Spotting Fake Indie Game Key Requests
If you're an indie game developer, you will very likely see key requests from bad actors trying to get game keys to sell. It's par for the course unfortunately, but it's increasingly difficult to distinguish genuine review requests from fake ones (especially when juggling a game release).
I recently released a game on Nintendo Switch after releasing it on Steam a year prior, and I noticed a big increase in how sophisticated the illegitimate requests were for the Switch release.
- Fake Review Sites
- Mimicked Email Addresses
Fake Review Sites
Fake review sites are websites which look like real news sites at a glance, however on closer inspection include copied and pasted content from other websites. This is especially hard to tell when the website uses a foreign language, such as Persian or Russian.
A fake Russian game review site
If you're not expecting these they're harder to spot, because the content looks real. However, there are few tell-tale signs the site is not a real review site:
- There are no references to it on social media, no official accounts for the site
- Googling phrases in content on the site yields results from other, similar fake websites
Another fake review site in the Persian language
I received a few of these requests from the below domain names, always via email, all fake sites:
parsjoy.com, gamovich.com, gameruss.com, gameinja.com, gamingles.com, russplay.com, irgreview.com
At the time of writing, if you look up the domains on who.is, you'll see that:
- The hidden contact information for the domains is identical (in this case an address in Malaysia)
- The DNS information for the domains is also the same (CloudFlare for HTTP, Rackspace for email)
- The email requests usually look identical, with a small contact card at the footer:
I contacted the abuse departments for CloudFlare and Rackspace with the domains I received fake key requests from, though got no response.
Mimicked Email Addresses
Scammers will register an email address which looks visually identical to an official email address. For an extreme example, compare
The first email address uses the domain
example.com. The second email address appears to use the same domain, but if you try to search this page (CTRL + F for
example.com), the second email address doesn't match.
That's because it uses the Cyrillic version of
е, instead of the Latin version of
e (which are visually identical in most fonts).
To identify this scam, always copy the email address you receive the key request from, and verify it's the same email address listed on the YouTube channel/Twitch profile using CTRL + F.