http://gamingtrend.com
November 23, 2014, 07:45:53 AM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News:
 
   Home   Help Search Calendar Login Register  
Pages: [1]   Go Down
  Print  
Author Topic: Possible hacked XBox accounts  (Read 2438 times)
0 Members and 1 Guest are viewing this topic.
Isgrimnur
Gaming Trend Senior Member

Offline Offline

Posts: 8911



View Profile
« on: June 10, 2009, 04:12:51 AM »

I received an XBox message from a member of these boards (who I have PMed) that was a message involving a CoD Modern Warfare 2 beta.  The listed site had a .tk extension.  I proceeded to log in using my XBox information, and was then presented with an error message that was directed to another site that had nothing to do with anything I expected.  Freaked out beyond belief, I have now changed my password (and all accounts that shared that password, stupid me...)

A search of the intarwebs indicates that this is definitely appearing to be a scam.  Looks like I got out lucky, as I was able to change the information before someone else did...

Logged

Hadron Smasher on 360; IsgrimnurTTU on PS3
Harkonis
Gaming Trend Senior Member

Offline Offline

Posts: 9843



View Profile
« Reply #1 on: June 10, 2009, 04:50:42 AM »

It wasn't an accident that I sent that to you.  It's just been awhile since I ran my friend's list through the idiot test.   icon_twisted
Logged
metallicorphan
Gaming Trend Senior Member

Offline Offline

Posts: 16378



View Profile
« Reply #2 on: June 10, 2009, 08:41:57 AM »

yeah i got a message like that as well,not sure if its just my account that's been hacked or the person who sent it to me as well

some people a few weeks ago were sending me messages with just a number and then the Microsoft points symbol(like 900e)..that 'e' being the MSP symbol ...i had no idea what they were going on about so i just left it

i told my mum to watch her bank account(as her card is in my xbl details)but nothing has gone out..i rang her again this morning to tell her again,after these messages

if it happens again Isgimnur,just block communications from me(one of he message options),and i will get in touch with you via this place if needed
« Last Edit: June 10, 2009, 08:45:08 AM by metallicorphan » Logged

Manchester United Premier League Champions 2013!!

Xbox LIVE:Metallicorphan
Wii:8565 1513 0206 1960
PSN:Metallicorphan
metallicorphan
Gaming Trend Senior Member

Offline Offline

Posts: 16378



View Profile
« Reply #3 on: June 11, 2009, 01:14:30 AM »

i just heard from a friend of mine,who isn't on my friends list but this happened to him as well

he logged onto the fake site,and then was unable to sign into xbox live as they had changed his password,he then rang up Microsoft,they have locked his credit card info..and he cancelled his credit cards

however he had to go sign some stuff at the bank as they tried taking out 4 lots of 1000points off the cards

he should get his gamertag back in 5-10 days he says

looks like we could of dodged a bullet there

« Last Edit: June 11, 2009, 01:17:34 AM by metallicorphan » Logged

Manchester United Premier League Champions 2013!!

Xbox LIVE:Metallicorphan
Wii:8565 1513 0206 1960
PSN:Metallicorphan
mytocles
Gaming Trend Senior Member

Offline Offline

Posts: 4901



View Profile
« Reply #4 on: June 11, 2009, 09:13:41 AM »

Quote
he should get his gamertag back in 5-10 days he says

Ouch, your friend must be kicking himself in the butt, big time!

We got the message too, as you know, Metal - but we didn't go to the site, so I'm assuming we dodged that same bullet.

