Support NeoGAF

[drakesfortune]

So I log in to XBL and I have this mail from a friend to go this website to redeem some free points, but when I do (stupidly) it sends that same mail to all my friends...somehow. I know because another friend got the mail from me and then I got it back from him after he tried to get the free points as well. I'm not sure how nefarious this is, but it's ingenious.

Sadly I got this message from you AkuMifune (you're on my friends list) and I stupidly went there too. It didn't even occur to me that someone on my friends list from GAF could have had their account hacked. I've gotten five million fishing scam emails over the years and never fell for one, but because it came from a friend and was on XBox live, my guard was completely down.

I was also using my 360 when I got signed out and a minute later I hear emails dinging in my inbox and lo and behold they had bought about $100 in MS Points which MS immediately refunded and locked my account. The good thing is that I use a different username/password on Live than I do anywhere else. Still, I killed that email address that was attached and changed my all of my passwords, which were already different, but I made them really tough to crack now.

So to anyone on my friends list, you probably got the same scam message from me that I received from others. Sorry! I hope nobody went there as result of my stupidity.

 

[Lyte Edge]

Sadly I fell for this too.

 

[Apharmd Battler]

I just sent out a message to someone on my list that sent it to me. I knew it was a trap from the start. So I plugged the URL into my browser to test sure and Norton 360 lit up my desktop like a Christmas tree. I sent sent a message back to my pal to warn him.

The old adage is true, if it looks to good to be true...chances are it is. And like the URL wasn't a dead giveaway!

I didn't enter any info, but I've noticed an increase in spam and junk mail in the past 24 hours . I even had crap in my inbox at work this morning so be VERY careful. Something tells me there's more to this than meets the eye. It's probably a Trojan or robot digging through your contacts, and such. so XBL theft is only the beginning. I'm going to see if Symantec has any info when I get home this evening.

 

[BobFromPikeCreek]

I got one from MMrasu. The site looks shady as fuck. How the hell did you guys fall for it?

 

[Coin Return]

I got one from MMrasu.

Me too

 

[Fun Factor]

How can people get away with this when steal your account?
MS does have all the scammers info, right? Can't they call the police or immediately ban them?

 

[cakefoo]

People claiming to have fallen for it are just being facetious, right?

Right?

 

[Apharmd Battler]

I got one from MMrasu. The site looks shady as fuck. How the hell did you guys fall for it?

We all got one from MMrasu, and he feels pretty bad about it. I knew this had to be a scam which is why I checked it out with Norton 360 running, so that I could quickly warn my pals. I think why peple ARE falling for it is that it's coming from someone on your "Friends List" and my pals send me stuff over XBL all the time, if you weren't thinking you could fall for this (i.e. why would you question a pal).

I'm more concerned what else this site could be doing, so I may contact Symantec tonight to see if there's any info out there or any recent updates I need to be wary of.

 

[water_wendi]

We all got one from MMrasu, and he feels pretty bad about it. I knew this had to be a scam which is why I checked it out with Norton 360 running, so that I could quickly warn my pals. I think why peple ARE falling for it is that it's coming from someone on your "Friends List" and my pals send me stuff over XBL all the time, if you weren't thinking you could fall for this (i.e. why would you question a pal).

This is also how a lot of virus infections happen also.

 

[Wario64]

I just sent out a message to someone on my list that sent it to me. I knew it was a trap from the start. So I plugged the URL into my browser to test sure and Norton 360 lit up my desktop like a Christmas tree. I sent sent a message back to my pal to warn him.

The old adage is true, if it looks to good to be true...chances are it is. And like the URL wasn't a dead giveaway!

I didn't enter any info, but I've noticed an increase in spam and junk mail in the past 24 hours . I even had crap in my inbox at work this morning so be VERY careful. Something tells me there's more to this than meets the eye. It's probably a Trojan or robot digging through your contacts, and such. so XBL theft is only the beginning. I'm going to see if Symantec has any info when I get home this evening.

Yeah, that's why I didn't want to click on the link. Even if you don't do anything, usually these sites can be harmful just visiting them

 

[AndresON777]

Me too

Me Three.

