facebook rss twitter

Xbox LIVE not hacked, users targeted by phishing scam

by Steven Williamson on 23 November 2011, 13:47

Tags: Microsoft (NASDAQ:MSFT)

Quick Link: HEXUS.net/qa76x

Add to My Vault: x

While Sony’s PlayStation Network was brought to its knees earlier this year, after hackers stole information from millions of its users, Microsoft’s Xbox Live stood firm and subscribers were reassured that their precious details would be safe thanks to multiple levels of security.

This week, however, it seemed that Xbox Live wasn’t as secure as people initially thought with reports of a large scale hacking of subscriber accounts. As it turns out, it now appears that The Sun sensationalised the security breach, stating that thousands of Xbox Live accounts had been hacked with “millions of dollars” stolen.

Microsoft says that’s not the case at all, but users of the Xbox 360 online service have actually been the victims of multiple phishing attacks that have fooled gamers into disclosing their details over the web. In a statement made by Microsoft it said:
"Xbox Live has not been hacked. Microsoft can confirm that there has been no breach to the security of our Xbox Live service. In this case, a number of Xbox Live members appear to have recently been victim of malicious 'phishing' scams."




Microsoft claims that the phishing scam arrives in the form of an email that points recipients to a fake website where they’re asked to enter personal information, including credit card numbers. Phishing scams have been doing the rounds for many years, so we should all really now recognise the signs.

Here are a few pointers:

Don’t open unsolicited emails

Be suspicious of any email with urgent requests for personal financial information

Don't use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic or you don't know the sender or user's handle

Avoid filling out forms in email messages that ask for personal financial information

Always ensure that you're using a secure website when submitting credit card or other sensitive information via your Web browser

Regularly check your bank, credit and debit card statements to ensure that all transactions are legitimate

Always report "phishing" or “spoofed” e-mails through the appropriate channels

Microsoft is now working with all affected customers who have been in touch to ensure their accounts are secure.


HEXUS Forums :: 2 Comments

Login with Forum Account

Don't have an account? Register today!
This week, however, it seemed that Xbox Live wasn’t as secure as people initially thought with reports of a large scale hacking of subscriber accounts. As it turns out, it now appears that The Sun sensationalised the security breach, stating that thousands of Xbox Live accounts had been hacked with “millions of dollars” stolen.
But then again - “Gamers ripped off by con email” isn't as good a headline as one saying that Microsoft had been hacked.

A pal of mine came up with an interesting spin - if you get one of these kind of websites that asks for your (in this case) XBox Live credentials, deliberately put in a password that has no resemblance to the real one. This leads to the obvious step that if the website takes those credentials with no objection then it's demonstrably bogus.

Apart from that, I'm assuming that the usual rules (“NEVER click on a link in an email”, etc) apply.
:stupid:
I hope The Sun gets a nice big fat lawsuit on it's head for this one