 08-10-2009, 4:16 PM
|
|
|
Account safety, anti-phishing and free points scams: Information - please read.
|
|
Why should I have to protect my Xbox live account details?
Your Xbox Live account details are your access to the Xbox live experience - Microsoft take every care to protect your personal information on their secure servers, but many people are tricked everyday into giving them away, and this may result in losing a lot more than just your gamerscore.
If an unauthorised user manages to obtain your LIVE ID and password they can recover it to another console and simply change the password - this will stop your account working on your own console as a LIVE account can only be used from one console at a time. Since you will not know the new password - you can not recover it back.
Losing your Xbox LIVE access can be just the start…
If you have a credit card associated with your Xbox LIVE account, the unauthorised user can then use this to buy items and points on your stolen account, and spend them as they see fit up to the limit of your credit card.
Your account could then also be used to propagate the problem to friends, therefore spreading the scam even more…
The safety of your account is YOUR responsibility - and you should take that duty seriously.
One of the simplest ways to avoid any problems is to NEVER give out your password to ANYONE or enter it into any site you're not sure is an Official Microsoft site [look for the padlock in the browser] no matter what is being promised!
How can someone else gain access to My Account?
There are many different ways people can lose access to their accounts.
If you use a shared PC to log into your LIVE ID online, either at home or at an Internet cafe, it’s important to make sure you tick 'Always ask for my e-mail address and password' option and when you are finished - always clear the history /cache and cookies.
There are a lot of websites on the Internet which are designed to trick you. They will pretend to offer you something for free but in reality they just want you to download a file containing malicious software (or malware). Don’t be fooled or tempted by these sites and always run up-to-date anti-virus software on your computer. Some Internet browsers also have a feature which will automatically block access to websites which are known malware sites. It is advisable you use one of these to maximise your protection.
These days, good anti virus software does not need to be expensive and many now even come with extra security features, such as secure identity/password protection and anti-phishing protection - which checks the ‘identity’ of websites, to make sure they are who they say they are. It’s also very important to allow the software to work, so don’t stop it from updating it’s virus databases or scans, simply to speed up a download or the PC, you must use it fully to be protected.
So overall it is important to remember that your account can be ‘hacked‘ with very little effort if you do not properly protect your PC. Even if you do not use Xbox.com via your PC other important information such as your identity or credit card details can be at risk if you buy goods online.
The below are just a selection of the other ways used to trick people everyday, on Xbox LIVE / email into either gaining access to, or stealing someone's Xbox LIVE account.
Account sharing
In an ideal world everyone would have an personal account, but in the real world - people do share accounts. This can however lead to a younger user, or someone new to online gaming or the tricks of Internet scams, falling for the many messages of ‘free Microsoft points’ that happen from time to time. Make sure you tell everyone sharing your account to never give out the account details to anyone, online or on a website, Xbox LIVE Support will never ask you for your password - and never, ever via Xbox LIVE messages to ‘friends'.
Phishing Scams
These are quickly becoming the most common type of ‘scam’ - Phishing [pronounced fishing] is where one site clones or copies the look of an legitimate site hoping to trick people into using them and giving their account details away.
Phishing sites to do with Xbox are most commonly used for ‘Free Microsoft points’ or ‘Free Downloadable Content’ scams and are mainly sent via Xbox LIVE messages or emails - These sites can even look like the Official Xbox.com site - with the same logos, log-in boxes and layouts and they often say they will credit points to your account after you log in with your Xbox LIVE account.
However the address or URL needed to get there, is not the official www.xbox.com/ followed by the rest of the address - most use random site names hosted on free domains, and this should be your first clue as to something being wrong.
The second clue should be if the offer seems too good to be true, it is most of the time. This is not to say Microsoft has never given points away but these will be advertised on many sites, and on the official Xbox.com site.
