Kaspersky Statement on Roblox leaked documents

Please attribute statement to Andrey Sidenko, security expert at Kaspersky

“Roblox is an online gaming platform that allows users to create their own game simulations and virtual locations, where they can play in different locations themselves or invite other users. There are both harmless and very popular locations, where users can choose a pet and take care of it, or go through an obstacle course with their characters. The genres of such games are almost unlimited and the number of daily active users was 50 million by the end of 2021, most of which were school-aged children.

However, in the game world they may also meet fraudsters, who can either be members of the selected playthrough or even be its authors. Threats from them can come both inside the game world – they often show aggression, deception or intimidation. For example, the theme of the Roblox game world might be used to create phishing resources in order to steal login and password from the account and further withdraw funds from the victim; or under the guise of in-game currency (Robux) users can be offered to register with a real name or pay for a “no-lose lottery,” participation in which will bring nothing but loss of money.

Although Roblox has a system of content moderation, you should not rely on it completely. It can be especially dangerous for school children, who due to their lack of experience may not be aware of many cybersecurity rules.

Here are a few rules to help not only protect your data, but also not to find yourself in a location that can harm you or your children psychologically.

  1. Do not share your real name, place of residence, school, or other personal information that can help attackers identify you in the real world;
  2. Only chat with those users who you know personally; do not chat with strangers in Roblox or anywhere else;
  3. Use a complex and unique password and always end the session at the end of the game, especially if you choose to connect from an unfamiliar device. Don’t forget to use two-factor authentication;
  4. Roblox is using internal content monitoring system and if you come across any unwanted ads, cheating, online grooming, different types of harassment or aggression towards you or other users you should report it to the moderators;
  5. Critically evaluate the information you encounter in the game world. Abusers may use a variety of techniques, including social engineering. For example, they may offer you a reward in the form of in-game currency (Robux) for detailed information about yourself. If someone offers you this, then in all likelihood it’s cheating and the fraudster clearly has “own interests”.
  6. Use antivirus solutions and parental control programs to be sure that your child can use the Internet safely.”

Liked this post? Follow SwirlingOverCoffee on Facebook, YouTube, and Instagram.