In the world of gaming, more and more buzz is being generated around recent ‘hackings’ of people’s accounts. How some of it is happening is well beyond my capacity of understanding. I started hearing of “the FIFA Hack” a few weeks ago, with the story building up to one of the staff writers at Joystiq even being hacked. It doesn’t directly involve the use of FIFA, but an alarming number of those impacted are noting that FIFA Annual Game Passes are being purchased on their accounts. Most recently, a fellow Xbox Live Ambassador had her account compromised and a whole series of problems continued.
You can read about the experiences that my fellow Ambassador, LadyElysium, had encountered on her website dedicated to the recent rash of hackings, HackedOnXbox. Susan Taylor does an excellent job of letting out her frustrations, while keeping her cool.
So what can you do to protect yourself? The sad part is, I’m having a hard time figuring that out myself. I wanted to see what would happened if I tried to change my own password on Xbox.com. What was funny was that there were no social engineering questions I could use to ‘hack’ my way in to my account – the closest possible thing was resetting via email. The thing that concerns me there is the fact that I have TWO email accounts that it says it will send my password reset to – and considering I sign in to one of those two once every six months or so, I figured I should make sure it was not associated with my account. I can’t. I can’t find anywhere on Xbox.com or Live.com to remove the second email address my password reset email would go to!
Stay tuned on Sunday for what I hope to be a little more in depth list of steps you can take to to protect yourself, but for now the best thing I can suggest as a “STEP ONE” would be to remove any payment options you have on your account. I’ve NEVER given my credit card details to Microsoft, in any way. …That was, until recently. A limitation (see: hindrance) of the Windows Phone 7 platform is that they’re not letting you use Microsoft Points to make purchases – you must use a credit card.
I wanted to buy one Xbox Live game for my phone – I had to enter my credit card details. Once the purchase went through, I IMMEDIATELY navigated to live.xbox.com, clicked on My Account, then Manage Payment Options, and REMOVED my registered credit card. I would advise you to remove a PayPal account, if you have one associated with your account, as well. Anything else I purchase, whether it’s Gold subscriptions or Xbox Live Arcade games, is all done WITH Microsoft Points which I purchase the prepaid cards for, at my local big box retailer.
Detailed instructions are, as always, on Microsoft’s support site, and I hope to have more account tightening tips for you this weekend.