Fraud Has Entered The Game

Gaming is now one of the largest digital commerce ecosystems in the world. Players top up credits, buy skins, unlock characters, and join limited-time events across dozens of platforms, and increasingly, they do it outside the app. That scale brings real opportunity. It also brings fraud.

The gaming industry keeps evolving, and so do the threats around it. Kaspersky recorded more than 20 million attempted attacks on gaming platforms in 2025 alone. In Southeast Asia, gaming-related cyberthreats jumped 86% in the second half of the year, with Vietnam up 202% and Thailand up 104%. The threat isn’t theoretical. It’s already in the markets where your players are. As payment flows become more global and player communities become more connected, scammers will continue looking for weak points in the experience. 

Online gaming scams cost players and publishers more than money. They cost trust. And in gaming, trust is what keeps people coming back.

How gaming scams actually work

The most effective scams aren’t sophisticated; they’re familiar. Fraudsters don’t need to break systems. They exploit habits. They know players are drawn to rare rewards, used to time-limited events, inclined to trust familiar messages, tempted by unofficial discounts, and accustomed to fast, frictionless transactions.  
 

Common tactics include: 

• Phishing sites that copy official publisher or top-up pages pixel-for-pixel
• Fake reward or giveaway pages that harvest login credentials or OTP codes
• Unofficial discounted top-ups, lower price, higher risk
• Malicious APKs or files disguised as cheats, mods, or “unlimited” currency tools 
• Impersonation via Discord, Telegram, or in-game chat, posing as support staff or friends

The damage goes beyond a single transaction. Account takeovers drain wallets and wipe progress. Compromised credentials spread across platforms. And once a player gets burned, they don’t just lose confidence in the scammer; they lose confidence in the game.

What players can do right now

Safe player behavior doesn’t require paranoia. It is about making safe behavior the default. 

The most effective protection is unglamorous: use two-factor authentication, don’t reuse passwords, and only top up through official channels. If a deal looks better than what the publisher offers, it isn’t a deal.

 Watch out for:

• Links shared in DMs that ask for login details or OTP codes, legitimate support never asks for these
• APKs or mod files from unofficial sources. If it’s not on the official app store or publisher site, don’t install it
• “Limited-time” top-up offers from third-party sellers. Double-check the URL, confirm the seller is legitimate, and stick to official top-up channels when unsure

Coda’s Online Safety URL Checker lets players verify whether a site is legitimate before they engage. It’s one tool in a broader habit.

Guard Your Game: what we’re doing about it.

Coda’s Guard Your Game campaign, endorsed in Indonesia by the Ministry of Creative Economy, is now running across Indonesia, Malaysia, the Philippines, and Singapore, combining anti-scam education, localized resources, and tools like the URL Checker to give players a practical way to protect themselves.

The goal isn’t to slow commerce down. It’s to make sure the players driving it feel safe enough to keep going.

Fraud has entered the game. So have we.

 
Let’s build a safer gaming space together, talk to us: https://www.coda.co/contact/