My account got hacked hope this helps others: - AVS Forum
Forum Jump: 
Reply
 
Thread Tools
post #1 of 68 Old 01-03-2012, 08:38 PM - Thread Starter
AVS Special Member
 
deveng's Avatar
 
Join Date: Oct 2002
Location: Scottsdale, AZ
Posts: 1,573
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 31
Well, my account got hacked on Friday last week. I was at work, and i was checking my email through my phone, and I got a message from Xbox 'congratulations on purchasing 1600 MS points' (which I obviously did not). My initial thought was my kids must have done something. Latter in the day when I was at my computer I logged into Xbox.com and noticed that I had only 14 MS points. The day before I had about 10 700 MS points. I then check purchase history and notice someone was on a buying spree of 'Premium Gold Pack consumables' each for either 240 MS points or 280 MS points. Also I now have 2 achievements in FIFA 12, a game that I do not own or care to ever play.

Anyways I contacted MS, gave them the info, and now my account has been turned over to the fraud department. Thus I have no access to anything with my windows live ID for 25 business days they say.

On further searches on how this could have happened to me (the hacker would have to know my email address and password), it seems that this is not an uncommon occurance with EA and FIFA. The fundamental problem apparently is that EA is now charging MS points for in game content that is transferable. People have to buy in game 'cards' with MS points, and hope that they get a good player by using the in game currency. By spending real money, you can then build an ultimate team of great players. These players apparently can then be sold via ebay etc to other people for real money. Thus EA and FIFA in particular is now a money laundering game where MS points are spent to build a team of great players and then that team can be sold on ebay for real money. Thus, crazy European/Asians (sorry, but I am mad) soccer fanatics are somehow hacking peoples accounts, spending MS points, buying more MS points via associated credit cards, and buying in game content on FIFA to build the ultimate team. In my case, they spent about 12500 MS points.

Now there are rumors that EA itself is the leak, and somehow people are getting email addresses and passwords from EA (there are even threads on different forums on how people are calling into EA, claiming that they lost their passwords and email address and EA has been giving them out). In my case, unfortunately, my password and email is the same on most gaming sites (including EA, MS, trueachievements, etc). Thus hackers have correctly assumed that emails and passwords are similar and that is how they get access to Xbox accounts.

I have obviously changed my password of my wndows live account immediately, and it is now different that everything else. More than loosing the points (worth >$125), and loosing the access to my gamertag for the next 5-6 weeks, I feel vulnerable, and violated that someone (punk) took my account and bought in game content in a stupid soccer game. I am even more upset at EA for starting this trend (I have already been upset and created a personal boycott on all new EA games becauase of their server closure issues) of in game ultimate team content that costs MS points.

Just imagine if the next Madden game came out, and you had to spend MS points for buying a pack of 'cards' with the chance of getting Drew Breese or Tom Brady in one of those cards, so then you can play him on-line? EA is the root cause of the problem, and though the hackers are the real bad people, EA is setting up a system to encourage hacking of accounts to 'steal' money.

At the end, my suggestion to everyone is to make sure that your email/password for windows live ID is different that that used on gaming websites (like EA) as I am sure that is where the leak for my information came from. For years I never had a credit card associated with Xbox, until I made a gold family account last year, and now I cannot remove it. The other issue is that there is no added security option on Xbox (like a pin or the 3-4 digit security number on the cc that many other sites require).

Oh well, its only my Xbox account not not real life credit card fraud etc. so looking at it from another perspective, this is a wakeup call for being even more careful with emails/passwords etc. The purpose of this thread to to alert others about this possibility and to make sure that your account information at EA is different than Xbox.

Xbox and PS3 Gamertag = Xerostomia
Wii = I'm too lazy to get the number
deveng is offline  
Sponsored Links
Advertisement
 
post #2 of 68 Old 01-03-2012, 08:39 PM - Thread Starter
AVS Special Member
 
deveng's Avatar
 
Join Date: Oct 2002
Location: Scottsdale, AZ
Posts: 1,573
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 31
Here are a few excerpts from another website describing the process in better detail than I did:

I'm very sorry for the long post but I feel that it's about time that gamers and journalists started paying more attention to just what EA is implementing in their sports games. EA is gaining a ridiculous amount of money through exploitative free-to-play game design and encouraging players to gamble with real money.

