. He recommends using temporary or virtual cards that can be topped up when needed.
Metaverse scams will be a thing
When it comes to thethe risks are less clear, because there are only a few platforms in operation and they are mainly used for entertainment purposes, although industrial and commercial applications could appear soon.
Daniel Clemens, CEO of cybersecurity firm ShadowDragon, said he expects the metaverse to go through the same kinds of security growing pains as any new platform.
“The metaverse is no different when it comes to criminal behavior that other users will have to be aware of,” Clemens said. “Where there is human interaction, there will be a free market mixed with the good and the bad.”
Patrick Garrity, vice president at Nucleus Security, said the prevalence of digital assets, such as NFTs, in the metaverse will make the platform prone to fraud, pointing to their transferability and the lack of regulations and consumer protections built into the platform. He emphasized that users should be extremely careful when it comes to their cryptocurrency.
“The best strategy is not to participate in cryptocurrencies of the metaverse, because there is a strong probability that new users will be scammed,” Garrity said, adding that it is also easy to identify people’s wealth based on what their accounts and wallets look like. .
In addition, because the platforms are global, it is doubtful that they will follow regional privacy regulations, such as the General Data Protection Regulation in Europe, or data breach notification laws, Kaspersky said. There have also already been cases in the metaverse of virtual harassment and sexual assault. Without any regulation to stop it, the researchers say they expect such creepy behavior to continue.
The threats to both players and metaverse users are particularly frightening, as many of the people who fall victim could be children.
Cybersecurity experts say children’s data will also be increasingly threatened next year by ransomware attacks on schools and school districts. Meanwhile, the ever-increasing amount of data collected by all people and shared will put pressure on companies and consumers to protect it and keep it private.
While it may seem like there’s not much parents can do, experts say they do to make sure kids stand upfor their accounts and enable whenever might keep many of the bad guys out of those accounts.
Kaspersky’s Sidenko adds thatwith anti-spam and anti-phishing tools will go a long way to protect everyone at home in case someone accidentally clicks on a phishing link.
School IT professionals will struggle
Ransomware attacks against schools and school districts took off in 2022, with districts from Los Angeles to small-town Michigan falling victim.
Even the smallest school can have hundreds of devices behind its firewall and connected to its network, giving cybercriminals countless potential entry points, said Andrew Wildrix, chief information officer for cybersecurity company Intrusion.
At the same time, kids often use their devices for things like games that they share with each other, not knowing that those games and apps could be extracting school data, he added.
What’s worse is that because of tight budgets, it’s also unlikely that schools will allocate money for cybersecurity until after an attack has occurred, Wildrix said. After that, you’re looking at months-long searches to find the right cybersecurity protections, scrape up the money to pay for them, and put them in place.
Until then, new threats have emerged and schools are back to square one, he said.
“This existing approach is reactionary,” Wildrix said. “In 2023, we need to start taking a holistic approach to cyber defense where we think ahead and take the time to look at emerging technologies.”
It’s time to ask, ‘Man, where’s my data?’
It’s hard to make sure your data is safe and private if you don’t know where it’s stored or who it’s shared with.
Jeremy Snyder, founder and CEO of cybersecurity firm FireTail, notes that even the simplest online action, such as ordering takeout through a food delivery service, can involve three or more companies and that it’s anyone’s guess how secure a company’s system is. every company.
In Snyder’s view, the biggest risk to security and privacy by 2023 is a lack of visibility. Companies collect and share so much data that they often don’t know where it is or who has access to it.
“Will 2023 mark the year when companies finally realize the extent of this problem?” Snyder asked. “I sure hope so.”
Wildrix said consumers will also need to take stock of where their data is going, especially when it comes to their collection of Internet of Things devices.
“How many things in your house are talking that you are not aware of?” he asked, noting that on one occasion he saw Wi-Fi traffic collected by a robotic vacuum sent to a power station in Mongolia. “These are things that nobody considers.”
Keeping track of personal data shared on social media should also be a priority for consumers, said Jeff Hodgin, vice president of product for CyberGRX. He notes that when people post on social media, they are promoting themselves as a brand just as a company would. The bigger the brand, the bigger the target for cybercriminals.
“Individuals who want to promote themselves must consider their individual risk,” Hodgin said. “What is my exposure? What would be the impact of a breach? What is the likelihood of that happening?”