Following the recent leakage, revealing how Roblox moderates content, Kaspersky experts share insights on what cyber threats can threaten users, and especially children, in the gaming space and how to protect yourselves. The leaked documents give insight into the targeting of children by predators on the platform and how the platform attempts to fight child grooming. Additionally, one issue identified in the documents is that although Roblox’s systems scan 100 percent of submitted abuse reports, only around 10 percent of those are actionable. This suggest that even on a gaming platform, where content is moderated, there remain a large number of risks for children.
Roblox is an online gaming platform that allows users to create their own game simulations and virtual locations, where they can play in different locations themselves or invite other users. There are both harmless and very popular locations, where users can choose a pet and take care of it, or go through an obstacle course with their characters. The genres of such games are almost unlimited and the number of daily active users was 50 million by the end of 2021, most of which were school-aged children.
However, in the game world they may also meet fraudsters, who can either be members of the selected playthrough or even be its authors. Threats from them can come both inside the game world – they often show aggression, deception or intimidation. For example, the theme of the Roblox game world might be used to create phishing resources in order to steal login and password from the account and further withdraw funds from the victim; or under the guise of in-game currency (Robux) users can be offered to register with a real name or pay for a “no-lose lottery,” participation in which will bring nothing but loss of money.
“Although Roblox has a system of content moderation, you should not rely on it completely. It can be especially dangerous for school children, who due to their lack of experience may not be aware of many cybersecurity rules,” comments Andrey Sidenko, Lead web content analyst at Kaspersky.
Here are a few rules to help not only protect your data, but also not to find yourself in a location that can harm you or your children psychologically:
- Do not share your real name, place of residence, school, or other personal information that can help attackers identify you in the real world;
- Only chat with those users who you know personally; do not chat with strangers in Roblox or anywhere else;
- Use a complex and unique password and always end the session at the end of the game, especially if you choose to connect from an unfamiliar device. Don’t forget to use two-factor authentication;
- Roblox is using internal content monitoring system and if you come across any unwanted ads, cheating, online grooming, different types of harassment or aggression towards you or other users you should report it to the moderators;
- Critically evaluate the information you encounter in the game world. Abusers may use a variety of techniques, including social engineering. For example, they may offer you a reward in the form of in-game currency (Robux) for detailed information about yourself. If someone offers you this, then in all likelihood it’s cheating and the fraudster clearly has “own interests”;