What CISOs Can Do to Build Trust & Fight Fraud in the Metaverse
The online gaming industry has seen rapid growth since the COVID-19 lockdowns began. However, with more and more players and new platforms entering the space, we are seeing an increase in the threats and scams that target a new generation of metaverse players.
Given the adolescent nature of the metaverse, bad actors have been quick to exploit budding companies and communities to dupe consumers. With the metaverse still a niche community — one that has yet to see vast, mainstream interaction — fraudsters have regularly turned to social media to impersonate CEOs and other critical C-suite executives.
The effect? A sharp decline in consumer trust in online gaming platforms and brands. In fact, a Coda Labs’ survey of nearly 7,000 respondents showed that 41% are concerned with scams related to crypto gaming.
Amid the growing distrust compounded by the FTX scandal and subsequent crypto crash, companies have a long road ahead to rebuild the trust of players interested in nonfungible tokens (NFTs) and the buying and selling of digital assets.
Along with the move toward Web3 and decentralized platforms that live on the blockchain, companies must look at new ways to proactively monitor and detect threats while removing bad actors to create a safe environment for gamers and protect the integrity of the ecosystem.
From phishing attacks to trademark infringements, threats can originate from anywhere in the world, and even the most prominent gaming companies are vulnerable.
For example, take the 2021 hack of gaming giant Electronic Arts (EA), which resulted in the theft of more than 780GB of valuable information — data hackers then tried to sell.
But it’s not just data breaches among gaming publishers themselves. Cybercriminals are taking to social media platforms and community-oriented platforms like Discord to target users. Recently, Axie Infinity’s Discord community was compromised, with hackers hijacking a Discord bot that automates roles and messages across an array of crypto projects.
Shortly after, the compromised bot announced a surprise mint — something developers indicated they would never announce. This breach came on the heels of a $650 million heist of the company’s Ronin Bridge — an Ethereum sidechain built for Axie Infinity.
Fortunately, developers quickly caught on, successfully removed the bot, and reassured the community. Without adequate security and moderation, this hack could have resulted in users being redirected to illegitimate websites — translating to lost money for both the brand and the user, as well as a persistent negative impact on the brand’s reputation.
As the online gaming industry continues to battle an unprecedented amount of imposters and online threats, it’s more important than ever for companies to take action. To protect player safety and mitigate vulnerabilities, here are six helpful steps I’d recommend:
From fake promo codes shared across social media to typosquatting websites and hacks involving paid ads to introduce malware, the growing arsenal of tools that cybercriminals can take advantage of grows ever more sophisticated.
The good news is that technology to launch counterattacks and take proactive measures has become more affordable and accessible than ever, but companies and players alike must stay vigilant.
For gaming in the metaverse to reach its full potential, platforms need to earn the players’ trust. Until that degree of confidence is established and maintained, a platform’s credibility can easily be eroded by scammers and unsuspecting gamers who fall victim to their attacks.
Copyright © 2023 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG.
source
