Warning: Phishing Sites and Xbox Live
Australia General Discussion
Warning: Phishing Sites and Xbox Live
tranceVib
04-01-2008, 2:35 AM
There have been a number of reports concerning people trying to scam Xbox Live details from users via fake Xbox.com login pages. This is known as ‘Phishing’ and is against the law. You should be very aware of what this is and the consequences of falling for this kind of scam.
How it happens...
Xbox Live users will receive a private message on Xbox Live, or any other form of communication where you are directed to a website either promising free goods, an alternative login method, or the site may even be posing as the real Xbox.com.au. The user will most likely see a page that looks much like the login screen on the real Xbox.com.au, but the page could look like anything. You may also be asked for other personal details including credit card numbers or security question answers (mother’s maiden name, first pets name, etc).
Phishing isn’t only done via websites; it can also be done on Xbox Live voice chats and in game. Always be aware of what you’re saying to anyone over any medium. If someone asks for your personal details, anything including email addresses and date of birth, be very wary of whom you’re actually talking to.
What they exist for...
These sites only exist to farm your login details and use them for means that aren’t under your control. They may even exist to steal money from you, it all depends on the kind of information you give them.
If you have passed on your Xbox Live login details, and have a credit card on file, the scammer can purchase Microsoft Points with your account using your credit card. If they then go and change your Xbox Live account’s password, you will be locked out of your account with you being required to cancel your credit card.
There have been reports of users receiving messages on Xbox Live from their own friends, advertising these Phishing sites. These messages have most likely been sent without their knowledge, as they could very well have entered their own details into a Phishing site.
How do I stop this?
Be on the ball. Only login to sites you know are trusted, and have yourself typed in the website address for. Be careful of what you say to people on Xbox Live, and the questions that they ask you. If for any reason you feel something is unsafe/insecure, don’t do it.
Xbox.com.au’s login website address is http://login.live.com/. If it doesn’t say this at the
start
of the URL string, you may be at a Phishing site.
If you’ve been offered free goods requiring you to login to a specific website, or have found any kind of Phishing site relating to Xbox/Xbox Live, PM a moderator and report it. Even if you’re only just a little bit sceptical. A moderator can report a Phishing site to the right people to take action against it.
Do not post links to suspected Phishing sites on the forum.
More information can be found at the Australian Government run website,
Scamwatch
Also please read through this guide on Xbox Live Phishing
here
.
Update 14/04/2009
:
Microsoft have placed an information page on this subject
here
. Read it!
(thanks
Gamemaster3148)
This posting is provided "as-is" with no warranties, and confers no rights.
PSN: tranceVib
Wii: 5501 9028 1390 8609