Unless I just couldn't find it, I noticed there is no mention of possible hacking of XBL accounts in the News part of XBox.com.  I'm shocked, I tell you!   Roll Eyes
Logged

Mytocles (MY-toe-cleez)

"Of all the things I've lost, I miss my mind the most!"
- I don't remember who said it, and probably neither do they...
Harkonis
Gaming Trend Senior Member

Offline Offline

Posts: 9843



View Profile
« Reply #5 on: June 11, 2009, 09:23:35 AM »

technically it's not really hacking anyone's account.  they are phishing for the account info and then hijacking the account.  ninja
« Last Edit: June 11, 2009, 09:28:02 AM by Harkonis » Logged
mytocles
Gaming Trend Senior Member

Offline Offline

Posts: 4901



View Profile
« Reply #6 on: June 11, 2009, 09:29:08 AM »

Quote from: Harkonis on June 11, 2009, 09:23:35 AM

technically it's not really hacking anyone's site.  they are phishing for the account info and then hijacking the account.  ninja

So, how does phishing get them the account info - and then how does it get hijacked?  In other words, how do they get all the XBL messages out to people to begin the process?  I'm just curious, no huge explanation needed (which I likely wouldn't understand anyway)... but every little bit of knowledge about phishing and hacking is a Good Thing!   nod

 icon_razz
Logged

Mytocles (MY-toe-cleez)

"Of all the things I've lost, I miss my mind the most!"
- I don't remember who said it, and probably neither do they...
TiLT
Gaming Trend Senior Member

Offline Offline

Posts: 6702


Preaching to the choir


View Profile WWW
« Reply #7 on: June 11, 2009, 09:47:29 AM »

I'm actually amazed that people are still being fooled by these simple phishing scams. If someone sends you a link to a site that requires some kind of login information from you, this should trigger every alarm bell in your head. If it doesn't, then perhaps being scammed is just what the doctor ordered.
Logged
metallicorphan
Gaming Trend Senior Member

Offline Offline

Posts: 16378



View Profile
« Reply #8 on: June 11, 2009, 09:49:04 AM »

i am not sure how it works usually,but in this case when you went to the site that was sent in the message...it first took you to an xbox.com login screen...where you stick your email and password.....it looked exactly like a xbox.com login screen..but then instead of being taken to the usual xbox.com screen you went to another site altogether

the site in the message said modernwarfare2beta.tk....it was only that tk thats usually different,i know there is a modernwarfare2.com(that takes you straight to the infinity wards page)...and as the beta is meant to be 360 only,going to an xbox.com login screen would not of made many bash an eyelid towards...in other words,its a bit more sneaky than the usual fake messages

i think i will start all my XBL messages with the persons name eg 'Hey Myto-'..then people can see without opening the message that it really is off me

i am not sure how i really did dodge a bullet,as i have 1500 points in my account ready for today's CODW@W map pack..so i surprised they didnt buy some crap with that

apparently
the thing is,if you get a message like that again,you can read it...but don't reply to it(apparently this is another way they get your info somehow)..send the user a message from either an older message you know is from the user or an entirely new message altogether...just don't reply to that one


i still curse Microsoft for not having the function to take OFF credit cards from xbox live...thats just stupid...i get all my points from the shops now
Logged

Manchester United Premier League Champions 2013!!

Xbox LIVE:Metallicorphan
Wii:8565 1513 0206 1960
PSN:Metallicorphan
mytocles
Gaming Trend Senior Member

Offline Offline

Posts: 4901



View Profile
« Reply #9 on: June 11, 2009, 10:16:53 AM »

Quote from: TiLT on June 11, 2009, 09:47:29 AM

I'm actually amazed that people are still being fooled by these simple phishing scams. If someone sends you a link to a site that requires some kind of login information from you, this should trigger every alarm bell in your head. If it doesn't, then perhaps being scammed is just what the doctor ordered.


Personally, I think that's a bit harsh, lol.  I've never responded to any phishing scams, but I can easily see how people can - you let your guard down, go on auto-pilot, and the rest is a painful history.

