There are many things to think about when it comes to the use of personal devices (e.g. smartphones, tablets, computers and laptops) or gaming devices (e.g. Nintendo, PlayStation and Xbox consoles) for a safe and secure online gaming experience. Following the security tips in this publication can assist you to prevent the compromise of your devices and information, thereby avoiding significant productivity, financial and emotional impacts.
Use legitimate software and keep it up to date
No matter what your preferred device for online gaming is, it is important that it is configured to automatically apply updates for operating systems, applications and games. These updates are regularly released by companies in order to introduce new functionality, balance game mechanics and resolve security problems. Further, new versions of operating systems, applications and games can include new security features to make it harder for a device to be compromised or for other gamers to cheat.
When the operating system on a device is no longer supported, you will no longer be able to receive updates, and consideration should be made as to whether to change to a device that is currently supported.
When purchasing a new device, consideration should be given to selecting a device that is currently supported by a company that has a proven track record of providing timely updates. For example, while all new Apple iPhones will be supported with updates, only some Android-based smartphones will be supported with updates, albeit to varying degrees depending on the particular company.
Finally, you should always use legitimate applications and games from reputable companies that you have purchased from a trusted physical store, online retailer or app store. Do not use illegal applications and games. If you modify your device to bypass copyright or other security protections, or use pirated applications or games, the device may become compromised or won’t be supported with updates. Additionally, care should be taken to avoid applications or games that ask for excessive or suspicious permissions.
Backup your important files
Backup your important files (such as your games’ save files) to a USB stick, memory card, external hard drive or online storage service. If you have a problem with a device and it needs to be reset or replaced, you will still have access to your important files if you have completed recent backups. Likewise, if a device is compromised by malicious software that prevents you accessing your important files until you pay a ransom, having recent backups can assist you in recovering your files.
Be suspicious of unsolicited communications
Unsolicited communications in the form of phone calls, SMS, instant messages, in-game chat and emails are often trying to get you to do something that will benefit someone else. It might just be spam, or someone might be trying to get you to open a file or access a website that will compromise your device, access your personal or financial information, or to produce revenue for someone else via premium phone numbers, advertisements or app downloads.
Do not follow instructions from someone who rings to tell you your device or internet connection has technical problems. If seemingly legitimate, hang up and then call back the organisation using a trusted phone number from the organisation’s website or one of your previous bills.
Finally, if someone has sent you an SMS, instant message, in-game chat or email that you think is strange (such as requests to open a file, access a website, or provide personal or financial information), ignore it.
Use different passphrases for accounts
Use different passphrases for accounts, especially for those that store any personal information. If you use the same username (such as an email address) and passphrase for a number of accounts, and one account is compromised, someone accessing that information is more likely to be able to access other accounts you use.
Some accounts offer the ability to use multiple steps to logon, such as a number sent via SMS to your mobile phone in addition to you using your username and passphrase. The use of such mechanisms, even though they may be slightly inconvenient to use, offer far greater security and protection for your information.
It is also important that the email address you use for accounts has a unique passphrase that has not been used elsewhere. Someone that knows, or can easily guess, the passphrase for your email address could use the passphrase reset functionality for accounts your email address is associated with to gain unauthorised access.
Avoid saving your payment details
Where possible, avoid saving your payment details (such as your credit card or bank account details) within your accounts. Alternatively, should you choose to save your payment details for convenience, consider enabling a prompt for your passphrase before each purchase is made, or implementing parental controls that are provided by companies to limit the purchase of applications, games and in-game micro-transactions. Finally, if you are wary of providing your payment details to companies, consider whether the use of a trusted third-party, the purchase of pre-paid cards or the use of pre-paid store credit are viable alternatives.
Monitor your online presence
It is best not to put too many personal details online. Check your privacy settings for your accounts to make sure you know who can see your information and to what extent. Privacy settings sometimes change after functionality is added to online gaming platforms so it is important to check them regularly.
Also, consider checking the information that others put online about you. While some information might not seem important, many pieces of information can be put together to form a picture about you. Never assume that anything you do or post online or in-game will remain secret.
Do not provide personal information when requested by other gamers. If your personal information is available to others it can potentially be used against you. This could range from something as simple as sending you spam emails to something as serious as accessing your accounts and stealing or deleting all your information, or even identity theft.
For advice on online gaming by children, see the eSafety Commissioner’s website at https://www.esafety.gov.au/parents/big-issues/gaming.
For advice on specific applications and games popular with children, see the eSafety Commissioner’s website at https://www.esafety.gov.au/key-issues/esafety-guide.
For information on cyberbullying and abuse, see the eSafety Commissioner’s website at https://www.esafety.gov.au/key-issues/cyberbullying.
For information on common types of scams, and reporting if you have seen or are a victim of a scam, see the Australian Competition & Consumer Commission’s Scamwatch website at https://www.scamwatch.gov.au/.
For information on reporting the compromise of your devices or information, see the Australia Cyber Security Centre’s website at https://www.cyber.gov.au/acsc/report.
For more information on shopping online for devices and games safely, see:
- the Australian Competition & Consumer Commission’s website at https://www.accc.gov.au/consumers/online-shopping/shopping-online
- the Australian Competition & Consumer Commission’s Scamwatch website at https://www.scamwatch.gov.au/types-of-scams/buying-or-selling/online-shopping-scams
- the eSafety Commissioner’s website at https://www.esafety.gov.au/women/life-admin/shopping
- the Australian Securities & Investment Commission’s MoneySmart website at https://moneysmart.gov.au/student-life-and-money/online-shopping
- the Australian Border Force website at https://www.abf.gov.au/buying-online/buying-online.
If you have any questions regarding this guidance you can contact us via 1300 CYBER1 (1300 292 371) or https://www.cyber.gov.au/acsc/contact.