Microsoft security blamed for Xbox Live hacks
Helpdesk employees fooled into resetting passwords
Slack security at the Microsoft support helpdesk has been blamed for a spate of cases where Xbox Live customers have had their accounts taken over by hackers. The unlucky gamers are allegedly being defrauded by crooks who like to buy Microsoft Points with other people's credit cards.
Yesterday we reported that an Xbox Live clan called Infamous was going as far as to list the accounts it has stolen on its own website, while also giving the reasons why.
In response to the media attention, the 'Infamous' clan has revealed details of how it manages to steal "at least 10 accounts" every single day. It says it uses a technique known as 'social engineering' to slowly gather as much information about a user as possible.
"Now you may be wondering how we get your information? Its easy, you call 18004myxbox, pretend to be that person, make up a story about how your little brother put in the information on the account and it was all fake, blah blah blah," says the clan on its website.
Little by little
"You might get one little piece of information per call but then you keep calling and keep calling every time getting a little bit more information every time.
"Once you have enough information you can get the password on the Windows Live ID reset, they may tell you they can't, but it's bulls**t. People at Bungie CAN and WILL reset your password."
Meanwhile, Microsoft has denied all reports that users have had their accounts hijacked by hackers. The Redmond company said it has seen no evidence that the security of the Xbox Live service had been compromised.
Get daily insight, inspiration and deals in your inbox
Sign up for breaking news, reviews, opinion, top tech deals, and more.
"There have been a few isolated incidents where malicious users have been attempting to draw personal information from unsuspecting users and use it to gain access to their Live account.
"We think this is a good time to remind our members that they should never give out any of their personal information."
James was part of the TechRadar editorial team for eight years up until 2015 and now works in a senior position for TR's parent company Future. An experienced Content Director with a demonstrated history of working in the media production industry. Skilled in Search Engine Optimization (SEO), E-commerce Optimization, Journalism, Digital Marketing, and Social Media. James can do it all.