Phishing is one of the hardest scams to stop, since not only do the sites ‘look’ official, but these messages or emails often come from someone on your friends list or appear to be directly from the real site but as already said, that friend maybe simply someone who has already fallen for the scam, and is the perpetrators are using that account to spread…
Giving your account details in exchange for ‘free’ items is a common cause of the many ‘My Account has been Hacked!!’ stories you often read about - but it’s important to remember they may not been ‘hacked’ just the person has fallen into an age old trap - being fooled into simply giving their account away.
More information on how to protect yourself and family from these types of scams is available here: http://www.microsoft.com/protect/yourself/phishing/default.mspx
Gamerscore Boosting Sites
You may also come across offers to increase your gamerscore or obtain items for games for a small fee or even for free, but this is yet another way to have a chance of losing your account.
To boost your gamerscore or get items like the Recon Armor in Halo3 - you have to allow someone else to use your account, so you will be asked to supply your Live ID and password..
This should start alarm bells ringing, but many players fall for it everyday. A lot of these sites also require a small fee - so not only do you have to give them your live ID and password, but you also pay for the honour of having your account stolen.
Avoid these sites.
Social Engineering
This is an age old trick used to obtain information via seemingly meaningless chit chat - so make sure you do not tell anyone any information that could be used to gain access to your account, for example, make sure you protect your real name / address the best you can, and never give anyone your account details.
This can be harder to stop - since people can gather information about you over many months.
This is a common way for people to try and get date of birth and address info from you - so keep all of your personal info on a need to know basis.
Official advice on how to secure your account here : http://www.xbox.com/en-US/live/accountsecurity.htm
For more information on how to protect your personal information, please review the information available at Microsoft.com available here: www.microsoft.com/protect/yourself/personal/windowsliveid.mspx.
This guide is only intended to be educational and warn people of the abundant scams and is not a ‘fool proof’ guide to stop it, as always use common sense when dealing with anything online.
You may also find you have your own way of securing your account, for example, some people prefer to not use the intended secret question and the matching answer, eg, ‘name of your first pet’ - answer ‘cod3 rules’ - this can secure your account further - since even if someone knew your pets - they may not guess you also love COD3 - just make sure you remember the answer!
A secure password is also important, and you should also change it regularly. Try to avoid using pets names / surnames or things that could be easily guessed, It's also important to use special characters in the password to make it stronger and also try to make it over 6 characters long.
For example:
‘Shadey’ is a bad password for many reasons and could be guessed.
Sh4d3y_i5_gr3at = more secure due to using ‘special’ characters and is alot harder to guess .
You can also download free 'password' generators - which will supply you with very strong passwords, should you not be able to think of one.
At the end of the day there are lessons to be learnt and taught by everyone in the Xbox Live community - so warn your friends if you see a scam doing the rounds.
There is also some proactive things you can do, make sure you use up to date anti-virus software and remember to use it regularly to scan your PC. Always remember to sign out of www.xbox.com if you use a PC and if you receive a message that you think is a scam from a real life friend - if you have other ways to contact them - speak to them and make sure they still have control of their account, since they may not be aware.
The people behind these scams think of new ways to trick people everyday - so the above should only be used as a guide, a starting point. Treat every message for an offer of ‘free’ items with skepticism.
Remember if you do fall for one of these scams, time is of the essence. Change your password etc. as soon as possible and failing that contact support. It might also be a good idea to contact people on Xbox LIVE you know [if you can] to warn them of what has happened since they may receive messages from your stolen account and so the cycle repeats.
This advice may be updated from time to time, so please check it regularly and also spread the word to your friends.
Contact Xbox Support by phone: 0800 587 1102 or +44 20 7365 9792
Hearing Impaired (TTY device): 0800 587 1103
Hours of operation:
Monday-Friday: 09:00-22:00
Saturday: 09:00-20:00
Sunday: 09:00-17:00
Thank you for taking the time to read this guide, and remember to be careful of scams.
Take care of yourself, and each other.
Shade360
This post is provided "as-is" and confers no rights or lefts.. Guidelines
|
|
|
|
|