For those that don't know, FIFA Ultimate Team is a game mode in FIFA where you gain players by buying packs of random cards (cards include players, kits, stadiums, contracts - everything you need to build a team) with either in game points or real money. You gain in-game points by winning online/offline tournaments or trading players in the in game marketplace. This may sound unremarkable, free-to-play models are not unusual. But this is different from other models for a number of reasons.

Firstly this is not free-to-play, EA expects that you pay full retail price (see online pass) to indulge in their 'free-to-play' style of game design. EA has intentionally set up FIFA Ultimate Team so that it is virtually impossible to gain a top team of players without using real currency, you gain a very small amount of in-game 'coins' playing matches and have to pay (in-game coins) for the upkeep of your team through player contracts and injury management. So you pay full price for a game and realise that the game is designed in such a way that you have to pay more real money in order to gain a competitive team.

In FIFA ultimate team cards can be traded in game with coins, the disparity between the value of cards in the marketplace is vast, the difference between about 350-1000 coins for average players and millions of coins for the top players that everybody wants - Messi, Ronaldo, Rooney etc. There is virtually no way of gaining millions of coins in game without spending real money on packs of cards. Even buying packs is no guarantee of making coins, you have to hope that your pack contains a top player that you might be able to sell in game for a reasonable ammount of coins, or there is really no point. This is essentially a gamble, the player is expected to gamble their real money on a chance of getting a top player. Unlike other free-to-play games you can't simply buy items, you are forced to gamble for them.

The way EA has implemented free-to-play models in their full retail price games is also present in NHL. The be-a-pro mode is designed in such a way that if you want a top stats be-a-pro player (Crosy, Overshkin level stats) you have to play literally hundreds of games (several full seasons) to gain the requirements for unlocking upgrades, or of course - unlock the upgrades with real money.

The free-to-play model of design in full retail price games is exploitative to the extreme when you consider that a new FIFA/NHL game comes out every year, requiring the player to have to start from scratch each year with no character/team import options.

The FIFA ultimate team model is much worse than just free-to-play game design in a full retail game. It really is encouraging gambling with real money. The FIFA forums have numerous threads where players have formed an addiction from this gambling, the adrenaline rush from opening a pack is the same as the rush somebody might get scratching a scratch card or pulling the lever on a fruit machine. People have reported feeling out of control and spending litterally hundereds of pounds on packs on a quest to gain an 'ultimate team'. The problems associated with gambling are all present here making ultimate team no more than an in game casino.

I feel that £40 for a retail copy of an EA sports game more than covers their costs for one years development and allows for a good profit, many people would argue that this is overpriced for a glorified roster update. But EA feels that they need to exploit players with free-to-play game design and modes that encourage gambling of real money.

It's really no surprise to me that hackers are buying packs of players on FIFA ultimate team, they are probabIy feeding their gambling addiction. I wish the industry would pay more attention to EA's outrageous behaviour.


Here is another excerpt:


FIFA is 100% to blame if you got hacked and notice FIFA activity on your gamer tag. Specifically Ultimate Team. This has been an ongoing problem since FIFA 10, but it is just now really starting to gain momentum. With FIFA 12 Ultimate team is on the disk, meaning that it is not DLC. In previous years it was DLC. In FIFA 09 it cost 800 MS Point. In FIFA 10 it cost 400 MS Points. In FIFA 11 it was free and now in FIFA 12 it is still free and on the disk.

The gentleman a few posts up form me explained Ultimate Team and how it works very well. So, I will not explain it, but I will explain why this is such a lucrative scam for those involved in hacking accounts.

