Why don't you have a chat and 2 factor authentication? Chat maybe leads to even more phishing but fun to brag about wins and troll.
Just put 2FA before any chat and it's up to players to secure their account in a way that even clicking a bad link will not do any harm
No 2FA? Really?
Edit: Question marks are because I can't check site (US based), not meant sarcastically etc.