I agree with you, Metal, on the inability to take credit cards off being stupid (and greedy, of course)... I'm going to let mine expire, as I think that is the only way to get rid of them now. I think the last time I tried to take off the option to automatically re-up Gold, I couldn't do that either.  Grrr...  disgust

I did get scammed out of about $90 once, but it was from hackers in Romania getting into my Credit Union account.  I didn't "initiate" it by responding to any phishy stuff, but they got it anyway.  That is one reason that the account I use for online transactions is kept under $100, unless I transfer some money in to go on a spree on Amazon or something.  What amazed me about that whole deal was that the hackers tried to access my acount twelve times - and the bank let them!  If you go to an ATM and goof your password one time too many, it eats your card.  But if you are dialing in from Romania - I guess twelve shots at it is okay.  I'm sure they tried a lot more money each time, until finally settling on under $100.   mad
Logged

Mytocles (MY-toe-cleez)

"Of all the things I've lost, I miss my mind the most!"
- I don't remember who said it, and probably neither do they...
Bullwinkle
Gaming Trend Staff
Gaming Trend Senior Member

Offline Offline

Posts: 15685


Watch me pull a rabbit outta my hat.


View Profile
« Reply #10 on: June 11, 2009, 12:38:07 PM »

I got the messages, too, MO (both the bad one and your follow up).  Glad I read this first, though I doubt I would have taken the time to try and log in.  I'm just too lazy.
Logged

That's like blaming owls because I suck at making analogies.
metallicorphan
Gaming Trend Senior Member

Offline Offline

Posts: 16378



View Profile
« Reply #11 on: June 11, 2009, 05:23:17 PM »

okay i have printed up the page that it takes you to

imagine this:
a friend sends you a url in an xbox live message...you trust this friend or you have no fears about the actual message being fake

you go to the url
you get this page


after you see that page,would it put you off?...sure you can see there are differences but would you stop and examine it all?..it even has a advert for Avatars!!
Logged

Manchester United Premier League Champions 2013!!

Xbox LIVE:Metallicorphan
Wii:8565 1513 0206 1960
PSN:Metallicorphan
semiconscious
Gaming Trend Senior Member

Offline Offline

Posts: 4416



View Profile
« Reply #12 on: June 11, 2009, 05:29:36 PM »

Quote from: metallicorphan on June 11, 2009, 05:23:17 PM

after you see that page,would it put you off?...

yes - & mainly because of the '.tk'. it shouldn't be there. period...

having friends is fine. but i agree with tilt - trusting friends to make decisions as to whether something is cool or not, probably not so fine...
Logged

"... i'm not against some 'monkey catching'... but i'd rather be collecting pants..."
- snake, 'snake vs monkey' (mgs3:se)
metallicorphan
Gaming Trend Senior Member

Offline Offline

Posts: 16378



View Profile
« Reply #13 on: June 11, 2009, 05:39:31 PM »

i think you are just saying that because it wasn't you who did it

i knew that putting modernwarfare2 into the search bar took you to infinity wards page...so when i saw modernwarfare2beta.tk..i didnt think anything off it...and then when you get to said page and you see that....


sure you can say well the tk shouldnt be there....but then you are bound to say that..because mr semiconscious is perfect
Logged

Manchester United Premier League Champions 2013!!

Xbox LIVE:Metallicorphan
Wii:8565 1513 0206 1960
PSN:Metallicorphan
mytocles
Gaming Trend Senior Member

Offline Offline

Posts: 4901



View Profile
« Reply #14 on: June 11, 2009, 05:50:30 PM »

Quote from: semiconscious on June 11, 2009, 05:29:36 PM

Quote from: metallicorphan on June 11, 2009, 05:23:17 PM

after you see that page,would it put you off?...

yes - & mainly because of the '.tk'. it shouldn't be there. period...

having friends is fine. but i agree with tilt - trusting friends to make decisions as to whether something is cool or not, probably not so fine...

But, if I'm not mistaken - in this case at least, Metal didn't make any such decision about what was cool or not cool to click on.  His Friends got the choice, and I for one, declined - even though I personally wasn't aware that "tk" was a bad ending on a URL. I may have noticed it, I may not have...

I dunno, maybe I'm just defending some of us "old folks" who aren't as up on the current technology - or phishing technology, anyway.  As dbt would say, not as much as you young-uns! Even though I didn't fall for it (partly having to do with the fact that I couldn't care less about that game), I can see some people being led astray by it. That's why there is a problem with phishing and Internet scams, lol - if everyone knew everything, there would be no problem!