Think of the goods in Ultimate Team.....namely the cards and coins as the currency. The "consumer" is the person who wants these goods without having to work for them in game. The scammer/hacker is the one who will provide these goods at a real world cost. The only way the scammer can profit from this is by having lots of the goods at his disposal. The only way to get that is either by scamming individual players or by hacking XBOX Live accounts. That is the short of it....

Turns out hacking an EA account is extremely easy. I have seen numerous posts on the official EA forums about people getting hacked by people who's only mode of hacking was a simple call to EA customer support. Once they contacted EA support they would then advise the support person that they had lost their EA account details for their gamer tag. Then EA would simply hand over those account details and you can figure out what happens from here. Since most people with EA accounts probably use the same email address and password for both Live and EA it was an easy social engineering hack. EA has since the release of 12 upped their account security a bit, but it is still lax.

The bigger issue is the Chinese websites that are actively selling "preloaded" MS Point accounts (gamer tags). These are hacked accounts that are beefed up with MS points and then sold on to people for a price. I only know of such sites as they have been mentioned numerous times on the official EA Ultimate Team forums. People then use these accounts to log on to FIFA and blow all the points on Ultimate Team packs then ship those items over to their main account most likely through EAs web app for Ultimate Team. This is not unlike World of Warcraft account hacks. Where your account would get hacked...typically by some Chinese gold farming operation...emptied and all items sold and then traded onto a feeder account.

This is only going to become more prevalent in the coming years as free to play and micro transactions become more the norm. There will always be the people that don't want to work their asses off to gain their virtual goods and their will always be someone whose has hacked and scammed and stolen to provide them those goods. The game companies are to blame if they do not start to step up their security protocols within these games and make them more like financial institutions than a silly video game. The security needs to be as robust as your bank....not Hello Kitty Island.

I am a very active member in the FIFA Ultimate Team community...it truly is an excellent game mode in an already excellent game. Sadly there are people trying to exploit others to make a buck.

On a side note....FIFA is the worst online gaming community on the planet and stuff like this along with non stop cheating and exploiting the game online are the norm. It is the worlds biggest game and as far as sports video game franchises is the king of the hill worldwide. It is one of the top selling games in the world every year....not top selling sports game....but top selling game.

Xbox and PS3 Gamertag = Xerostomia
Wii = I'm too lazy to get the number
deveng is offline  
post #3 of 68 Old 01-03-2012, 10:06 PM
 
darklordjames's Avatar
 
Join Date: Jun 2003
Posts: 7,909
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 93
The only problem here is that you have a poor security policy of using the same login data at multiple sites. Not EA, nor Microsoft, nor the "crazy" Europeans are to blame, only yourself.
darklordjames is offline  
post #4 of 68 Old 01-03-2012, 10:58 PM
AVS Special Member
 
onlysublime's Avatar
 
Join Date: May 2005
Posts: 4,649
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 493
Quote:
Originally Posted by darklordjames View Post

The only problem here is that you have a poor security policy of using the same login data at multiple sites. Not EA, nor Microsoft, nor the "crazy" Europeans are to blame, only yourself.

but this is how most people do it. most people do not have many unique passwords. I myself only have about 5 passwords admittedly.

the best thing to do really is to have unique passwords for every single site and use a password system like 1password and lastpass.
onlysublime is offline  
post #5 of 68 Old 01-03-2012, 11:11 PM
 
darklordjames's Avatar
 
Join Date: Jun 2003
Posts: 7,909
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 93
Do you guys also have a single key for your house, and car, and bike, and gym locker, and business, and safe, and gun cabinet, and safety deposit box, and mailbox? No of course not, nobody is that dumb.

A single password though? Use it on all the sites!!!1
darklordjames is offline  
post #6 of 68 Old 01-04-2012, 05:48 AM
AVS Special Member
 
jammybastard's Avatar
 
Join Date: Mar 2005
Location: In Transit
Posts: 1,620
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 18
4 passwords with various level of security (letters/letters&numbers/cap letters&lower case letters&numbers) + Last Pass.


I'm a regular FIFA player and I've never ben hacked.

