Feeds

Targeted phish frags XBox gamers

Microsoft warns Modern Warfare 2 players not to eat the 'subtle' phish

7 Elements of Radically Simple OS Migration

Updated Microsoft has warned users of Xbox Live to be wary of targeted phishing scams that attempt to hoodwink users into handing over their gamer tags and passwords.

Phishing, fake point generators that actually contain malware and various other forms of nastiness are nothing new in the world of online gaming. The latest scam differentiates itself because it is more carefully targeted and subtle than most such scams.

Gamers are induced to hand over their login credentials while playing the popular first-person shooter Modern Warfare 2 via "title specific messages", Microsoft warns via a status update on its Xbox Support Web site.

Users may receive potential phishing attempts via title specific messaging while playing Modern Warfare 2.

We are aware of the problem and are working to resolve the issue. We apologize for any inconvenience this may cause and thank you for your patience.

Microsoft can educate users about phishing perils and perhaps make attempts to filter out rogue messages but the primary responsibility to avoid such scams lies with users.

The scam appears to rely on a game mod that allows users to post chat messages onscreen that resemble those posted ingame by developers. These messages link to a phishing website that invite users to hand over their login credentials, as explained in a blog post by GFI Software's Chris Boyd here.

"Keep in mind that you should NEVER give out your login credentials ingame," he warns.

The XBox phishing alert comes against the backdrop of a far more serious compromise of the PlayStation Network, which resulted in the potential exposure of the personal data of 70 million users. Sony admits that credit card information may have been compromised by the hack attack, which has left its network offline for days. Sony said credit card data was encrypted. However the names, addresses, email addresses and dates of birth of gamers have been confirmed to have been exposed, which is bad enough on its own. ®

Build a business case: developing custom apps

More from The Register

next story
Nice computers don’t need to go to the toilet, says Barclays
Bad computers might ask if you are Sarah Connor
4K video on terrestrial TV? Not if the WRC shares frequencies to mobiles
Have your say with Ofcom now, before Freeview becomes Feeview
PEAK LANDFILL: Why tablet gloom is good news for Windows users
Sinofsky's hybrid strategy looks dafter than ever
YES, iPhones ARE getting slower with each new release of iOS
Old hardware doesn't get any faster with new software
You didn't get the MeMO? Asus Pad 7 Android tab is ... not bad
Really, er, stands out among cheapie 7-inchers
Apple winks at parents: C'mon, get your kid a tweaked Macbook Pro
Cheapest models given new processors, more RAM
VMware builds product executables on 50 Mac Minis
And goes to the Genius Bar for support
Leaked Windows Phone 8.1 Update specs tease details of Nokia's next mobes
New screen sizes, dual SIMs, voice over LTE, and more
Microsoft stands on shore as tablet-laden boat sails away
Brit buyers still not falling for Windows' charms
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?