Let's cool down though, Mr. Metal Orphan and Mr. Semiconscious are both people we value here - and we don't want this potentially useful thread to be dumped into the "Political / Religious Nonsense" forum!   icon_eek

Other than that... carry on!   icon_razz
Logged

Mytocles (MY-toe-cleez)

"Of all the things I've lost, I miss my mind the most!"
- I don't remember who said it, and probably neither do they...
hepcat
Gaming Trend Senior Member

Offline Offline

Posts: 9297


I'M the one that knocks! Now...burp me!


View Profile
« Reply #15 on: June 11, 2009, 06:20:20 PM »

What?  No one sent ME a damn message leading me to a potentially dangerous web site?  What am I?  Chopped liver!?  Aren't I loved at all!?
Logged

Warning:  You will see my penis. -Brian

Just remember: once a user figures out gluten noting them they're allowed to make fun of you. - Ceekay speaking in tongues.
mytocles
Gaming Trend Senior Member

Offline Offline

Posts: 4901



View Profile
« Reply #16 on: June 11, 2009, 06:35:24 PM »

Quote from: hepcat on June 11, 2009, 06:20:20 PM

What?  No one sent ME a damn message leading me to a potentially dangerous web site?  What am I?  Chopped liver!?  Aren't I loved at all!?

Hep, you will always be loved... unless, of course, your hair isn't really red, then fo-gedda-bout-it!

 icon_lol

Did I mention I have red hair?   nod
Logged

Mytocles (MY-toe-cleez)

"Of all the things I've lost, I miss my mind the most!"
- I don't remember who said it, and probably neither do they...
semiconscious
Gaming Trend Senior Member

Offline Offline

Posts: 4416



View Profile
« Reply #17 on: June 11, 2009, 06:40:01 PM »

Quote from: mytocles on June 11, 2009, 05:50:30 PM

Quote from: semiconscious on June 11, 2009, 05:29:36 PM

Quote from: metallicorphan on June 11, 2009, 05:23:17 PM

after you see that page,would it put you off?...

yes - & mainly because of the '.tk'. it shouldn't be there. period...

having friends is fine. but i agree with tilt - trusting friends to make decisions as to whether something is cool or not, probably not so fine...

But, if I'm not mistaken - in this case at least, Metal didn't make any such decision about what was cool or not cool to click on.  His Friends got the choice, and I for one, declined - even though I personally wasn't aware that "tk" was a bad ending on a URL. I may have noticed it, I may not have...

I dunno, maybe I'm just defending some of us "old folks" who aren't as up on the current technology - or phishing technology, anyway.  As dbt would say, not as much as you young-uns! Even though I didn't fall for it (partly having to do with the fact that I couldn't care less about that game), I can see some people being led astray by it. That's why there is a problem with phishing and Internet scams, lol - if everyone knew everything, there would be no problem!

Let's cool down though, Mr. Metal Orphan and Mr. Semiconscious are both people we value here - and we don't want this potentially useful thread to be dumped into the "Political / Religious Nonsense" forum!   icon_eek

Other than that... carry on!   icon_razz

trust me - mr semiconscious is wwway old (& was actually on the internet years before 'the web' was even invented) smile ...

& sorry, mo - no, i'm not perfect. but i don't consider checking urls something that requires perfection - only a certain amount of paranoia smile . tons of fishing scams employ lookalike web pages, & checking urls is the only way to distinguish most of'm...
Logged

"... i'm not against some 'monkey catching'... but i'd rather be collecting pants..."
- snake, 'snake vs monkey' (mgs3:se)
hepcat
Gaming Trend Senior Member

Offline Offline

Posts: 9297


I'M the one that knocks! Now...burp me!


View Profile
« Reply #18 on: June 11, 2009, 07:00:21 PM »

Quote from: mytocles on June 11, 2009, 06:35:24 PM

Quote from: hepcat on June 11, 2009, 06:20:20 PM

What?  No one sent ME a damn message leading me to a potentially dangerous web site?  What am I?  Chopped liver!?  Aren't I loved at all!?