Quote:


Thus EA and FIFA in particular is now a money laundering game where MS points are spent to build a team of great players

...and this is where you lost me.
You need to look up the definition of "money laundering".
These card packs are the equivalent of an "in app" purchase and are not necessary to play the game. EA isn't forcing anyone to buy them and allowing ppl to use their MS points to buy them is about making more money not laundering it.

One more thing:
Learn to use the "quote" tags.
Learn to cut and paste a link to any website you cite.
It's spelled "losing" not "loosing".
if you want credibility you need to learn to spell correctly, or at least learn to use spellcheck.
jammybastard is offline  
post #7 of 68 Old 01-04-2012, 05:54 AM
AVS Special Member
 
NoThru22's Avatar
 
Join Date: May 2003
Location: Baltimore, MD
Posts: 9,200
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 4 Post(s)
Liked: 86
Lastpass.com is free and will store all of your passwords. Also, I have a simple system that all of my passwords are similar, but I vary them in different ways depending on the site that I am going to.
NoThru22 is offline  
post #8 of 68 Old 01-04-2012, 06:25 AM
AVS Special Member
 
RemoWilliams84's Avatar
 
Join Date: Aug 2009
Location: Huntsville, AL
Posts: 1,957
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 5 Post(s)
Liked: 247
How long do you think it will be until lastpass is hacked? Just saying...

Xbox Gamertag/PSN ID: RemoWilliams84

"I started out with nothing, and I still got most of it." -Seasick Steve

RemoWilliams84 is offline  
post #9 of 68 Old 01-04-2012, 06:41 AM
AVS Special Member
 
WalksInDarkness's Avatar
 
Join Date: Sep 2006
Location: The PRoM
Posts: 1,289
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 10
I do not know enough about you guys to know whether you are joking or not. But if not:

1) You are unnecessarily criticizing Deveng. I guess everybody else is perfect, and has never heard the saying "Sh*t happens"? Some of us have real lives ya know, and are not pedantic gits who get off on hyper controlling every minutiae of things. I think for most of the normal people gaming is a hobby, not something for which we keep a detailed project "best parctices" journal on.

2) And criticizing someone for lax spelling and formatting of posts is childish and pathetic. Again most of us have real lives, and that level of anal thinking is laughably unreasonable. Generally people who delve into insults over such things have self esteem issues, like being underemployed when weighed against their education. These seemingly angry and trite replies often reflect a lack of ability to debate the issues beyond a superficial level.

I'll get off my soap box now, because I have a real life...

I've got some stuff.
WalksInDarkness is offline  
post #10 of 68 Old 01-04-2012, 08:58 AM
AVS Special Member
 
ferrisg's Avatar
 
Join Date: Oct 2003
Location: Suburbs of Minneapolis
Posts: 2,522
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 10
Quote:
Originally Posted by RemoWilliams84 View Post

How long do you think it will be until lastpass is hacked? Just saying...

Lastpass was hacked months ago. However they have proper security policies in place for both their data storage and user interaction, in addition to offering both a free and paid variant of two-factor authentication, so it's not a big deal.
ferrisg is offline  
post #11 of 68 Old 01-04-2012, 09:10 AM
AVS Special Member
 
NoThru22's Avatar
 
Join Date: May 2003
Location: Baltimore, MD
Posts: 9,200
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 4 Post(s)
Liked: 86
Quote:
Originally Posted by WalksInDarkness View Post

I do not know enough about you guys to know whether you are joking or not. But if not:

1) You are unnecessarily criticizing Deveng. I guess everybody else is perfect, and has never heard the saying "Sh*t happens"? Some of us have real lives ya know, and are not pedantic gits who get off on hyper controlling every minutiae of things. I think for most of the normal people gaming is a hobby, not something for which we keep a detailed project "best parctices" journal on.

2) And criticizing someone for lax spelling and formatting of posts is childish and pathetic. Again most of us have real lives, and that level of anal thinking is laughably unreasonable. Generally people who delve into insults over such things have self esteem issues, like being underemployed when weighed against their education. These seemingly angry and trite replies often reflect a lack of ability to debate the issues beyond a superficial level.

