Microsoft Refunds Money Lost in Xbox Live Phishing Scam, Promises Better Customer Service

makingmusic476 said:

kain_kusanagi said:
So let me get this straight. Some idiot fell of a scam and Microsoft is cleaning up the mess for her? It's nice to know Microsoft has the same policy about fraud as Capital One. They fix it, you get your money back, and all is safe and right in the world.

If I was Microsoft I'd ban her for being stupid and warn people not to fall for phishing scams. Yeah, it was nice of Microsoft and all, but I have little sympathy for the "victim", who probably gave up her login info thinking she'd get something for free.

Too be fair, this was happening to a large number of people over a period of several months, and it was taking Microsoft some time before it started taking the issue seriously. For the first few months, people that were reporting their accounts had been stolen were having trouble getting their accounts locked and their money refunded through Microsoft.

And it's not clear that it's a phishing attempt. There's been much speculation that the passwords were obtained via other means (for awhile EA accounts were the primary suspects, but I think that's since been ruled out) and then matched with Xbox Live accounts that used the same username/password. The number of cases on a forum like neogaf alone implies this is no simple phishing scam. Here are four threads full of people that had their accounts stolen:

http://www.neogaf.com/forum/showthread.php?t=442986
http://www.neogaf.com/forum/showthread.php?t=449608
http://www.neogaf.com/forum/showthread.php?t=451055
http://www.neogaf.com/forum/showthread.php?t=457942 - This thread specifically discusses the sale of stolen accounts on foreign websites.

Even the first link in the Kotaku article discusses the potential gravity of the scam:

http://kotaku.com/5873604/is-microsofts-xbox-live-hacking-problem-worse-than-microsoft-realises
http://kotaku.com/5850126/fifa+loving-hackers-strike-xbox-live-accounts

Well, that is not a lot of people when there are millions of people on Xbox Live. It may not be a phishing attempt, but more than likely, some of them are. There are also many other ways to get people's account information. A lot of people, unfortunately. use the same information for all their accounts, visit sites that are unsafe, install third party programs that contain keyloggers and such, etc... Various sites that are usually safe to visit may have been unknowning compromised as well. I know this site has issues. I've gotten some suspicious pop-ups come up when visiting VgChartz. I have various malware and anti-virus programs that I run regularly, just to be safe. There could also be more instances, or this could also be blown out of proportion due to speculation.

Reading a few of those threads, some of their accounts were blocked due to suspicious activity pretty quickly. The fraudulent charges should have been reported to their banks/credit card companies right away. They would handle it. The user is responsible for doing this, and they would have gotten all their money returned to them.

Existing User Log In

New User Registration

Microsoft - Microsoft Refunds Money Lost in Xbox Live Phishing Scam, Promises Better Customer Service - View Post

Recent Badges:

Currently Playing: