I wish Xbox LIve would stop allowing CREDIT CARD FRAUD on their servers

    • Level   1

    I use Microsoft's Xbox live service, and have been using this service for well over seven years. I am currently twenty years old and work a minimum wage job. Being a loyal customer to Microsoft, I have spent well over 7,000 USD in the past seven years to Microsoft and their partner companies. July 30th my Xbox live account was "hijacked" by an unauthorized user. This user committed credit card fraud upon my banking account linked to my Xbox Live account. This user authorized a payment of 75 USD to my xbox account that I no longer have control of. Immediately receiving a notification of this transaction that I did NOT authorize, nor commit, I contacted Microsoft immediately to solve the problem. In short, a microsoft representative told me that my account was locked from billing (meaning it cannot authorize purchases) and locked from xbox live (meaning it could not sign into Microsoft's servers for use). I accepted these terms and was told I would receive a full refund of the amount stated and a full free month of xbox live gold subscription would be given to me for damages. I was told that this process would take "7 days at the most" and the problem would be solved. I have contacted Microsoft Xbox customer support almost daily and weekly since then and I receive the statement that it would take longer, and longer, and then longer each time when I placed the call and when the original date of satisfaction was given. The last date I was given as a recovery date was August 23rd, 2011. On this date I had not received email confirmation, nor a phone call from microsoft. I decided to call them for the Nth time. I went through the process of explaining my situation to the Nth representative for a Nth time. After asking how the status of my case was, I was told "Our technical team is currently still investigating this case." How can a multi-billion dollar company with the name of Microsoft take this long to finish an "investigation"? This is unacceptable for a company of this status to be keeping my hard earned money while they "investigate" for an unreasonable amount of time. I do not believe Microsoft treats Credit Card FRAUD over their OWN servers with utmost discipline. I have personally researched these types of cases over the internet and I am APPALLED that cases like this are not being handled like a company should handle them! I have read that an average of 4,000 users (out of the many million) have their accounts hacked and charged fraudulently for the highest amount , being 75 USD, on a WEEKLY BASIS! These numbers are staggering because that is 300,000 USD weekly, including the entire time that a case takes to "investigate". That is well over 1 million USD that microsoft "holds on to" during the time being of all of these "investigations"! I use quotations on investigations because I KNOW that microsoft can simply, and easily, change the credentials on their very own server from the fraudulent and unauthorized user, to the appropriate buyer and subscriber. They state that these "investigations" are to "identify the fraudulent user and to punish them deservedly." "Punish them deservedly"? If they were exacting punishment, I would be receiving a summons to court along with Microsoft to "punish" the fraudulent user with the use of the law, not "Investigating" the case while they hold my money for this long and the unauthorized user is still accessing my gaming account! That's right! With microsoft's own Xbox.com I can simply enter the gamertag that was accessed ILLEGALLY and see that my gamerscore (This is a system used on xbox live to track gaming accomplishments and achievements and does so in a numerical value) has risen since my account was take. Not only do I call microsoft daily, but I also check my gamerscore daily and can clearly see that it has gone up since the illegal access. Every time I ask a representative if my account was locked (from using the xbox live service and therefore unable to increase my gamerscore) they reply "Oh, I am sorry it seems it was not locked previously. I will do that for you now." Obviously they are not "locking" the account. I have seen my gamerscore rise 180-200 points than when it was originally in my control. Non-gamers would think this is a good thing. It is NOT! Being on my account illegally, this user is playing with my identity (has deleted all of my friends from my friends list), and is playing the games that *I* payed for, not the fraudulent user! This situation is obviously not being handled the way it should be and needs to be settled immediately. I also asked for them to send me the times and recordings of all of my calls to their representatives for the possibility of a lawsuit against Microsoft, and they replied "No". I am NOT recieving the service I am PAYING for. I am NOT being refunded the FRAUDULENT money charge. I AM having my IDENTITY played with, literally. (Identity theft). I am not being treated like a customer should be for having spent so much time(7 years), effort, and money (well over 7,000 USD)that has been dedicated to a company. Microsoft is NOT treating the situation like it should be with all seriousness. I have constantly been given the runaround on this situation. Microsoft continues to hold my money on the basis that they are "investigating". A multibillion dollar company keeping a 20 year old's minimum-wage when he has bills to pay is outrageous. 75 USD to me is alot and is what I work hard for. 75 USD to Microsoft is a drop in the ocean, but when you add all of the other cases similar to mine up to well over 1 million USD, something is obviously not right.

    • Level   5

    How exactly do Microsoft stop it?

    <p>

    From the brief read of your thread, you got phished, and someone gained access to your account, spent money, etc. There is litterally nothing Microsoft did wrong. Your password, or security questions were obviously far to easy to get through

    </p>

    The situation with suport is a different matter. Its pretty bad they havn't returned your funds yet. But then im sure they have procedures they have to go through to investigate things, before they refund money.

    <p>

    Have you tried to regain control of your email account? try the security questiosn again, and then change your password, and security questions, at least that will stop it happening again.

    -------- [sn]
    • Level   7

    So you freely gave someone your account details and when they stole your account and used your credit card you blame microsoft. You should keep your account details a secret and not get phished.

    FireFighter.

    First Responder.