Hep, you will always be loved... unless, of course, your hair isn't really red, then fo-gedda-bout-it!



Fortunately, I was born without any outwardly visible genetic defects...like red hair. 

 Tongue
Logged

Warning:  You will see my penis. -Brian

Just remember: once a user figures out gluten noting them they're allowed to make fun of you. - Ceekay speaking in tongues.
mytocles
Gaming Trend Senior Member

Offline Offline

Posts: 4901



View Profile
« Reply #19 on: June 11, 2009, 07:17:15 PM »

Quote from: hepcat on June 11, 2009, 07:00:21 PM

Quote from: mytocles on June 11, 2009, 06:35:24 PM

Quote from: hepcat on June 11, 2009, 06:20:20 PM

What?  No one sent ME a damn message leading me to a potentially dangerous web site?  What am I?  Chopped liver!?  Aren't I loved at all!?

Hep, you will always be loved... unless, of course, your hair isn't really red, then fo-gedda-bout-it!



Fortunately, I was born without any outwardly visible genetic defects...like red hair. 

 Tongue

Well, I prefer to call it Strawberry Blonde... though the lighter color of it now is due to mixed in white hairs (still not noticeable "at range" though - so I haven't gotten closer than 3 feet to anyone, for about 5 years now!)  Roll Eyes

Umm, wait - you are male, and still say you have no outwardly visible genetic defects?  LMAO!   stirthepot

On a more serious note, all I really know about phishing is that I shouldn't furnish my own information in response to an email that only looks legit.  Checking URL's - unless it says something like "www. ClickHereAndYou'reScrewed" dot TK, I don't really know what to look for.   ninja

Quote from: semiconscious on June 11, 2009, 06:40:01 PM

Quote from: mytocles on June 11, 2009, 05:50:30 PM

Quote from: semiconscious on June 11, 2009, 05:29:36 PM

Quote from: metallicorphan on June 11, 2009, 05:23:17 PM

after you see that page,would it put you off?...

yes - & mainly because of the '.tk'. it shouldn't be there. period...

having friends is fine. but i agree with tilt - trusting friends to make decisions as to whether something is cool or not, probably not so fine...

But, if I'm not mistaken - in this case at least, Metal didn't make any such decision about what was cool or not cool to click on.  His Friends got the choice, and I for one, declined - even though I personally wasn't aware that "tk" was a bad ending on a URL. I may have noticed it, I may not have...

I dunno, maybe I'm just defending some of us "old folks" who aren't as up on the current technology - or phishing technology, anyway.  As dbt would say, not as much as you young-uns! Even though I didn't fall for it (partly having to do with the fact that I couldn't care less about that game), I can see some people being led astray by it. That's why there is a problem with phishing and Internet scams, lol - if everyone knew everything, there would be no problem!

Let's cool down though, Mr. Metal Orphan and Mr. Semiconscious are both people we value here - and we don't want this potentially useful thread to be dumped into the "Political / Religious Nonsense" forum!   icon_eek

Other than that... carry on!   icon_razz

trust me - mr semiconscious is wwway old (& was actually on the internet years before 'the web' was even invented) smile ...

& sorry, mo - no, i'm not perfect. but i don't consider checking urls something that requires perfection - only a certain amount of paranoia smile . tons of fishing scams employ lookalike web pages, & checking urls is the only way to distinguish most of'm...

Are there other extensions besides ".tk" that are particularly problematic, and if you never provide any of your information in response to an email... are you protected, or not so much?

I'd like some more easy-to-remember tips - imo, you can't have enough of them these days!

OMG, saying "these days" marks me as even older than you, Semi, lmao!  icon_eek
Logged

Mytocles (MY-toe-cleez)

"Of all the things I've lost, I miss my mind the most!"
- I don't remember who said it, and probably neither do they...
wonderpug
Gaming Trend Senior Member

Offline Offline

Posts: 11523


hmm...


