That great bastion of video games journalism (or any journalism for that matter) The Sun has today run an “exclusive” high profile piece on the Xbox and gamers who have been stung by cyber-fraud.
The paper claims that online crooks have “hacked” into thousands of Xbox Live accounts, giving the impression that Microsoft has had its Live database breached in some manner. However, this isn’t the case at all.
These aren’t hackers, but simply cyber-criminals who are trying to glean personal details from gamers via phishing sites or befriending gamers on the network and chatting to them in order to gain clues to passwords and suchlike.
Phishing scams involve the construction of fake websites which look official and offer equally fake goodies such as free Microsoft points to spend on Live.
Of course, there’s no such thing as a free gaming lunch, and these sites get those foolish enough to fall for them to enter account details, giving the cyber-thieves access.
The other common method crooks use is to befriend people and then chat to them online, attempting to find out the name of their old school, pets and so forth, all details which could help the thief crack the account’s password.
The Sun reckons that this is a growing problem – and that is undoubtedly the case – and the average Xbox gamer who has their account compromised suffers to the tune of around £100.
The thieves tend only to take small amounts, the dribs and drabs meaning that the breach probably won’t be spotted for a while.
So what can you do to ensure you aren’t the victim of Xbox Live fraud? It’s quite simple, really. Don’t accept random friend invitations – only be pals with people you can be sure about – and don’t go anywhere on the web entering your account details save for the official Xbox.com site.
And make sure you don’t get to Xbox.com via a link in an email which purports to offer something.
It would seem that some folks are claiming there is some manner of vulnerability linked to Live, which has led to passwords actually being hacked – although The Sun’s article mentions nothing about this.
Microsoft has yet to comment on the situation, although the company has previously said that there has definitely been no large-scale database breach of the Live servers.