26 replies to this topic

[Cafeman]

Read this: this happened to one of my 2 accounts (my son's).

http://www.thesun.co...yber-fraud.html

We haven't had the X360 hooked up for at least 2-3 months. But we noticed Xbox live purchases being charged to us so I started to check things out, and it turns out hackers took over the account, changed the secret question to Chinese or Japanese, and started to slowly buy Xbox live points. I called the MS Xbox live service and started an fraudulent charges claim.

In the meantime, I went in and removed the auto-resubscribe setting.

I hate hackers. Unless I get refunded by MS (I expect to), I'm out of almost $100.

[JamesD]

Yeah, MS is never getting my credit card number.

[bennybingo]

Tell your son to stop responding to spam messages offering free Xbox Live points....it is always a scam!!!!

[Skarrj]

bennybingo, on Tue Dec 6, 2011 2:27 PM, said:

Tell your son to stop responding to spam messages offering free Xbox Live points....it is always a scam!!!!

My first thought, or COD scammers saying they will make you 15th prestige

[FujiSkunk]

JamesD, on Tue Dec 6, 2011 1:59 PM, said:

Yeah, MS is never getting my credit card number.

Ditto.

[Cafeman]

So you don't do Xbox live?

[bennybingo]

I use 12 month pre-paid cards...never a credit card on file. Not nearly secure enough.

[onlysublime]

Cafeman, on Tue Dec 6, 2011 12:33 PM, said:

Read this: this happened to one of my 2 accounts (my son's).

http://www.thesun.co...yber-fraud.html

We haven't had the X360 hooked up for at least 2-3 months. But we noticed Xbox live purchases being charged to us so I started to check things out, and it turns out hackers took over the account, changed the secret question to Chinese or Japanese, and started to slowly buy Xbox live points. I called the MS Xbox live service and started an fraudulent charges claim.

In the meantime, I went in and removed the auto-resubscribe setting.

I hate hackers. Unless I get refunded by MS (I expect to), I'm out of almost $100.

the problem is people use the same passwords over and over. and often the same email over and over. so you use the same password on that gaming messageboard that you use on Xbox Live, that you use on your email, etc. so if that one messageboard gets hacked (and how strong is security on a messageboard??), they can blindhit all the other sites and see what registers. don't use the same password on AtariAge that you use on Xbox Live. I use a secondary email and password in order to use messageboards. The account I created for Xbox and Microsoft Live stuff is only for those things. I don't mix and match accounts. I also have a separate email for friends and family.


the other thing is that people shouldn't be replying to emails from Microsoft or EA. Microsoft and EA do not send emails to gamers. people were clicking on emails to sign up for the beta dashboard program and basically giving away their information. It's sad when MS had to put on their beta dashboard page for people not to respond to emails purporting to come from them. Microsoft doesn't send emails to you. They basically make you go to official websites to do official business. some people supposedly got emails from Microsoft to verify their account info or to sign up for the Xbox Ambassadors program or to do a survey for the Xbox Rewards program.

everyone should have unique passwords for every single site. if people don't want to remember multiple passwords, they should use the password management systems where the site will generate random passwords for all your accounts (and the passwords are really funky combinations of numbers, letters, upper and lower case, etc.). you only have to remember one password and the rest is taken care of. something like KeePass or lastPass.

[FujiSkunk]

bennybingo, on Tue Dec 6, 2011 2:53 PM, said:

I use 12 month pre-paid cards...never a credit card on file. Not nearly secure enough.

Ditto. I use prepaid cards or codes for everything, though truth be told I haven't a Gold subscription for a few months now. I bought a card when my last subscription lapsed, but have yet to get around to activating it. Online play just isn't that important to me, and the leaderboards are still available to Silver members.

[HammR25]

bennybingo, on Tue Dec 6, 2011 2:53 PM, said:

I use 12 month pre-paid cards...never a credit card on file. Not nearly secure enough.

That and a person can find them on sale for $40 or less instead of paying $60.

[Video]

After the ordeal I went through with microsoft a few years ago, they will never see another one of my credit cards. Yeah, the $25 a year for gold isnt worth it when it ends up costing you a LOT more per year after microsoft desides to take the money rather than just use a year you already bought.

Anyhow, always used the prepaid things from stores, and been fine ever since.

[HatefulGravey]

Mine got hacked into a month or so ago. I turned on my 360 and had to retrieve my gamer tag and then noticed I had gamerpoints for a game I had never played. Not sure what was going on with this, I have no CC on the account and nothing was changed. Someone got my information some how and used it to play FIFA online. I changed everything up and I have been fine for a while now, but it was concerning for a little bit there. I really have no idea how this was done, I didn't even know was my password was, I had a use the security questions myself.

[Cafeman]

I was doing some research and there is a link to FIFA online. My account also now has FIFA achievements on it so they were playing it. (I don't own that game).

[moycon]

Cafeman, on Mon Jan 9, 2012 12:02 PM, said:

I was doing some research and there is a link to FIFA online. My account also now has FIFA achievements on it so they were playing it. (I don't own that game).

Apparently hackers can use this game to get real world $$$. Not sure exactly how it works, but I have heard about it, and I see if you do a search on "hackers fifa" it returns dozens of pages.
I need to look into this more closely. From what I can gather the issue isn't with Live, it's with EA servers. (Burnout, Mass Effect etc...) The hackers can get access to your Live account from info they hacked from EA. After they have access to your Live account, they can buy digital card packs in Fifa and then sell the packs for real world money.

