Nowadays, we often find people playing games with their mobile devices in public places or public transport. The following tips give you more understanding of the security risk of malicious mobile games and provide recommendations on how to mitigate the risk.

 

 

(1) Quid pro quo: Quid pro quo is one of the social engineering attacks and requires users to provide their information during the exchange of goods or services. For example, illegal game developers usually require users to provide their email accounts and passwords for subscribing mobile games or obtaining bonus points. They will use the collected email accounts to carry out SPAM mail or phishing attacks.

 

(2) Malicious Software: Some mobile games can be downloaded from unofficial sources, which may attached with virus or other unwanted programs. Upon the games being installed in users' devices, hackers can gain access to the devices to steal their personal information through this malicious software.

 

(3) Device Permission Setting: While installing mobile games, users may need to grant permission to the game developers to access the device memory, outgoing call records, calendar information, contact list, or even track users' locations, thereby increasing the chance of information leakage.

 

 

(1) Be careful about game installations when asked for providing personal (e.g. date of birth) and financial data (e.g. credit card number) to game developers.

 

(2) Do not provide password to a third party. Change the password regularly and do not use the same password across multiple apps or games.

 

(3) Do not "jailbreak" or "root" the mobile devices to reduce the chance of manipulation by hacker.

 

(4) Download mobile games from official sources and regularly update the apps to the latest version.

 

(5) Periodically review permissions given to mobile game developers or third party access.