Grrrr! Someone stole my XBL gamertag

Jun 6, 2004
11,601
18
1,610
#1
Got home from work checking my email and my phone rings with a private number, which is odd. Some guy on the phone says he just bought my XBL gamertag and wanted to make sure it was ok.

He then goes on to be sad that I never sold it or had any intentions to sell it. How he spent $300 on it and how I'm a dick if I recover it. Tries to tell me he just wants the gamertag because it is 'awesome' and he was nice enough to create a new account for me. He says he wants to play some games with it, because the name is cool, and he just bought a gears of war xbox and was going to go play. I tell him it is against ToS to buy gamer tags and that his console will be banned. He asks how I know this, and I tell him I worked on Xbox (which is true), I was in the revolt beta. At that point I get an email that someone has bought 400 points and the guy hangs up.

This is where the guy is stupid. I get into my windows live id profile and there is an additional email associated to my Windows Live ID. So I copy that down, remove it, and change my password.

I sent a tweet about getting hacked, and it helps that thevowel (Director of Architecture, Xbox LIVE Operations) follows me, who had me email him with my data to pass it on to the security team.

In the meantime I called support who locked my account so they couldn't buy anything. I was told it would take three to five days to investigate and resolve.

Support was very helpful, but so frustrating. This is the 2nd time in six months that my account has been compromised. I wish Microsoft had additional confirmations when details on your account is changed. Google and Facebook do a good job, if you change major details it needs an additional contact form, typically a text message with an alpha number code.

Hopefully it all gets resolved. So pissed.
 
May 23, 2010
7,606
0
0
#6
element said:
Got home from work checking my email and my phone rings with a private number, which is odd. Some guy on the phone says he just bought my XBL gamertag and wanted to make sure it was ok.

He then goes on to be sad that I never sold it or had any intentions to sell it. How he spent $300 on it and how I'm a dick if I recover it. Tries to tell me he just wants the gamertag because it is 'awesome' and he was nice enough to create a new account for me. He says he wants to play some games with it, because the name is cool, and he just bought a gears of war xbox and was going to go play. I tell him it is against ToS to buy gamer tags and that his console will be banned. He asks how I know this, and I tell him I worked on Xbox (which is true), I was in the revolt beta. At that point I get an email that someone has bought 400 points and the guy hangs up.

This is where the guy is stupid. I get into my windows live id profile and there is an additional email associated to my Windows Live ID. So I copy that down, remove it, and change my password.

I sent a tweet about getting hacked, and it helps that thevowel (Director of Architecture, Xbox LIVE Operations) follows me, who had me email him with my data to pass it on to the security team.

In the meantime I called support who locked my account so they couldn't buy anything. I was told it would take three to five days to investigate and resolve.

Support was very helpful, but so frustrating. This is the 2nd time in six months that my account has been compromised. I wish Microsoft had additional confirmations when details on your account is changed. Google and Facebook do a good job, if you change major details it needs an additional contact form, typically a text message with an alpha number code.

Hopefully it all gets resolved. So pissed.
This happened to me a month or two ago. Whoever did it spent like $60 on MS points, and the charges still haven't been reversed. The fact that the guy called you is just fucking odd.
 
#14
element said:
He then goes on to be sad that I never sold it or had any intentions to sell it. How he spent $300 on it and how I'm a dick if I recover it. Tries to tell me he just wants the gamertag because it is 'awesome' and he was nice enough to create a new account for me. He says he wants to play some games with it, because the name is cool, and he just bought a gears of war xbox and was going to go play. I tell him it is against ToS to buy gamer tags and that his console will be banned. He asks how I know this, and I tell him I worked on Xbox (which is true), I was in the revolt beta. At that point I get an email that someone has bought 400 points and the guy hangs up.

http://www.neogaf.com/forum/showthread.php?t=446047 hmmmm. he bought your tag and got more points after i bet.
 
Aug 23, 2010
13,462
0
0
#16
ArachosiA 78 said:
people pay money for gamertags? $300?? What was your gamertag? How could any name possibly be worth $300?!?
.


I want to know what name this was that someone thought it was worth $300. And where the hell he bought it from (I guess he paid someone to hack your account?)

And then he had the balls to straight up call you? Seriously? So weird.
 
Sep 17, 2006
30,835
0
1,075
Puerto Rico
#22
CarbonatedFalcon said:
.


I want to know what name this was that someone thought it was worth $300. And where the hell he bought it from (I guess he paid someone to hack your account?)
For all we know, the person could've been lying. I mean, how the fuck does one person buys an account, then proceed to calls the other person to make sure it's okay?

Is like I buy a stolen TV that someone got from Wal-Mart and proceed to call Wal-Mart to ask if it's okay that I return it if I have any problems... :p
 
Dec 22, 2004
3,285
0
0
33
#23
I just got gold again and finally picked up my first 360 of my own and while I have hardly any points and a crappy name, this still freaks me out.
 
