Xbox Live users victims of massive phishing scam

Leeky

Leeky

Posts: 3,357   +116

Gamers using Microsoft's Xbox Live service have become the latest target of online phishing attacks as news spreads like wildfire about fraudulent transactions appearing on the credit card statements of its users.

Microsoft was very quick to jump the gate declaring their gaming platform had not been hacked, in a statement on Facebook. "Xbox Live has not been hacked. Microsoft can confirm that there has been no breach to the security of our Xbox Live service."

It appears that the ever-increasing number of affected users, now spanning 35 countries have been the victim of sophisticated online phishing attacks. Those using the service have been discovering payments, sometimes spanning months, in their credit card statements.

Those responsible for the theft have apparently been taking small amounts of money from users' accounts for several weeks, making the attack hard to detect. The fraud involved sending emails to Xbox Live users, directing them to sophisticated but fake websites offering free Microsoft point incentives. Having registered on the fake websites, the scammers then had all the personal information they needed to proceed.

In nearly all the cases, the purchases are for Microsoft Points, the currency the software giant uses to allow customers to download additional content, games and in-game objects. These appear to have been used to buy downloadable content from EA Sports, specifically Ultimate Team Packs for its FIFA 12, Madden and NBA titles, which can be traded between players for real money without EA or Microsoft recording the transaction.

According to the Sun newspaper, a Microsoft representative has said they'll offer refunds to anyone that can prove they have not handed over their password. That is a nice gesture, but how exactly does a person prove they are not guilty of providing a password when their account is already compromised is uncertain.

This incident follows on from the recent breach of Valve's Steam user forum that resulted in user information being stolen, and the devastating attacks on Sony's PSN network in April that forced the Xbox competitor's gaming service be turned offline for several weeks.

Permalink to story.

https://www.techspot.com/news/46379-xbox-live-users-victims-of-massive-phishing-scam.html

 
It's straight-up articles like this that keep me coming back to this site.
Excellent work Lee and well put, thanks for posting.
 
I've always thought to myself "how can someone fall for this?" but last night I had a bit of a falling out with a house mate, I transfered a secondary BT line that was in my name to his and I got to see him type out his passwords for his BT account and his Bank account, it is "qwerty". He also uses this on his xbox and he also plays MW3 like it is actually something new. Some how, After seeing this display of complete disregard for security and lack of Intelligence, I'm really not suprised. Although it does fascinate me that someone who is prepared to spend £40 a month on an internet connection, £800 on a sony vaio laptop and god knows how much on his xbox and has no idea how any of it works and what security to put in place? Hell he doesn't even have an anti-virus! Glad he's off my network...
 
What the hell?!! Only 3 post? Come on...get some scoop on SONY already. We need to get the board buzzing with hate.
 
artix said:
How can someone fall for a scam, sure some look very LEGIT but afterall, they aren't ...
Click to expand...

Not everyone is as paranoid as most of us here, I'm sure we all double check everything that seems even a little off. Sadly many others think these sophisticated phishing sites are legit and don't even bat an eye at them.
 
Relic said:
artix said:
How can someone fall for a scam, sure some look very LEGIT but afterall, they aren't ...
Click to expand...

Not everyone is as paranoid as most of us here, I'm sure we all double check everything that seems even a little off. Sadly many others think these sophisticated phishing sites are legit and don't even bat an eye at them.
Click to expand...

I think it's 50/50. We're too paranoid, they're too naive.
 
just dont give any personal information and youll be fine... cant believe ppl fall for these kind of scams... -.-
 
This exact problem has happened to me. The first time MS didn't believe me, said I or someone in my household must have bought the points. Froze the acct during the investigation, found no evidence in the end. 2nd time, I called them immediately after noticing 2 transactions in one day, then logged into Live to see FIFA activity. A 2nd email address was added to the primary in the Live acct managment, followed by some Chinese characters... that seemed to convince them of the hack this time.

Both times this happened, I had sent recently a message thru an Xbox Live friend via my Windows Phone. Coincidence?
 
You must log in or register to reply here.

Similar threads

D
Google Chrome gets real-time phishing and malware protection with upgraded Safe Browsing...
Replies
7
Views
252
Evrsr
E
Daniel Sims
Game developers think most Xbox exclusive games are going multi-platform soon
Replies
3
Views
116
Jeff Schmidt
Jeff Schmidt
Daniel Sims
Microsoft expected to continue making Xbox consoles, major announcement coming Thursday
Replies
7
Views
187
yukka
Y

Latest posts

Back