How did they steal that xbox live account?
September 10, 2010 1:36 PM Subscribe
How are XBox 360 Live accounts stolen?
A number of people I know have had their xbox360 live accounts stolen. How does this happen? Are there known techniques for stealing accounts. I'm not asking for specifics, just an idea of how this happens. Is it social engineering? Or a known hack?
A number of people I know have had their xbox360 live accounts stolen. How does this happen? Are there known techniques for stealing accounts. I'm not asking for specifics, just an idea of how this happens. Is it social engineering? Or a known hack?
Best answer: Phishing yes, but I got mine stolen and I never entered my password into anything, for sure.
Here's how it was explained to me as the most likely way my account got stolen (Social Engineering basically):
- Douche finds my gamertag, it was in my sig on a forum, as many folks do.
- D calls customer service. D talks until the rep gives them a single additional piece of info about my account.
- D calls back and gets a different rep. Now he has two pieces of info and proceeds to try and glean a third. If any reps are too savvy to give any info, they just hang up and try again.
- D repeats until he has enough pieces to get a rep to reset the passord
- D then charges $150 of points to my account, downloads a bunch of crap and has a ball playing fairly bad live games. Deletes all my friends, changes gamertag and sets the account to private.
- D gets locked out roughly 10 hours later after I've woken up hoping to play some Skate and called MS.
It took a few weeks but I got my account back and money refunded. And, I got to keep the "wonderful" items he chose to download. Also, they provided me with a few points so I could pay for an account name change. Only real loss was the time without the account, and the fact that I could not change the tag back to the original one, it had to be new.
posted by utsutsu at 1:50 PM on September 10, 2010 [4 favorites]
Here's how it was explained to me as the most likely way my account got stolen (Social Engineering basically):
- Douche finds my gamertag, it was in my sig on a forum, as many folks do.
- D calls customer service. D talks until the rep gives them a single additional piece of info about my account.
- D calls back and gets a different rep. Now he has two pieces of info and proceeds to try and glean a third. If any reps are too savvy to give any info, they just hang up and try again.
- D repeats until he has enough pieces to get a rep to reset the passord
- D then charges $150 of points to my account, downloads a bunch of crap and has a ball playing fairly bad live games. Deletes all my friends, changes gamertag and sets the account to private.
- D gets locked out roughly 10 hours later after I've woken up hoping to play some Skate and called MS.
It took a few weeks but I got my account back and money refunded. And, I got to keep the "wonderful" items he chose to download. Also, they provided me with a few points so I could pay for an account name change. Only real loss was the time without the account, and the fact that I could not change the tag back to the original one, it had to be new.
posted by utsutsu at 1:50 PM on September 10, 2010 [4 favorites]
Generally you log into XBL using your Microsoft Live email and password. So your XBL account can get stolen the same way as an email account can get stolen - key loggers, phishing, social engineering...
posted by EndsOfInvention at 3:04 PM on September 10, 2010
posted by EndsOfInvention at 3:04 PM on September 10, 2010
This thread is closed to new comments.
posted by griphus at 1:39 PM on September 10, 2010