I'll get off my soap box now, because I have a real life...

The previous posts look like mostly helpful advice and not criticism to me. I think you're the one making the pedantic posts. Are you really arguing that everyone should use the same password everywhere because they shouldn't be bothered to remember more than one? This is an internet hall of game post right here!
NoThru22 is offline  
post #12 of 68 Old 01-04-2012, 02:38 PM - Thread Starter
AVS Special Member
 
deveng's Avatar
 
Join Date: Oct 2002
Location: Scottsdale, AZ
Posts: 1,573
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 31
Look, the whole point of this post was to potentially help fellow AVS'ers. The point of posting the long quotes was to explain the situation on why FIFA is a targeted game, and why people are hacking accounts. I have no idea how my account information was obtained by the hacker(s). I mention the lax security at EA as a possible source. I probably have at least 30 different online accounts between banking, investments, utilities, phones, ebay, amazon, car forums, gaming forums, photography forums, etc, etc. I cannot have 30+ passwords. If you are able to remember 30 passwords and the associated sign in information (which is also variable), then you are super human. I, like many people group accounts and passwords (gaming sites may have similar passwords, etc) to make the process easier. Until now, hacking a gaming account really would have limited benefit to the hacker other than perhaps someone maliciously posting on forums, or getting my account banned.

The fundamental problem is that now gaming on Xbox, and perhaps even on the PS3, is associated with credit cards (I have a zune pass, and xbox family plan which I started in October 2011, so it it almost impossible to remove credit card information and have a valid gold account because of the monthly subscription). Also, like many others here, I buy MS points when on sale, and then add it to my account so I can have a large amount at times. If EA and MS are going to act like a bank, then they need to have security like a bank. If I can call up EA and ask for darklordjames email address and password and EA freely gave it to me, why would this be darklordjames fault? Similarly, once you get the password, there is no added security to buy more and more stuff associted with the credit card (no pin, no 3-4 digit card number etc), so I can go on a spending spree because of no added secuity. The worst part is the EA is the only gaming company (on Xbox) to allow transferable content after you gamble/buy it. So of course it is a form of money laundering to professional hackers, steal money (in this case MS points) and use the EA servers and potential other sites to exchange ingame vitual curency (FIFA coins) for real money (dollars and euros).

Anyways, assuming EA was the leak, I learned my lesson, and hopefully this helps others.

Xbox and PS3 Gamertag = Xerostomia
Wii = I'm too lazy to get the number
deveng is offline  
post #13 of 68 Old 01-04-2012, 02:58 PM
 
darklordjames's Avatar
 
Join Date: Jun 2003
Posts: 7,909
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 93
" If I can call up EA and ask for darklordjames email address and password and EA freely gave it to me, why would this be darklordjames fault? "

Running with your pure conjecture that the leak is EA: EA didn't give out the login details for your Live account, as they do not have access to that data. That is unless of course you cloned the data between the two, which you already admitted to, which is extremely poor security policy on your end. In addition, you tied a credit card to your Live account. Nobody else did this for you. I have run my current Live account for four and a half years without a credit card attached to it, just like my PSN account, and just like my iTunes account.

When you hand your personal data out like candy, people will take it like candy. People like candy.
darklordjames is offline  
post #14 of 68 Old 01-04-2012, 03:24 PM
AVS Special Member
 
onlysublime's Avatar
 
Join Date: May 2005
Posts: 4,649
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 493
I applaud deveng for providing helpful tips. Reality is people do not have 30 passwords for 30 accounts. Most people use the same emails over and over and the same passwords over and over. We should have unique passwords for everything but we are human. Sure, I should not overindulge on junk food. But I do.

heck, my avsforum email is the same as my hotmail, i think (but the password is different, luckily).
onlysublime is offline  
post #15 of 68 Old 01-04-2012, 03:30 PM
AVS Special Member
 
onlysublime's Avatar
 
Join Date: May 2005
Posts: 4,649
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 493
Quote:
Originally Posted by ferrisg View Post