Good thing my console is in the living room and I'm too lazy to move

 

[drakesfortune]

This is also how a lot of virus infections happen also.

True, but I've never seen anything like it on xBox live or PSN, which is why my guard was down. I'd have been very suspicious of it if it had come via email. Lesson learned.

 

[The Faceless Master]

Here is the message i got on xbox:



Click on the link, look how shoddy it is. DO NOT SIGN UP.

:lol :lol :lol

that looks better than the site they were using last year though...

this kind of stuff has been going on for a while, got something similar last year, and knew it was a scam, but i went to the site anyway just for laughs, and it looked terrible, even worse than this one.

 

[poppabk]

I don't understand how the end of this scam is supposed to play out. They have your account - they charge your card for points - then.... ?

 

[drakesfortune]

I don't understand how the end of this scam is supposed to play out. They have your account - they charge your card for points - then.... ?

I don't get it either. Are they able to gift them away to another account? They can't access your credit card info, they can only buy points and live memberships. The CC info is still secure.

 

[Kill Your Masters]

I don't understand how the end of this scam is supposed to play out. They have your account - they charge your card for points - then.... ?

Purchase content from XBL and Zune. If they download the XBL content on their own console they can use it with any other Gamertag.

But that's pretty much it.

 

[Burai]

Purchase content from XBL and Zune. If they download the XBL content on their own console they can use it with any other Gamertag.

But that's pretty much it.

Basically. You give them free stuff on their console. Should their console die or get banhammered, they just steal another account to repurchase the licences.

 

[drakesfortune]

Purchase content from XBL and Zune. If they download the XBL content on their own console they can use it with any other Gamertag.

But that's pretty much it.

Wouldn't it be easy for Microsoft to trace that back to the person doing the scam? And this is also why my guard was down. I though points weren't transferable, so hacking into someone's account seems to be pretty pointless. Why bother? If there's a way they can hide their IP and console info after the hack, then I suppose it might be worth it, but it wouldn't be long before you had everything live has to offer. Again, going to these lengths seems like an enormous waste of time. That's why I went and changed all of my usernames, passwords, and email address info on every account I have ever had online. If you use that same username/password/email on other sites (which no two of mine matched, but to be abundantly cautious I changed all of them from having any info that matched), they could use that info to do some real damage.

 

[Flyguy]

I don't understand how the end of this scam is supposed to play out. They have your account - they charge your card for points - then.... ?

They buy 100,000 copies of Shrek-n-Roll. Truly nefarious.

 

[Daigoro]

Sadly I got this message from you AkuMifune (you're on my friends list) and I stupidly went there too. It didn't even occur to me that someone on my friends list from GAF could have had their account hacked. I've gotten five million fishing scam emails over the years and never fell for one, but because it came from a friend and was on XBox live, my guard was completely down.

I was also using my 360 when I got signed out and a minute later I hear emails dinging in my inbox and lo and behold they had bought about $100 in MS Points which MS immediately refunded and locked my account. The good thing is that I use a different username/password on Live than I do anywhere else. Still, I killed that email address that was attached and changed my all of my passwords, which were already different, but I made them really tough to crack now.

So to anyone on my friends list, you probably got the same scam message from me that I received from others. Sorry! I hope nobody went there as result of my stupidity.

this, exactly. ive never fallen for a scam like this either. but this morning while making my morning coffee i fired up the xbox and got this message from a friend, and really wasnt paying attention to what the hell i was doing when i logged in on that damn website.

question though: Microsoft refunded your money immediatly? because by the time i got them to figure out what my problem was, the charges were already pending on my accunt, and Microsoft said that they would refund the money when my account had been reactivated.

i talked to my bank and im all covered, but MS seemed like they wanted no part of stopping the charges from going through before i was refunded.

 

[Ikuu]

:lol

Really, some dodgy websites asks for your details and you don't even think, regardless of who sent you the message in the first place.

 

[drakesfortune]

this, exactly. ive never fallen for a scam like this either. but this morning while making my morning coffee i fired up the xbox and got this message from a friend, and really wasnt paying attention to what the hell i was doing when i logged in on that damn website.

question though: Microsoft refunded your money immediatly? because by the time i got them to figure out what my problem was, the charges were already pending on my accunt, and Microsoft said that they would refund the money when my account had been reactivated.

i talked to my bank and im all covered, but MS seemed like they wanted no part of stopping the charges from going through before i was refunded.

