Published by: Variety.com |
Criminals are turning to video game mega-hit “Fortnite” and its 200 million players as an easy way to launder cash from stolen credit cards, according to cyber intelligence firm SixGill.
“‘Fornite’s’ format and popularity have drawn the attention of cybercriminals, and resulted in a thriving criminal eco-system around the game,” according to a report by the company. “As the game’s popularity increases and the financial system around it becomes more diverse, fraud involving games such as ‘Fortnite’ is likely to become more prevalent.”
Reached for comment Tuesday, Epic Games said it continues to combat fraud in its games.
“Epic Games takes these issues seriously, as chargebacks and fraud put our players and our business at risk. As always, we encourage players to protect their accounts by turning on two-factor authentication, not re-using passwords and using strong passwords, and not sharing account information with others.”
In a report entitled “Carding and the Digital Gaming Industry,” SixGill lays out the process that criminals use to turn stolen credit cards into cash with the help of Epic Games’ “Fortnite.”
A criminal creates a new free account for “Fortnite,” and then uses a stolen credit card, or several stolen credit cards, to stack the account with “Fortnite’s” in-game currency and purchasable skins. Once the account is loaded up, they turn to third-party sites like eBay, G2G, G2A to list the accounts at prices that amount to a fraction of their worth based on the items and virtual currency they have. So, for instance, an account loaded up with $100 worth of V-Bucks might sell for $25.
The seller typically requires bank transfers through services like PayPal, and once the money has changed hands, the account is handed over, along with the email account and password, to the buyer.
In the past sixty days alone, just the top 50 “Fortnite” items listed on eBay brought in about $250,000, according to the report. A quick search this week on eBay shows that “Fortnite” accounts are a hot commodity on the website, with accounts selling for anywhere from the hundreds to thousands of dollars in the past month. There are also options to buy a “ticket” to a raffle for an account, where hundreds of people pay a few dollars for a chance to win a loaded account.
“With the recent surge in the popularity of ‘Fortnite,’ an online game boasting more than 125 million players and monthly revenues in the hundreds of millions of dollars, cybercriminals have flocked to this massively successful game and begun exploiting it to commit financial fraud,” according to the SixGill report.
Carding — the act of using a stolen credit card to purchase items in a game and resell them at a discount — isn’t unique to “Fortnite.” But Benjamin Preminger, cyber threat intelligence specialist at SixGill tells Variety that “Fortnite” offers would be criminals an enticing target.
“Fortnite assumes its place in the gaming fraud hall of fame for a number of reasons,” Preminger said. “‘Fortnite’ is breaking records in its popularity. The game’s user base, hundreds of millions strong, seems to be extremely diverse in terms of age, gender, socio-economic status, and country of origin. This mass market appeal gives cybercriminals the opportunity to target a host of different victims, from young children with access to their parents’ credit cards to older adults with little awareness of the potential dangers of cybercrime. As more and more people enter the ‘Fortnite’ Battle Royale arena and purchase in-game items, the more opportunity cybercriminals have to hack user accounts and run away with the virtual booty.