View Profile
« Reply #20 on: June 11, 2009, 07:28:49 PM »

Quote from: mytocles on June 11, 2009, 07:17:15 PM

Are there other extensions besides ".tk" that are particularly problematic, and if you never provide any of your information in response to an email... are you protected, or not so much?

Even .com can be bad news.  For instance, I remember pavpal.com being used to trick people into thinking they were going to paypal.com.  The right font and it's even harder to spot the discrepancy.

If you're looking for a good way to be safe, just never use links to get to sites that require personal information or passwords.  If you get an email saying X Company that you do business with needs you to do something, navigate to that company's website yourself and then see if action is required.
Logged
semiconscious
Gaming Trend Senior Member

Offline Offline

Posts: 4416



View Profile
« Reply #21 on: June 11, 2009, 07:40:03 PM »

Quote from: wonderpug on June 11, 2009, 07:28:49 PM

Quote from: mytocles on June 11, 2009, 07:17:15 PM

Are there other extensions besides ".tk" that are particularly problematic, and if you never provide any of your information in response to an email... are you protected, or not so much?

Even .com can be bad news.  For instance, I remember pavpal.com being used to trick people into thinking they were going to paypal.com.  The right font and it's even harder to spot the discrepancy.

If you're looking for a good way to be safe, just never use links to get to sites that require personal information or passwords.  If you get an email saying X Company that you do business with needs you to do something, navigate to that company's website yourself and then see if action is required.

yes...
Logged

"... i'm not against some 'monkey catching'... but i'd rather be collecting pants..."
- snake, 'snake vs monkey' (mgs3:se)
Caine
Gaming Trend Senior Member

Offline Offline

Posts: 10450


My cocaine


View Profile WWW
« Reply #22 on: June 11, 2009, 08:05:14 PM »

some interesting info regarding .tk

http://en.wikipedia.org/wiki/.tk


basically, it allows anyone a free .tk domain with redirection within the html frame, ie you can in essence spoof your crappy angelfire.com neon-glow web page with a somethingnice.tk url.

aka, a very easy way to hide your web page's real id within sheep's skin. 

.tk was the worst of the worst for malicious phishing, and still remains a huge red flag.  basically, if you see it in the domain, don't click it at all.
Logged

wonderpug
Gaming Trend Senior Member

Offline Offline

Posts: 11523


hmm...


View Profile
« Reply #23 on: June 11, 2009, 08:09:17 PM »

Quote from: Caine on June 11, 2009, 08:05:14 PM

some interesting info regarding .tk

http://en.wikipedia.org/wiki/.tk


.tk was the worst of the worst for malicious phishing, and still remains a huge red flag.  basically, if you see it in the domain, don't click it at all.

No way in hell I'm visiting that scam Wikipedia link.  ninja
Logged
semiconscious
Gaming Trend Senior Member

Offline Offline

Posts: 4416



View Profile
« Reply #24 on: June 11, 2009, 08:20:04 PM »

Quote from: wonderpug on June 11, 2009, 08:09:17 PM

Quote from: Caine on June 11, 2009, 08:05:14 PM

some interesting info regarding .tk

http://en.wikipedia.org/wiki/.tk


.tk was the worst of the worst for malicious phishing, and still remains a huge red flag.  basically, if you see it in the domain, don't click it at all.

No way in hell I'm visiting that scam Wikipedia link.  ninja

classic smile ...
Logged

"... i'm not against some 'monkey catching'... but i'd rather be collecting pants..."
- snake, 'snake vs monkey' (mgs3:se)
mytocles
Gaming Trend Senior Member

Offline Offline

Posts: 4901



View Profile
« Reply #25 on: June 11, 2009, 08:22:16 PM »

Quote from: Caine on June 11, 2009, 08:05:14 PM

some interesting info regarding .tk

http://en.wikipedia.org/wiki/.tk


basically, it allows anyone a free .tk domain with redirection within the html frame, ie you can in essence spoof your crappy angelfire.com neon-glow web page with a somethingnice.tk url.

aka, a very easy way to hide your web page's real id within sheep's skin. 