Nov 4, 2010
6,250
0
0
NY
#25
fernoca said:
For all we know, the person could've been lying. I mean, how the fuck does one person buys an account, then proceed to calls the other person to make sure it's okay?

Is like I buy a stolen TV that someone got from Wal-Mart and proceed to call Wal-Mart to ask if it's okay that I return it if I have any problems... :p
His account is locked. So how did the dude get the number? At the same time 400points were spent and the dude hung up.
I think some inside shit is going on at Microsoft
 
#27
kamspy said:
So what's going on with XBL?
Nothing is going on with XBL. These people hack your email so they can send and read the "I forgot my password, I need to reset it" email and then change your gamertag to something else. They then take your old gamertag. They're not hacking XBL. They could do the same with ANY account you have (Facebook, Amazon, Best Buy...)

I suggest everyone use gmail and turn on the 2-Step Authorization (link). This way, when someone tried to get into your gmail, it will text you on your cel phone with a 6 digital number you have to enter before it lets someone change your password or log in on a new computer.

I know other email services have this, but not sure which ones.
 

Drkirby

Corporate Apologist
Jan 29, 2008
42,344
0
0
28
Florida
#28
For a second, I was expecting some comedy where some guy actually managed to change your Gamer tag, then take the original for him self.

Edit: Wait, no, it more or less is. lol.
 
Jun 6, 2004
11,601
18
1,610
#30
Seriously, he called you?
Yeah. I'm pretty sure he was updating information in my Windows Live ID account and saw the number and decided to call. Who knows.

Similar thing happened last time, where the person called me acting as Microsoft Support. I was a contractor at MS at the time, and I asked for his alias, and he didn't know what that was. If you don't know your alias as a higher tier support, there is something seriously fishy. He also wouldn't tell me his location, another red flag.

Any ideas on how it has been so easy for them?
My password was pretty complicated. Alpha number extended mixed 16 character password. No idea how they got in.

Who did he buy it from?
no idea, but those people hacking and selling need a swift kick in the junk.
 
Sep 17, 2006
30,835
0
1,075
Puerto Rico
#31
Respawn said:
His account is locked. So how did the dude get the number? At the same time 400points were spent and the dude hung up.
I think some inside shit is going on at Microsoft
The account was locked, after 'element' stopped talking to him on the phone. The call, the "$300 purchase", the 400 MS Points were all done before the lock.

Which is why it wouldn't surprise me if said guy, didn't paid $300 and got the account from a friend or something, felt "bad"; got the number from the account info/settings and called to see if anyone answered.

If true that he paid $300; the guy sounds too dumb anyway by just calling 'element'. :p

Or he just made everything up, called 'element', made a "sad story" about spending $300; thinking things wouldn't matter since "he got hacked!"...at least 'element' dealt with everything nicely; so the guy sucks anyway. :p
 
Nov 4, 2010
6,250
0
0
NY
#35
heavyness said:
Nothing is going on with XBL. These people hack your email so they can send and read the "I forgot my password, I need to reset it" email and then change your gamertag to something else. They then take your old gamertag. They're not hacking XBL. They could do the same with ANY account you have (Facebook, Amazon, Best Buy...)

I suggest everyone use gmail and turn on the 2-Step Authorization (link). This way, when someone tried to get into your gmail, it will text you on your cel phone with a 6 digital number you have to enter before it lets someone change your password or log in on a new computer.

I know other email services have this, but not sure which ones.
That's tied to xbox live and money is being spent. So live is getting hacked.
 
May 9, 2011
34,663
0
0
#37
This seems to be getting worse and worse and so far there's been nothing but silence on MS front. There's obviously something going on on their end, it's hard to believe everyone is getting hit with a phishing attack or using the same password as other potential hacked sites.
 
Jun 7, 2004
28,470
0
0
#41
Respawn said:
That's tied to xbox live and money is being spent. So live is getting hacked.
If Live was legitimately hacked and the passwords were compromised, we would almost certainly have known about it by now.

This still sounds like widespread social engineering to me. Microsoft really needs to change their Live security policy. Maybe some kind of optional 2-step verification or something like Steam Guard.

edit: Even so, I'm glad that I already removed my credit card from my account.
 
Sep 17, 2006
30,835
0
1,075
Puerto Rico
#45
Derrick01 said:
This seems to be getting worse and worse and so far there's been nothing but silence on MS front. There's obviously something going on on their end, it's hard to believe everyone is getting hit with a phishing attack or using the same password as other potential hacked sites.
The thing is that, as even other "detective GAF" threads has shown; it is quite easy and not an actual hack.

In many cases, just with the person's Xbox Live Gamertag; you can find his/her Facebook. That leads to personal info, address, emails. Or with their Twitter.

People tend to put many personal info out there; and while some focus on what they have on their Facebook accounts and making it private, they sometimes forget that they have other accounts in other websites.