Lastpass was hacked months ago. However they have proper security policies in place for both their data storage and user interaction, in addition to offering both a free and paid variant of two-factor authentication, so it's not a big deal.

here's the details on the lastpass hack and how they've countered it. considering that they're a password company, it's pretty painful for them to get hacked. but at least they've been as transparent as possible:

http://blog.lastpass.com/2011/05/las...ification.html

if it's between only having 2-3 passwords and emails across all my accounts versus using a service like lastpass or 1password so that I can have a unique password for every single account, I would use the service. but if you are to use a few passwords, at least put a combination of upper and lower case characters as well as some numbers. and avoid proper nouns, dictionary words, etc.
onlysublime is offline  
post #16 of 68 Old 01-05-2012, 10:12 AM
AVS Special Member
 
tgable's Avatar
 
Join Date: Dec 2002
Posts: 3,350
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 6 Post(s)
Liked: 78
Quote:
Originally Posted by darklordjames View Post

The only problem here is that you have a poor security policy of using the same login data at multiple sites. Not EA, nor Microsoft, nor the "crazy" Europeans are to blame, only yourself.

Ah, the old blame the victim and stand up for the billion dollar corporations.

Now playing: Watch Dogs

Recently Finished: Southpark: Stick of Truth, Infamous: SS

PSN & XBL: Scuzzlebutt33

tgable is offline  
post #17 of 68 Old 01-05-2012, 10:20 AM
AVS Special Member
 
jagouar's Avatar
 
Join Date: Aug 2001
Location: College Station, TX
Posts: 5,762
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 10
Quote:
Originally Posted by onlysublime View Post

here's the details on the lastpass hack and how they've countered it. considering that they're a password company, it's pretty painful for them to get hacked. but at least they've been as transparent as possible:

http://blog.lastpass.com/2011/05/las...ification.html

if it's between only having 2-3 passwords and emails across all my accounts versus using a service like lastpass or 1password so that I can have a unique password for every single account, I would use the service. but if you are to use a few passwords, at least put a combination of upper and lower case characters as well as some numbers. and avoid proper nouns, dictionary words, etc.

I use and love lastpass but for something like this its still not that useful.... namely because you still have to manually enter it to get access to your xbox account (and I have my live account tied to a bunch of different services.... mail, skydrive, zunepass, xbox, etc). Would be nice if lastpass could put out an addin where it could work with the xbox but I don't see that happening anytime soon. I do have my live account with a separate password from everything else so hopefully I will stay safe. They should also put out that pin code stuff for your account (or use the companion app) for 2 factor authentication..... that goes a very long way in protecting you from hacking attempts.

I actually had a friend get his account hacked and is locked out for the next month so it does seem to be happening quite a bit.
jagouar is offline  
post #18 of 68 Old 01-05-2012, 10:44 AM
AVS Special Member
 
bassmonkeee's Avatar
 
Join Date: Dec 2006
Posts: 4,713
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 10
Why is everyone acting like this is the first Darklordjames post they've seen? This is SOP for him.

PSN/XBL: bassmonkeee
Wii number: Who cares?
bassmonkeee is offline  
post #19 of 68 Old 01-05-2012, 10:45 AM
AVS Special Member
 
onlysublime's Avatar
 
Join Date: May 2005
Posts: 4,649
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 493
Quote:
Originally Posted by jagouar View Post

I use and love lastpass but for something like this its still not that useful.... namely because you still have to manually enter it to get access to your xbox account (and I have my live account tied to a bunch of different services.... mail, skydrive, zunepass, xbox, etc). Would be nice if lastpass could put out an addin where it could work with the xbox but I don't see that happening anytime soon. I do have my live account with a separate password from everything else so hopefully I will stay safe. They should also put out that pin code stuff for your account (or use the companion app) for 2 factor authentication..... that goes a very long way in protecting you from hacking attempts.