Bottom line, I wouldn't tie any credit cards to your account and for right now I wouldn't even leave any unspent MS points tied to your gamertag. Seems this is what the hackers are looking for mainly. Without them, they pretty much can't do anything harmful that I can think of.

[cimerians]

Microsoft may not care what happens to you so be pushy with them:


http://www.destructo...p--219144.phtml

[cimerians]

Cafeman, on Tue Dec 6, 2011 12:33 PM, said:

I hate hackers. Unless I get refunded by MS (I expect to), I'm out of almost $100.

Per my above post they may refund you and then take some back.

http://www.destructo...im-219255.phtml

Unbeleivable.

It's a growing black market business it seems. I double checked my account and none of my info is on it. I always use pre-paid cards.

Edited by cimerians, Mon Jan 9, 2012 12:23 PM.

[Cafeman]

Yeah, I'm going to use pre-paid cards exclusively from now on. What a pain, but that's the world we live in.

[HatefulGravey]

moycon, on Mon Jan 9, 2012 12:12 PM, said:

Cafeman, on Mon Jan 9, 2012 12:02 PM, said:

I was doing some research and there is a link to FIFA online. My account also now has FIFA achievements on it so they were playing it. (I don't own that game).

Apparently hackers can use this game to get real world $$$. Not sure exactly how it works, but I have heard about it, and I see if you do a search on "hackers fifa" it returns dozens of pages.
I need to look into this more closely. From what I can gather the issue isn't with Live, it's with EA servers. (Burnout, Mass Effect etc...) The hackers can get access to your Live account from info they hacked from EA. After they have access to your Live account, they can buy digital card packs in Fifa and then sell the packs for real world money.

Bottom line, I wouldn't tie any credit cards to your account and for right now I wouldn't even leave any unspent MS points tied to your gamertag. Seems this is what the hackers are looking for mainly. Without them, they pretty much can't do anything harmful that I can think of.

Yeah, I did have a few unspent points that I thought went missing, nothing showed up as purchased with them so I thought I might have spent them without remembering it. Oh well, I'm out $5, I've lost more before and there is nothing I can really do about it now.

So EA is to blame, another reason to hate those guys, like I needed another one.

[moycon]

Cafeman, on Mon Jan 9, 2012 1:18 PM, said:

Yeah, I'm going to use pre-paid cards exclusively from now on. What a pain, but that's the world we live in.

Back in 2007 when I first got a 360 I had a credit card tied to my account. I suppose it was convienent and I never had any issues, but after the whole Sony Network fiasco, decided doing that was a big mistake. I'm just glad there is the option to use the cards! Going forward if they ever make it mandatory to keep a CC on file, I'll opt out.

[HammR25]

I think it's also a bad idea to give paypal your bank account number. I only give them my credit card number. I gave them my bank account number until around 2002 when they suddenly locked my account and would only unlock it if I gave them another bank account number. I probably wouldn't have bothered with that but I had just gotten some money in the account at the time so I gave them a student checking account that I never used any way so they'd unlock my account. Since then I've removed all bank details from paypal and have only give them credit card information.

[Random Terrain]

After all of the bad stuff I read before, I only use those cards that were mentioned above. I won't use a credit card or PayPal with them. (I also delete scam e-mails and any e-mails that try to sell me anything, even if they are legitimate.)

[Cafeman]

I just went to my windows live / xbox live account - it would not let me remove my 1 credit card that I have in there. "you cannot remove this at this time" was the message. WTH? I guess I'll have to call.

[moycon]

Cafeman, on Mon Jan 9, 2012 8:37 PM, said:

I just went to my windows live / xbox live account - it would not let me remove my 1 credit card that I have in there. "you cannot remove this at this time" was the message. WTH? I guess I'll have to call.

Ran into a similar issue when I went to remove mine. In my case it was because I had used the CC to purchase a years Live Gold and the Live account was still active. Basically I had to wait for the Gold account to expire (in my case it was only a couple weeks so I didn't have a fit) once it expired I was able to remove the CC, and then reactivate my Gold with a pre-paid card. If I had many months worth of Gold left I probably would have thrown a fit if they didn't remove it ASAP. To me the fact that a person still has a active Gold account is no reason to keep a CC tied to the account. The frickin Gold was already paid in full, I can see no reason they would still need it.

[Cafeman]

Both my Gold account and the credit card I entered will both expire in about 2 months. I guess I'll wait. I was able to change the auto-resubscribe to OFF.

[wood_jl]

HammR25, on Mon Jan 9, 2012 7:28 PM, said:

I think it's also a bad idea to give paypal your bank account number. I only give them my credit card number. I gave them my bank account number until around 2002 when they suddenly locked my account and would only unlock it if I gave them another bank account number. I probably wouldn't have bothered with that but I had just gotten some money in the account at the time so I gave them a student checking account that I never used any way so they'd unlock my account. Since then I've removed all bank details from paypal and have only give them credit card information.

I'm thinking about this. The trouble is, if you sell anything and accept Paypal, you must do this. I've kept an alternate bank account with a very few dollars in it for these transactions, but now that most banks (greedy schmucks) are charging $7 per month for a checking account - unless you keep $1500 in it that scammers can get to in event of hack - this is not an option.

AAARGH! I think you MUST give them a bank account when you get started with Paypal, even if you use a credit card for purchases, right? They always try to steer you away from your credit card in an attempt to avoid the merchant fees, and to encourage you to keep money in your Paypal account that you don't receive interest on, too.