.tk was the worst of the worst for malicious phishing, and still remains a huge red flag.  basically, if you see it in the domain, don't click it at all.

Ah, thanks, Caine!  I was still wondering what, specifically the "TK.COM" thing was about.

What I'm amazed at is that my 84 year old mother has not been scammed!  She surfs the 'Net and uses email, but I don't think she's ever been a victim of Phishing, Identity Theft, or any of that garbage.  Maybe her hand-me-down PC's don't even have the ability to be phished, lmao!
Pug, I thought you were the founder of Wiki... was I misinformed?   

Logged

Mytocles (MY-toe-cleez)

"Of all the things I've lost, I miss my mind the most!"
- I don't remember who said it, and probably neither do they...
TiLT
Gaming Trend Senior Member

Offline Offline

Posts: 6702


Preaching to the choir


View Profile WWW
« Reply #26 on: June 11, 2009, 08:25:01 PM »

Quote from: metallicorphan on June 11, 2009, 05:23:17 PM

okay i have printed up the page that it takes you to

imagine this:
a friend sends you a url in an xbox live message...you trust this friend or you have no fears about the actual message being fake

you go to the url
you get this page
[snip...]

after you see that page,would it put you off?...sure you can see there are differences but would you stop and examine it all?..it even has a advert for Avatars!!

Yes, it would put me off. Not because there's anything wrong with the layout (that's not what you should be looking for. Scammers are good at copying other sites' layouts.), but because you're on a non-Microsoft site that asks for your Xbox login name and password. Any time this happens, the chance that it is a scam is EXACTLY 100%. I would be slightly more understanding if the url was cloaked, but it isn't.

Yes, everyone can make mistakes on the internet. I mean, the place can be damned confusing. Still, the tricks used for phishing have been well documented in the media, and this particular one is right at the top of the list of common ways to do it.

There is a reason why most sites these days will inform you that they'll never ask for your password under any circumstances (except for logging into the main site, of course. Even then, you should type in the url yourself instead of following a link).
Logged
metallicorphan
Gaming Trend Senior Member

Offline Offline

Posts: 16378



View Profile
« Reply #27 on: June 11, 2009, 11:28:22 PM »

its more the fact that they got into xbox live and sent those messages over LIVE...imagine if Ron or CK..well,no..maybe not CK Tongue....but someone you trust on XBOX LIVE sent you that message...i haven't known anything like this to happen over XBL,and then again not knowing anything about this 'tk' extension didn't help..and i thought it was a joint venture with Infinity wards and Microsoft

i guess they also knew how to hook people as well with modern warfare 2....

and sorry SC about the Mr Perfect comment...you're far from it j/k slywink
Logged

Manchester United Premier League Champions 2013!!

Xbox LIVE:Metallicorphan
Wii:8565 1513 0206 1960
PSN:Metallicorphan
Huw the Poo
Gaming Trend Senior Member

Offline Offline

Posts: 3162


Please feed dog


View Profile
« Reply #28 on: June 12, 2009, 07:05:23 AM »

So, unless I missed it, I've yet to read how a message was sent via your account, MO.  Was it hacked?  Have you changed your password?

Something like this happened to me on MSN.  I got a message from a friend which just said 'pics...<link>'.  Now, that may look suspicious to most people but she's been known to send me messages just like that before.  Legitimate messages.  So I clicked on it and was taken to a page asking to sign into Windows Live.  I didn't, but surmised her account must have been hacked because I called her and she told me she had sent no such message that day.  Luckily she was able to change her password and it didn't happen again.  I'm still not sure exactly what happened.
Logged

Resident anti-Steam troll
Steam profile
Harkonis
Gaming Trend Senior Member

Offline Offline

Posts: 9843



View Profile
« Reply #29 on: June 12, 2009, 08:45:46 AM »

Still doing research, but my first guess would be it's a Games for Windows issue and the PC in question is infected and using the GfW login to send the messages.