    EMT

    http://www.youtube.com/watch?v=mMbXnSwAQWQ

    • Level   1

    You are both wrong unfortunately. Sorry to put it bluntly but I do not fall for phishing schemes as many other people do, nor do I recover my gamertag anywhere ( i take it with me on usb), nor do I use any service on the internet itself that asks for my windows lived ID, except for this account that I could care less for. I do not reveal my passwords to anyone, nor do I save my passwords anywhere for cookie hacking and such.  Unfortunately I still do not have my account... I have been through MANY loopholes on this matter and to no success. I wish there was a way that we could start a subpoena list so that an attorney would be willing to take a class action suit against microsoft for these happenings..... SnailUK: thank you for trying to be helpful but I have tried everything that you suggested and much more. Covert affairs: You sir, need to realize that just because you're account isn't hacked or hasnt been, that not everyone falls for phishing schemes. There are security compromises on every server and the matter at hand is a likely a prime subject of one. Dont jump to the gun and blurt out that i was phished.

    • Level   8

    Phishing is just one way an account can be compromised.

     

    There are a limited number of ways anyone can gain access to your account:

    -you give out your personal information including e-mail and password (this is most commonly associated with people trying to obtain an illigitimate rank in a game without actually earning it)

    -you are phished (this is common amongst the free ms points/generators that you see offered around the internet)

    -you are socially engineered (this happens when a player engages another in seemingly senseless chit chat about their lives, but turns out to be a 20 question
    session trying to gain your personal information so they can steal your account)

    -you use an unsecure PC (typically you will want to have your encryption turned on if using wireless and be running a good anti-virus, anti-spyware, anti-
    malware program as well)

    -you use the same e-mail address and password for your XBL account that you use for other websites/services (for maximum security you should be using an
    e-mail address and password just for XBL that you do not use anywhere else)

    -you thought it would be a good idea if your friends/family knew your log in information (you know, in case they want to play)

    In addtition to the above the following are ways someone can get a hold of your credit/debit information:

    -if you don't shred your mail (bank/credit statements) before you bin them.

    -if you shop online using an unsecure PC.

    -an online website that you use has been compromised, such as the Sony website.

    -your bank/credit institution security is compromised (happened a few years ago to several banks)

    • Level   5

    ^ What this person sayed.

    • Level   3

    There is a 99.9999999% chance that this is your fault.  I'm sure you'll swear up and down it's not and MS is to blame, but mistakes happen.  Deal with it, let MS do their thing, and move on.

    • Level   1

    I was on MSN messenger(which I rarely am, on the computer) and I noticed I had an invite for an MSN group. I clicked accept wondering what it was and looked to see if anyone I knew was in it. I desided I didn't know anyone in the MSN group I looked for a way to remove myself from it, afew minutes passed and I found how to remove myself. about 10 minutes after that I got a messenger email notification saying I was spending money on Xbox live points.

    Shocked I quickly tried to find the change password option for my msn account, I got the password changed and got on the phone with xbox. The nice lady took my info, listened to what happend etc. I chose to do the investigation and she told me it'd take 7 to 30 days, which is fine with me IF they are acctually looking into it. It's kinda obvious it wasn't me because I don't play PC games(only computer we have is a family one in the living room) and the guy spent the points on two PC games.

    I'm only a little over a week into the investigation so I hopfully don't have long to wait. But my reason for posting here after reading the responces you all posted is; is it my fault? I dont think so, like the OP I don't fall for those phising emails. Also I don't even talk on xbox live, I don't give my info out to anyone etc. Is it my fault?

    • Level   8

    Rolach

    I was on MSN messenger(which I rarely am, on the computer) and I noticed I had an invite for an MSN group. I clicked accept wondering what it was and looked to see if anyone I knew was in it. I desided I didn't know anyone in the MSN group I looked for a way to remove myself from it, afew minutes passed and I found how to remove myself. about 10 minutes after that I got a messenger email notification saying I was spending money on Xbox live points.

    Shocked I quickly tried to find the change password option for my msn account, I got the password changed and got on the phone with xbox. The nice lady took my info, listened to what happend etc. I chose to do the investigation and she told me it'd take 7 to 30 days, which is fine with me IF they are acctually looking into it. It's kinda obvious it wasn't me because I don't play PC games(only computer we have is a family one in the living room) and the guy spent the points on two PC games.

    I'm only a little over a week into the investigation so I hopfully don't have long to wait. But my reason for posting here after reading the responces you all posted is; is it my fault? I dont think so, like the OP I don't fall for those phising emails. Also I don't even talk on xbox live, I don't give my info out to anyone etc. Is it my fault?

     

    The red portion above indicates that it was indeed your fault. Never accept random invites from people you do not know. Same with e-mails, if you get an e-mail from someone you don't know, would you be so quick to click the attachment that came along with it (a virus no doubt)?

     

    Anyway all you can do now is be patient until the investigation is complete.

    • Level   2

    I'd like to make an intelligent comment on this, but I stopped reading at about 10% through.

    ****** SAVES! Everyone else takes 2D6 damage. [I got censored.]

    • Level   2

    If you were in some kind of chat room on the internet, hosted by MSN or not, how is it their fault? Sounds like you should have called your credit card company. They would be the ones to determine where the card was being used from and would give your money back once they confirmed the fraudulence of the situation. You may have, but your post was way too long to read all the way through...