I didn't press them on it. He just said they'd reverse the charges, I didn't even have to ask. Maybe they didn't do it immediately, but they immediately told me they'd be reversed, no questions asked. I'm not worried about that part. Your credit card company will have your back on this one, even if Microsoft didn't. But again, I'm not worried, Microsoft isn't going to leave us sitting out here holding an empty bag of space bucks. That'd be bad PR to say the least, and further your credit card company would immediately refund the money if Microsoft tried anything and then go after Microsoft, which Microsoft would lose in the end.

 

[Kill Your Masters]

Wouldn't it be easy for Microsoft to trace that back to the person doing the scam?

Sure thing, you can even do a little tracing yourself, if anyone used your GT and purchased content on his console, his console ID will show up here:

http://www.xbox.com/en-US/support/systemuse/xbox360/licensemigration/

And also in the purchase history.

Edit: Thinking about it a bit, the bad news is, they can do it themselves, and just tie all of your content to their console.

 

[cakefoo]

The mastermind?

 

[drakesfortune]

The mastermind?

Haha oh God, I hope so. I really do.

 

[jonnybryce]

Guys, seriously! This is internet fucking 101. Do not fall for shit like this.

Seriously. Doesn't matter who it's from or what outlet you receive it, if it sounds too good to be true, it is. The website looks like it was made by a 15 year old, come on.

 

[drakesfortune]

Sure thing, you can even do a little tracing yourself, if anyone used your GT and purchased content on his console, his console ID will show up here:

http://www.xbox.com/en-US/support/systemuse/xbox360/licensemigration/

Yeah, I'm locked out of my account right now. They had my account frozen within about 5 minutes of me being logged off of xbox live, so hopefully the damage was minimal. They said it should all be back to normal on Monday or Tuesday. :lol I had just redeemed a 1600 point code from Amazon, so here's to hoping they get it all straightened out properly on their own. I have a feeling I'll have to do another phone call to get it perfectly worked out though.

Seriously. Doesn't matter who it's from or what outlet you receive it, if it sounds too good to be true, it is. The website looks like it was made by a 15 year old, come on.

I know, I know. I feel like a tool. Though the website looked better than that when I went to it. It didn't have the sign in overlapping the xbox logo, and my adblocker blocked the banner ad. Plus I was thinking this was just another one of those Coke type deals. I thought some company was doing a promotion with Microsoft. I should have known better, the mistake will not happen again, I'm a fool. All true.

 

[Daigoro]

Yeah, I'm locked out of my account right now. They had my account frozen within about 5 minutes of me being logged off of xbox live, so hopefully the damage was minimal. They said it should all be back to normal on Monday or Tuesday. :lol I had just redeemed a 1600 point code from Amazon, so here's to hoping they get it all straightened out properly on their own. I have a feeling I'll have to do another phone call to get it perfectly worked out though.

hm. sounds like we are getting different info.

i got the 1 week to 1 month line as a time frame for my account to be back in order.

sigh.

 

[drakesfortune]

hm. sounds like we are getting different info.

i got the 1 week to 1 month line as a time frame for my account to be back in order.

sigh.

1 week I can deal with, 1 month would really suck. It's my fault though, so I have nobody to blame but me.

 

[Daigoro]

1 week I can deal with, 1 month would really suck. It's my fault though, so I have nobody to blame but me.

yeah.

 

[Harteex]

When logging in to things with your xbox live account you should always make sure that you login through login.live.com. To be completely sure, always login through the https version.

 

[McBacon]

Sure thing, you can even do a little tracing yourself, if anyone used your GT and purchased content on his console, his console ID will show up here:

http://www.xbox.com/en-US/support/systemuse/xbox360/licensemigration/

And also in the purchase history.

Edit: Thinking about it a bit, the bad news is, they can do it themselves, and just tie all of your content to their console.

When I saw that I had game licenses on 5 different Xboxes I thought something was up.

