Security tips for online gaming

Protect your gaming accounts with multi-factor authentication (MFA) where possible. This will add an extra layer of protection to your account that helps keep cybercriminals out. MFA can also warn you when someone is trying to use your login details.

Prioritise accounts that have payment information saved or that are high value. For example, accounts with large game libraries.

How to turn on MFA depends on the service you are using. If possible, use an authenticator app instead of SMS or email verification methods. Below are links from popular gaming services on how to set up MFA.

• Blizzard / Battle.net
• EA
• Epic
• Microsoft
• Nintendo
• PlayStation
• Roblox
• Steam
• Twitch

If you do not see your account listed above, do an online search for ‘how to turn on MFA’ for that service, or check the settings for your account.

Use a different passphrase for each of your accounts. If you use the same login details for every account, and just one of these accounts is compromised, all your other accounts are at risk.

You should especially use a different passphrase for your email account. If someone gains access to your email account, they could use this to reset passphrases for all your accounts that your email address is linked to.

Consider using a password manager to help you create and store strong, unique passphrases for each account.

Avoid saving payment details (such as card numbers and PayPal information) for your accounts. If someone gains access to your account, they could use this to make purchases with your money. For example, purchasing games or currencies as ‘gifts’ for other accounts.

Sometimes you may be required to provide payment details to create an account or use a service. If this is the case or you want to save payment details for convenience, consider the following protections:

• Where possible, turn on settings that ask for your passphrase when making a purchase.
• Turn on parental controls to limit purchases, including in-game microtransactions.
• Use a pre-paid Visa or Mastercard instead.

This will minimise the potential costs if your account is compromised.

You could also consider using pre-paid gift cards for purchases, instead of your card details. For example, Steam or Nintendo eShop cards available at major retailers.

Cybercriminals target gamers using scams. These tricks aim to take money, account information and even things from in-game, like items or currency.

In-game currencies, items, cosmetics and services

Be wary of unofficial or third-party advertisements for free or paid add-ons, such as:

• game currencies
• cosmetics and skins
• power upgrades
• services such as cheats and boosts.

You should only purchase these add-ons from official sources. For example, from within the game or from the game’s official website. Avoid third-party websites and services, as these could be a scam or an attempt to get your login details.

Be wary of other players who may attempt to steal your in-game items or currency, especially on games or platforms that allow trading.

Buying games and devices online

Buying games and devices through unofficial online stores or marketplaces can carry a risk. Follow our advice for shopping online to ensure you do not get scammed.

Unsolicited communication

You may receive unsolicited communications through in-game chat, emails and messaging apps such as Discord. It might just be spam, or someone might be trying to get you to compromise your device or information.

If you receive a strange message or request, for example to download a file or open a link, ignore it and report it to the service you are using. Never click on links asking you to confirm your login details.

Avoid sharing too many personal details online. If your personal information is available to others it can potentially be used against you. This could result in targeted scams, account takeovers or even identity theft.

Follow these tips when online gaming or streaming:

• Do not use personal information in display names or profiles.
• Check your privacy settings for your accounts to make sure you know who can see your information and to what extent.
• Do not give out personal information to other players.

Software updates are important for your security. They can also improve your gaming experience by introducing new features, improving performance and fixing bugs. Most games and devices will require you to have the latest updates in order to play online.

Install updates when they are available for your games and devices. Where possible, enable automatic updates. If you are PC gamer, you should also update your operating system (e.g. Windows, macOS or Linux) for the best security.

Ensure you also install or enable antivirus software on your device.

Only use games, applications and mods that you know are legitimate. Fraudulent or pirated software could contain malware, or may not receive updates. When downloading and installing new software, follow these tips:

• Only use software from official sources such as reputable retailers and app stores.
• Before downloading new software, even from app stores, verify it is legitimate (e.g. look at reviews or do a search online).
• Do not use pirated software, or modify your device to bypass copyright or security protections.
• Avoid software that asks for excessive or suspicious permissions, or software that recommends turning off your antivirus.
• Avoid third-party services, such as unofficial trading or account marketplaces.

Regular backups can help you recover your data if it is lost or corrupted.

Back up your important files (such as save files) to a USB stick, memory card, external hard drive or online storage service. You may require a paid subscription to back up to the cloud on some devices.

Make sure to reset your gaming device, including any memory or SD cards, before selling, trading or giving them away. If you do not, other people could access your account, games or information stored on these devices. Follow our guidance on how to dispose of your device securely.