Microsoft Xbox Live members are the newest group being targeted by a sophisticated phishing attack. The Wisconsin Better Business Bureau urges gamers to exercise caution when "leveling up" to new unsolicited emails.
Reports indicate that Xbox Live members are receiving emails directing them to fraudulent look-alike websites where they are instructed to enter their account information to allegedly collect "free" Microsoft points. However, once the personal information is entered, scammers have access to credit card details linked to members' accounts. Perpetrators then proceed to draw small amounts from accounts over several weeks to remain undetected. Details reveal that thousands of gamers lost roughly $150 each before the scam was discovered.
BBB recommends the following tips for gaming safely:
Look out for "free." Be wary of deals that seem too good to be true. Microsoft rarely gives away points for free.
Password strength is key. Utilize complex passwords that combine letters, numbers and symbols. Never use common passwords like "password;" and avoid simple number sequences like "1122."
Login information is private. Legitimate companies—including Microsoft—will not make unsolicited requests for account information via email or phone; only log in using dependable browsers and gaming consoles.
Understand "trusted" sites. Only utilize official gaming websites for account management tools; make sure to navigate to legitimate company websites through reliable channels.
Study the bill. Examine monthly billing statements carefully and look for any inaccuracies or mysterious charges. Report strange fees to the bank or credit issuer and company responsible.
Microsoft insists that Xbox Live has not been hacked, but confirms that many of its members have been victims of this scam and advises customers to visit xbox.com/security to report compromised accounts. For other online consumer tips, visit bbb.org.