Then I remembered the Xbox 360 is a horribly made product

 

[whitehawk]

I remember someone posted in a thread with a stupod op to post his account info like this so it will do something (forget what is was)

/special feature ACC[whitehawk]PW[tastypoo]

Then he did it, and people were signing in his account and it was the same password for his photobucket account :lol

 

[See]

I don't have any friends, so I'm sweet

 

[w2000]

good thing i looked here cause i just got a message from lyte edge lol.

 

[EmCeeGramr]

hmm just gonna post here

<link><embedhax>nukerboyX password stealer v.0.7<text>CLICK HERE FOR CHEET CODEZ</stuff></embedhax></a>


heheheheheh my plan is flawless

 

[EmCeeGramr]

("You have 200 GAF passwords")

Wait really they fell for that?

 

[AquaticSquirrel]

What the fuck guys, haha I can't believe this shit. You guys actually fell for this? I mean seriously? How?? How is that possible?

There are not enough lols in the world, and you only have yourselves to blame. For the hell of it I'll add one lol smiley for irony. :lol

 

[cluto]

Beware you're own stupidity.

 

[Mr. Enigma]

I can't believe this many people would:

a) fall for this
b) admit to falling for it

Why would you trust a site with "100freemb" in its URL?

 

[Archie]

hmm just gonna post here

<link><embedhax>nukerboyX password stealer v.0.7<text>CLICK HERE FOR CHEET CODEZ</stuff></embedhax></a>


heheheheheh my plan is flawless

*clicks*

Where are the cheat codes?

 

[EmCeeGramr]

Beware you're own stupidity.

Good advice!

 

[Creamium]

Sadly I got this message from you AkuMifune (you're on my friends list) and I stupidly went there too. It didn't even occur to me that someone on my friends list from GAF could have had their account hacked. I've gotten five million fishing scam emails over the years and never fell for one, but because it came from a friend and was on XBox live, my guard was completely down.

I was also using my 360 when I got signed out and a minute later I hear emails dinging in my inbox and lo and behold they had bought about $100 in MS Points which MS immediately refunded and locked my account. The good thing is that I use a different username/password on Live than I do anywhere else. Still, I killed that email address that was attached and changed my all of my passwords, which were already different, but I made them really tough to crack now.

So to anyone on my friends list, you probably got the same scam message from me that I received from others. Sorry! I hope nobody went there as result of my stupidity.

god, this. I've always been very cautious about viruses, spam and the like on my pc, never clicked anything and this, THIS of all things is what does me in.

I wasn't aware these things could even spread on Live, so I wasn't even wary of Mmarsu's message when I got it. Thing is, the guy sends a lot of M2AF stuff, so I was stupid enough to think it was really his own msg and click that link. Unbelievable. I pretty much deserved to be hacked.

Called MS, they blocked my account. The problem I have right now is getting it back. I can't get control over the address I use on Live. The pass has been changed and i made that account so long ago (10 years maybe) that not even the secret question could save me. I mailed Live ID support, I reaaally hope they can help me get that address back.

Is there any way MS can tie my account into a different address? Right now I fear my account may be lost forever.

 

[Ding]

True, but I've never seen anything like it on xBox live or PSN, which is why my guard was down. I'd have been very suspicious of it if it had come via email. Lesson learned.

Even ignoring the possibility that your friend's account had been hacked, surely you have to recognize the possibility that someone on your friend's list could be a gullible idiot who's dispensing laughably bad advice? Heck, if anybody on my list sent me such a transparent scam, I'd roll my eyes so hard that I'd get a cramp. And all five of the people on my list are actual friends of mine in real life. (Well, okay. One is my wife. I'm not as fond of her.) I still wouldn't trust them as far as I could throw them on something like this.

 

[TouchMyBox]

If you are smart enough to sign up for a NeoGAF account (you have to be proficient at typing your own email address), you're smart enough to not fall for this. I call shenanigans.

 

[Meier]

I got the message from Aku and was like hmm... this seems a little sketchy sounding. First look at the page and it was evident it was sketchy.

 

[Mamesj]

Look out for Lyte Edge as well

 

[Dot50Cal]

 

[clashfan]

Everyone needs to remove their credit card from their xbl account.

 

[robot]

Lyte Edge almost got me :lol