Pokémon Go: Into the real world, with real crime

The game is getting its players off the couch, which already wasn’t safe from the bad guys

Pokémon Go sneaked up on me. One minute, I knew nothing about it, and the next, just about everyone was talking about it.

The twist with Pokémon Go is that players can catch Pokémon in real life, out on the streets and away from their couches. I love the idea that a smartphone game not only can be played anywhere, but actually requires its players to get outside. But because security is always on my mind, I quickly wondered what crimes Pokémon Go would enable. The answer wasn’t long in coming.

Criminals are quick to exploit new opportunities, and they have been targeting video gamers for a long time. Many games encourage in-app purchases, and they often allow players to trade tokens with other players. That creates an incentive for criminals to get their hands on people’s tokens, which they can then sell for financial gain. One major online gaming company hired me to strengthen its user authentication mechanisms, since criminals had been using social engineering to get help desk employees to reset passwords, thus granting them access to players’ in-app assets.

Then there are the typical hackers, who will exploit the popularity of the app. They will offer fake versions of the app loaded with malware. This is more likely in areas where the app is being phased in, as well as through distribution in Android stores that do not perform stringent security checks. It is also inevitable that when extra features become possible, criminals will offer fake upgrades loaded with malware as well.

In games such as World of Warcraft, criminals tend to hack characters and extract value. If criminals access a gaming account with a credit card attached to it, they can buy things. Other criminals, such as child predators, have abused the ability to interact with players to lure victims to real-world locations.

Now, within a week of the release of Pokémon Go, criminals have figured out a way to target players in the real world. They set up a beacon to lure people to a “pokestop,” a place where people can gather to play the game against others. They then robbed a would-be player at gunpoint.

More casual crimes are even more likely. When players head out of the house in pursuit of their game goals, their minds are fixed on the virtual world that resides in their phone, and they remain rather inattentive to the real dangers that might lurk on the actual streets they are wandering. They’re easy targets.

Protect yourself

Here are some precautions for players to follow. They apply just as well in many situations that have nothing to do with Pokémon Go.

Be on the lookout for phishing attacks and social engineering: Criminals will send out phishing messages or make phone calls in an attempt to get people to divulge their user IDs and passwords. Many will look or sound like legitimate messages from the company. You might receive an offer to load your account with extra Pokémon. You might be told your account has been compromised. Be suspicious, and confirm that the company has sent out such messages before responding in any way. Also, access the application only through legitimate sources.

  • Be careful in the real world: Vigilance is essential anytime you step out into the world. Players presented with a chance to meet like-minded people can let their caution lapse. And always bear in mind that people you meet in the virtual world may not be whom they say they are.

One of the best things about Pokémon Go is that it encourages people get out for some exercise, and perhaps to meet new people. Those are great benefits, but they won’t be worth much if you ignore the potential for danger.

Ira Winkler is president of Secure Mentem and author of the book Spies Among Us. He can be contacted through his Web site, securementem.com.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags Pokemon

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ira Winkler

Computerworld (US)
Show Comments

Father’s Day Gift Guide

Most Popular Reviews

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?