Feeds

Targeted phish frags XBox gamers

Microsoft warns Modern Warfare 2 players not to eat the 'subtle' phish

Choosing a cloud hosting partner with confidence

Updated Microsoft has warned users of Xbox Live to be wary of targeted phishing scams that attempt to hoodwink users into handing over their gamer tags and passwords.

Phishing, fake point generators that actually contain malware and various other forms of nastiness are nothing new in the world of online gaming. The latest scam differentiates itself because it is more carefully targeted and subtle than most such scams.

Gamers are induced to hand over their login credentials while playing the popular first-person shooter Modern Warfare 2 via "title specific messages", Microsoft warns via a status update on its Xbox Support Web site.

Users may receive potential phishing attempts via title specific messaging while playing Modern Warfare 2.

We are aware of the problem and are working to resolve the issue. We apologize for any inconvenience this may cause and thank you for your patience.

Microsoft can educate users about phishing perils and perhaps make attempts to filter out rogue messages but the primary responsibility to avoid such scams lies with users.

The scam appears to rely on a game mod that allows users to post chat messages onscreen that resemble those posted ingame by developers. These messages link to a phishing website that invite users to hand over their login credentials, as explained in a blog post by GFI Software's Chris Boyd here.

"Keep in mind that you should NEVER give out your login credentials ingame," he warns.

The XBox phishing alert comes against the backdrop of a far more serious compromise of the PlayStation Network, which resulted in the potential exposure of the personal data of 70 million users. Sony admits that credit card information may have been compromised by the hack attack, which has left its network offline for days. Sony said credit card data was encrypted. However the names, addresses, email addresses and dates of birth of gamers have been confirmed to have been exposed, which is bad enough on its own. ®

Beginner's guide to SSL certificates

More from The Register

next story
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Don't wait for that big iPad, order a NEXUS 9 instead, industry little bird says
Google said to debut next big slab, Android L ahead of Apple event
Xperia Z3: Crikey, Sony – ANOTHER flagship phondleslab?
The Fourth Amendment... and it IS better
Microsoft to enter the STRUGGLE of the HUMAN WRIST
It's not just a thumb war, it's total digit war
Netscape Navigator - the browser that started it all - turns 20
It was 20 years ago today, Marc Andreeesen taught the band to play
A drone of one's own: Reg buyers' guide for UAV fanciers
Hardware: Check. Software: Huh? Licence: Licence...?
The Apple launch AS IT HAPPENED: Totally SERIOUS coverage, not for haters
Fandroids, Windows Phone fringe-oids – you wouldn't understand
Apple SILENCES Bose, YANKS headphones from stores
The, er, Beats go on after noise-cancelling spat
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.