Feeds

Targeted phish frags XBox gamers

Microsoft warns Modern Warfare 2 players not to eat the 'subtle' phish

Business security measures using SSL

Updated Microsoft has warned users of Xbox Live to be wary of targeted phishing scams that attempt to hoodwink users into handing over their gamer tags and passwords.

Phishing, fake point generators that actually contain malware and various other forms of nastiness are nothing new in the world of online gaming. The latest scam differentiates itself because it is more carefully targeted and subtle than most such scams.

Gamers are induced to hand over their login credentials while playing the popular first-person shooter Modern Warfare 2 via "title specific messages", Microsoft warns via a status update on its Xbox Support Web site.

Users may receive potential phishing attempts via title specific messaging while playing Modern Warfare 2.

We are aware of the problem and are working to resolve the issue. We apologize for any inconvenience this may cause and thank you for your patience.

Microsoft can educate users about phishing perils and perhaps make attempts to filter out rogue messages but the primary responsibility to avoid such scams lies with users.

The scam appears to rely on a game mod that allows users to post chat messages onscreen that resemble those posted ingame by developers. These messages link to a phishing website that invite users to hand over their login credentials, as explained in a blog post by GFI Software's Chris Boyd here.

"Keep in mind that you should NEVER give out your login credentials ingame," he warns.

The XBox phishing alert comes against the backdrop of a far more serious compromise of the PlayStation Network, which resulted in the potential exposure of the personal data of 70 million users. Sony admits that credit card information may have been compromised by the hack attack, which has left its network offline for days. Sony said credit card data was encrypted. However the names, addresses, email addresses and dates of birth of gamers have been confirmed to have been exposed, which is bad enough on its own. ®

New hybrid storage solutions

More from The Register

next story
4K-ing excellent TV is on its way ... in its own sweet time, natch
For decades Hollywood actually binned its 4K files. Doh!
Oi, Tim Cook. Apple Watch. I DARE you to tell me, IN PERSON, that it's secure
State attorney demands Apple CEO bows the knee to him
Apple's big bang: iPhone 6, ANOTHER iPhone 6 Plus and WATCH OUT
Let's >sigh< see what Cupertino has been up to for the past year
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Get your Indian Landfill Android One handsets - they're only SIXTY QUID
Cheap and deafening mobes for the subcontinental masses
Apple's SNEAKY plan: COPY ANDROID. Hello iPhone 6, Watch
Sizes, prices and all – but not for the wrist-o-puter
A SCORCHIO fatboy SSD: Samsung SSD850 PRO 3D V-NAND
4Gb/s speeds on a consumer drive, anyone?
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.