Threat actors are now using fake rewards in so-called “play-to-earn” mobile and online games to steal millions worth of cryptocurrency, the US Federal Bureau of Investigation (FBI) has warned.

Potential victims are typically contacted by scammers online, before being introduced in time to the online or mobile game, in which players purportedly earn cryptocurrency rewards in exchange for some activity like growing 'crops' on an animated farm. Victims then are instructed to create a crypto wallet, buy cryptocurrency, and join a specific game app.

The scammers tell them that the alleged rewards increase as the victim stores more money in this wallet, but when victims stop depositing funds into the wallet, threat actors steal digital assets from victim wallets using malware that was covertly activated then the user joined the game.

What’s more, the crooks will tell victims that they may reclaim funds by paying additional taxes or fees but, in the end, all those funds will also end up in scammers’ pockets.

To avoid falling victim to such scams the FBI recommends the following:

• If you wish to participate in cryptocurrency-based gaming, create a unique wallet to use. This isolates your primary cryptocurrency holdings should you unknowingly grant illicit actors access to your gaming wallet.

• Use a third-party blockchain explorer to independently check the balances of the addresses in your gaming wallet.

• Periodically use a third-party token allowance checker to help you see which sites or apps you have inadvertently permitted to access funds in your wallet and revoke those permissions.