I actually had a friend get his account hacked and is locked out for the next month so it does seem to be happening quite a bit.

that's different. as long as you keep the live account to its own ecosystem, it's separate whether it's hotmail or Xbox or Zune Pass or Skydrive. for someone to gain entry requires them to go through the same authentication process. as long as you're not sharing information between different accounts, that's enough.

just like you can keep all the google stuff together.
onlysublime is offline  
post #20 of 68 Old 01-06-2012, 07:37 AM
AVS Special Member
 
tgable's Avatar
 
Join Date: Dec 2002
Posts: 3,350
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 6 Post(s)
Liked: 78
http://72.52.200.148/forum/showpost....36&postcount=1

Hackers selling XBL accounts.

Now playing: Watch Dogs

Recently Finished: Southpark: Stick of Truth, Infamous: SS

PSN & XBL: Scuzzlebutt33

tgable is offline  
post #21 of 68 Old 01-06-2012, 11:37 AM
AVS Special Member
 
RY35AN's Avatar
 
Join Date: Apr 2007
Location: Pasadena, CA
Posts: 1,143
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 10
Quote:
Originally Posted by darklordjames View Post

The only problem here is that you have a poor security policy of using the same login data at multiple sites. Not EA, nor Microsoft, nor the "crazy" Europeans are to blame, only yourself.

Seriously, do you need to make it a point to be such an ass to everyone?

You've got to be the most miserable sounding person I've seen. Every response from you is negative towards someone.

XBOX 360-RY35AN
PS3-RY35AN
RY35AN is offline  
post #22 of 68 Old 01-06-2012, 12:08 PM
AVS Special Member
 
kjr39's Avatar
 
Join Date: Nov 2006
Posts: 2,682
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 1 Post(s)
Liked: 54
Quote:
Originally Posted by jammybastard View Post

4 passwords with various level of security (letters/letters&numbers/cap letters&lower case letters&numbers) + Last Pass.


I'm a regular FIFA player and I've never ben hacked.



...and this is where you lost me.
You need to look up the definition of "money laundering".
These card packs are the equivalent of an "in app" purchase and are not necessary to play the game. EA isn't forcing anyone to buy them and allowing ppl to use their MS points to buy them is about making more money not laundering it.

One more thing:
Learn to use the "quote" tags.
Learn to cut and paste a link to any website you cite.
It's spelled "losing" not "loosing".
if you want credibility you need to learn to spell correctly, or at least learn to use spellcheck.

Yeah, but it's not FIFA, it's FUT.

I'm very active over at the FUT 12 forum (that's where I've been lately...sorry.) and can tell you that hacking is a common occurrence.

People are social engineering EA's online or call centers to gain access to your account by having the EA personnel change your password or give them your password.

Once a day over there someone is complaining about being hacked and having all of their players

Salminella Now Better with Kinect: 360 PSN

Official member and mascot of the AVS' Xbox 360 Elite Club of Awesomeness
kjr39 is offline  
post #23 of 68 Old 01-06-2012, 12:11 PM
AVS Special Member
 
kjr39's Avatar
 
Join Date: Nov 2006
Posts: 2,682
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 1 Post(s)
Liked: 54
For example: http://forum.ea.com/uk/posts/list/1303808.page

Salminella Now Better with Kinect: 360 PSN

Official member and mascot of the AVS' Xbox 360 Elite Club of Awesomeness
kjr39 is offline  
post #24 of 68 Old 01-06-2012, 01:34 PM
AVS Special Member
 
DaverJ's Avatar
 
Join Date: May 2003
Location: Tennessee
Posts: 6,549
Mentioned: 3 Post(s)
Tagged: 0 Thread(s)
Quoted: 27 Post(s)
Liked: 316
Word is getting around.


Sub-1080p/60fps is not next-gen.


Console gamers curious/interested in PC gaming? Click here.
DaverJ is online now  
post #25 of 68 Old 01-06-2012, 01:55 PM
AVS Special Member
 
coyote_5's Avatar
 
Join Date: Dec 2007
Posts: 2,775
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 139
Quote:
Originally Posted by RY35AN View Post

Seriously, do you need to make it a point to be such an ass to everyone?

