Some Xbox Live users are being targeted by phishers according to posts on the Xbox forums. The sneaky criminals, posing as Xbox Support, are sending out a scam email in attempts to access the user information of members in the US and the UK.
Here’s an example of the email message:
Dear Xbox Live User,
We have made many changes to everyone’s Xbox Live account, and we would like you to check out the new features! You can check out the new features by click on the link below to login and check them out!
Please check out your new features to your Xbox Live account!
Members that click the link in these messages are taken to a fake Passport login page where their usernames and passwords will be logged should they attempt to log in. Phishers can then use this information to gain full access to users’ Passport accounts.
According to Next-Gen.biz, Microsoft is aware of this security threat and is now taking measures to protect members. Hit the jump to see what Microsoft has to say about this phishing threat, as well what measures they have taken to prevent future incidents.
Microsoft has confirmed reports of certain individuals taking over subscribers’ Xbox LIVE accounts through fraudulent behavior.
We’ve taken action to help protect our subscribers’ accounts and are working with our call center staff to help reduce the likelihood of future incidents. This includes:
• Retraining all customer support representatives.
• Examining the policies and processes for account recovery.
• Continuing to monitor the situation closely to take appropriate action as necessary.
In addition to these steps, we continue to recommend that our customers always be careful with whom they share information while connected to Xbox LIVE.
We will reimburse any customer whose account has been compromised in this fashion. If they have lost content such as Xbox Live Arcade games, we will provide the customer with replacement content at no charge.
This was not a failure of software technology. We want to reassure our customers that there has been no security breach of the Xbox LIVE network or of Bungie.net.
Customers who have any concerns about their account should visit www.xbox.com/support, click on the link titled “Troubleshooting Access to your Xbox Live Account,” and perform the steps outlined there.