Friday, November 25, 2011

Xbox Live Users Scammed in Phishing Attack (NewsFactor)

Bringing back memories of the Sony PlayStation hack that compromised thousands of gamer accounts, some British Microsoft Xbox Live users have been scammed in a phishing attack. Although Microsoft insists its network has not been hacked, the phishers have nonetheless fooled some gamers into disclosing credit-card information.

The Sun, a paper in the U.K., first reported that online crooks hacked into thousands of Xbox Live accounts to steal millions of dollars. The paper said the average catch was 100 British pounds, or a bit over $150 -- but that many suffered losses of more than 200 pounds.

"Xbox Live has not been hacked. Microsoft can confirm that there has been no breach to the security of our Xbox Live service," Microsoft said in a statement. "In this case, a number of Xbox Live members appear to have recently been victim of malicious 'phishing' scams."

Microsoft's Response

News reports suggest some Xbox Live users received e-mails tricking them into visiting "spoofed" Web sites and entering their personal information, including their credit-card numbers. Microsoft said it consistently takes measures to protect Xbox Live against ever-changing threats, and listed three current initiatives. Those initiatives sound like a lesson in basic Internet security 101.

For example, Microsoft is warning people against opening unsolicited e-mails because the messages may contain spyware or other malware that can access personal information on their computer without their knowledge or permission. Microsoft is also reminding all customers that they should be very careful to keep all personal information secure whenever online and never supply e-mail addresses, passwords or credit card information to strangers.

Finally, Microsoft said it is working closely with Xbox Live users who have been in touch with the company to investigate and/or resolve any unauthorized changes to their accounts resulting from phishing scams.

Back To Internet Basics

"It looks like these phishers convinced gamers that they were visiting an Xbox site and got the users to give up IDs and passwords and their credit card numbers," said Rob Enderle, principal analyst at Enderle Group. "The bad guys got enough information to actually charge the credit card, then pulled in small amounts of money over a long period of time."

News reports have suggested the phishers convinced gamers to enter the information in exchange for reward points. Enderle expects most credit card companies will indemnify the victims if they dispute the charges.

"This story points to the typical warning for anyone using the Internet: If someone is representing themselves as the vendor, they already have your password and ID. They don't have to ask you for it," Enderle said. "So it should be a red flag if anybody asks you for both your password or ID. Never provide it, even if the site looks to be safe."

Source: http://us.rd.yahoo.com/dailynews/rss/personaltech/*http%3A//news.yahoo.com/s/nf/20111123/bs_nf/81096

mirror mirror tanuki mirror mirror trailer albert pujols bob knight bob knight lavar arrington

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.