You've got to be the most miserable sounding person I've seen. Every response from you is negative towards someone.

New around here huh?

XBOX Live: Ell Dudereno
coyote_5 is offline  
post #26 of 68 Old 01-06-2012, 02:55 PM
Member
 
AutoWobble's Avatar
 
Join Date: Aug 2011
Location: Los Angeles
Posts: 177
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 16
I, for one, appreciate the heads up. This is becoming a bigger and bigger deal as time goes on and it looks more and more like there is a leak from Microsoft at this point.

And Microsoft doesn't make it easy either. My Windows Live ID was created using an email I don't have access to anymore. Fortunately, I was able to change the ID (before you couldn't), but the old email is still in my alternate emails and I can't delete it or confirm other emails without an instructional message being sent to that old email! It's ridiculous. Even trying to confirm a mobile number means an email will be sent to that old email, not directly to my phone.

And some people, like Gold Family packs, are required to have a CC on Xbox Live in order to have the family pack. Which means that they're extra vulnerable.

No one is safe! Spend your remaining MS points on Avatar items until the thieves have no points left to spend!

Xbox Gamertag: Autowobble
AutoWobble is offline  
post #27 of 68 Old 01-06-2012, 06:19 PM
AVS Special Member
 
Leo_Ames's Avatar
 
Join Date: Feb 2007
Posts: 2,367
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 19 Post(s)
Liked: 197
Makes me glad I use subscription and points cards. At least then if someone managed to gain access to my account, the resulting damage will be minimized to the inconvenience of losing my account while MS investigates and the few MS points on my account (Which is usually only a couple hundred points).
Leo_Ames is online now  
post #28 of 68 Old 01-06-2012, 06:23 PM
AVS Special Member
 
onlysublime's Avatar
 
Join Date: May 2005
Posts: 4,649
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 493
Quote:
Originally Posted by AutoWobble View Post


No one is safe! Spend your remaining MS points on Avatar items until the thieves have no points left to spend!

LOL. so you're the guy wearing the tutu, beanie, carrying the last of the Gears of War guns...
onlysublime is offline  
post #29 of 68 Old 01-06-2012, 07:26 PM
AVS Special Member
 
mikepaul's Avatar
 
Join Date: Jan 2004
Location: Columbia, SC
Posts: 1,633
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Liked: 18
Well, there's no way to JUST use prepaid cards to keep a LIVE account going. My account was 'hacked' due to not remembering to update the password when it was discovered elsewhere. It took WEEKS to get full control again once I reported it, due I guess to Microsoft's policy of not trusting any complaint until it's WELL researched. Every day, I'd log in then I'd have to update the credit card info so I could be REALLY logged in, then after like 40 minutes I'd be quietly logged out so my Achievements got no date. Finally they agreed someone other than me had spent my points and they gave me a refund while taking back what had been 'stolen', although why the purchases went to me instead of a gift to someone else still puzzles me.

So you NEED credit card info, but it's fairly hidden once there so only LIVE purchases should be an issue if the account is compromised, and you get emails on those (which alerted me to the issue). Unless I missed something like a way to get the whole card number in the weeks I had to touch my CC info to get logged in...

LIVE: mikepaul
PSN: mikewpaul
mikepaul is offline  
post #30 of 68 Old 01-06-2012, 09:15 PM
AVS Special Member
 
Morkeleb's Avatar
 
Join Date: Apr 2004
Location: Unknown
Posts: 1,056
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 2 Post(s)
Liked: 14
^ I'm not sure what you mean by there's no way to keep an xbox live account going with prepaid cards only? As I do just that. Prepaid Points and Prepaid Membership cards only for the last 2-3 years. Maybe I just misread your post. I tend to do that.

Disclaimer:
The words above are based on loose facts mixed with my opinion, the latter of which is subject to change.

Gamertag Morkaleb
PSN Archathema
Morkeleb is online now  
Reply Xbox Area

User Tag List

Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page


Forum Jump: 

Posting Rules  
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off