A number of Xbox Live users have been receiving emails, supposedly from Xbox Support, informing them that changes have been made to their accounts, asking them to log into a replication of Microsoft's Xbox.com website which, in turn, logs their information for the scammer and quickly redirects to the actual homepage.
Microsoft has confirmed the validity of these reports and is taking action to help protect its subscribers’ accounts. Interestingly, the company said it will be reimbursing any user whose account has been hijacked by phishers:
We will reimburse any customer whose account has been compromised in this fashion. If they have lost content such as Xbox Live Arcade games, we will provide the customer with replacement content at no charge. […]Customers who have any concerns about their account should visit www.xbox.com/support, click on the link titled "Troubleshooting Access to your Xbox Live Account," and perform the steps outlined there."