For the record, if I got this msg from even the most trusted on my friends list, I'd send them a msg and give em a chuckle that they are infected.  Same thing I've had to do working places where I get email from my boss and the email was the result of his system sending virus email out.
Logged
metallicorphan
Gaming Trend Senior Member

Offline Offline

Posts: 16378



View Profile
« Reply #30 on: June 12, 2009, 10:44:36 AM »

Quote from: Huw the Poo on June 12, 2009, 07:05:23 AM

So, unless I missed it, I've yet to read how a message was sent via your account, MO.  Was it hacked?  Have you changed your password?



i am not sure how it was sent via my account,i havent logged into anything i shouldnt have,not to my knowledge anyway,and yes i have changed my password now,hopefully i wont have any more problems

another point is,that the year before last(cod4 beta) and last year(cod5 beta) i sent about a dozen people messages that IW or Gamespot etc were starting with the beta codes handouts....i have even got some codes for people on my friends list incase they have been in work or whatever...so a lot of them were not surprised when they saw this message off me
Logged

Manchester United Premier League Champions 2013!!

Xbox LIVE:Metallicorphan
Wii:8565 1513 0206 1960
PSN:Metallicorphan
TiLT
Gaming Trend Senior Member

Offline Offline

Posts: 6702


Preaching to the choir


View Profile WWW
« Reply #31 on: June 12, 2009, 10:54:20 AM »

If you're ever in a situation where you're unsure whether the site you're on should be asking for your username or password for something else, try logging in with completely random data. If the site accepts your login, it's a scam site (for obvious reasons). If it doesn't accept the data, that doesn't necessarily mean that it's safe though, as it might be rerouting your login info to the actual system after storing it for its own purposes.
Logged
mytocles
Gaming Trend Senior Member

Offline Offline

Posts: 4901



View Profile
« Reply #32 on: June 12, 2009, 01:59:52 PM »

Quote from: TiLT on June 12, 2009, 10:54:20 AM

If you're ever in a situation where you're unsure whether the site you're on should be asking for your username or password for something else, try logging in with completely random data. If the site accepts your login, it's a scam site (for obvious reasons). If it doesn't accept the data, that doesn't necessarily mean that it's safe though, as it might be rerouting your login info to the actual system after storing it for its own purposes.

Sometimes the simplest ideas are what we overlook, this is a great one!   nod
Logged

Mytocles (MY-toe-cleez)

"Of all the things I've lost, I miss my mind the most!"
- I don't remember who said it, and probably neither do they...
hepcat
Gaming Trend Senior Member

Offline Offline

Posts: 9297


I'M the one that knocks! Now...burp me!


View Profile
« Reply #33 on: June 12, 2009, 02:42:41 PM »

yeah, that's actually a really good suggestion.
Logged

Warning:  You will see my penis. -Brian

Just remember: once a user figures out gluten noting them they're allowed to make fun of you. - Ceekay speaking in tongues.
wonderpug
Gaming Trend Senior Member

Offline Offline

Posts: 11523


hmm...


View Profile
« Reply #34 on: June 12, 2009, 02:48:28 PM »

That method doesn't sound very reliable.  I just randomly keymashed to get "af38hnj" and "awefopih," and after checking with af38hnj (38-year-old Allen Francis from Hoboken, New Jersey) it turns out that awefopih is indeed his password.  (It's his dog's name.)
Logged
Brendan
Gaming Trend Senior Member

Offline Offline

Posts: 3841


two oh sickness


View Profile
« Reply #35 on: June 12, 2009, 02:57:49 PM »

Many browsers are now highlighting different portions of the URL to draw attention to the root site you're visiting - here's an example from IE8 where you can see msn.com is in darker text than the rest of the URL.
Logged
Pages: [1]   Go Up
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines
Valid XHTML 1.0! Valid CSS!
Page created in 0.201 seconds with 95 queries. (Pretty URLs adds 0.043s, 2q)