If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

MS admits being duped

Retraining support staff after Live account hijacks.

Microsoft has admitted that some Xbox Live accounts have been compromised by fraudsters using well-known social engineering techniques on its support centre employees.

Last week the platform holder denied reports that Xbox Live security had been breached, effectively pushing the responsibility back onto the user by claiming accounts were being compromised by "phishing" - the practice of sending apparently legitimate emails to users that encourage them to log into fake "official" websites, thus surrendering their account details.

However, now it appears that certain accounts were compromised by another fraud favourite: "pretexting". Pretexting involves creating a believable scenario to convince somebody on the other end of the phone to hand over somebody else's sensitive account information. Xbox Live director of programming Larry Hryb that a security researcher, Kevin Finisterre, discovered this was happening "through our support centre".

"Kevin gave me a call directly and once I realised what he was talking about (he sent me some painful-to-listen-to audio files) I confirmed that the team is fully aware of this issue. They are examining the policies, and have already begun re-training the support staff and partners to help make sure we reduce this type of social engineering attack."

Hryb went on to offer an apology of sorts. "There's no other way to say it; this situation shouldn't have happened. Our customers deserve better. The Xbox team takes what happened and the resolution of it very seriously."

"Finally, I chatted with Kevin earlier today and thanked him for bringing this issue to our attention. I also let him know that we have a much better understanding of this issue and that we are reviewing the processes in place to help prevent this in the future," Hryb concluded.

Will you support Eurogamer?

We want to make Eurogamer better, and that means better for our readers - not for algorithms. You can help! Become a supporter of Eurogamer and you can view the site completely ad-free, as well as gaining exclusive access to articles, podcasts and conversations that will bring you closer to the team, the stories, and the games we all love. Subscriptions start at £3.99 / $4.99 per month.

Tagged With

About the Author

Tom Bramwell avatar

Tom Bramwell

Contributor

Tom worked at Eurogamer from early 2000 to late 2014, including seven years as Editor-in-Chief.

Comments

More News

Latest Articles

Supporters Only

Eurogamer.net logo

Buy things with globes on them

And other lovely Eurogamer merch in our official store!

Eurogamer.net Merch