I randomly got 10,000 MS points deposited and Fifa Achievements?

  • 67 results
  • 1
  • 2
#1 Posted by GenghisJohn (256 posts) -

Havent done much on my xbox since xmas, I went to my quickplay and noticed that I had 30 achievements all from Fifa 12 which I do not own, and all dealing with the Ultimate team. Remembering there was some kind of scam involving account stealing I checked my points and I have 10000 ($125)MS points in my account?

Anybody have any ideas?

#2 Posted by laserbolts (5324 posts) -

Check your credit card if you have one linked to it. If you don't then enjoy the free points.

#3 Edited by AlexW00d (6283 posts) -

Change your password right now.

#4 Posted by N7 (3590 posts) -

Give me a loan.

#5 Posted by GenghisJohn (256 posts) -

Yeah I just changed the password to my xbox, facebook, and email

#6 Posted by kermoosh (911 posts) -

cool, well hopefully you didn't end up paying for those points

#7 Posted by AlexW00d (6283 posts) -

Check with your bank to see if you paid for them, if not, enjoy them free points.

#8 Posted by Little_Socrates (5677 posts) -

Definitely check that password, but this may have been some reverse hacker Christmas.

#9 Posted by GenghisJohn (256 posts) -

just checked, they bought with my credit card

#10 Edited by Cwaff (1260 posts) -

@GenghisJohn: Had this happen to me, except they used my card to buy the points and spent them all too. Still trying to get my money back from Microsoft who after 2 phonecalls and 50 days of waiting say they can't see anything wrong.

#11 Posted by Azteck (7449 posts) -

Oh dude, that sucks. See if MS can do something about it perhaps?

#12 Posted by Rawrnosaurous (768 posts) -

Tell microsoft you know the mayor of Boston, it'll get shit done.

#13 Posted by GenghisJohn (256 posts) -

Yep, fuckers spent 4500 points, then used my account to buy 10,000 more points. Just had to cancel my credit card, I want to call MS to get this straightened out but I dont know if they will lock my account I was one of the guys who got the UFC PPV free and I dont wanna miss it

#14 Posted by The_Laughing_Man (13629 posts) -

@GenghisJohn said:

Yep, fuckers spent 4500 points, then used my account to buy 10,000 more points. Just had to cancel my credit card, I want to call MS to get this straightened out but I dont know if they will lock my account I was one of the guys who got the UFC PPV free and I dont wanna miss it

So this shit IS connected to that Fifa game.

#15 Posted by Moncole (636 posts) -

Look at the bright side, you wont have to buy MS points for a while

#16 Posted by gamma_male (69 posts) -

@GenghisJohn: How much would it cost to get that UFC PPV if it weren't free? More or less than the amount you've been charged on your credit card? Either way, this is the advice from GB's article. By the look of this it's not that painful to sort out as long as you can regain control of your Windows Live account.

GB: When they discover an unauthorized purchase or a change of their Avatar or something where they suspect their account has been compromised in some fashion, what is the immediate step they should take to start the process to take their account back to where it was before?

Toulouse: The first thing that they should do is to go to Live.com and try to login and try to change the password on the account. Sometimes the attacker won’t change the password. Once that’s done, they’ve re-assumed control of the account, and they should recover their gamertag to their console--or attempt to. Then, they can dispute the charge with their bank or they can give us a call and we can start the process to refund the points. If they cannot log into Live.com or recover the account, they should immediately call us.

#17 Posted by GenghisJohn (256 posts) -

Quick update:

Account hacked, 4500 MS Points spent. Then they bought 10,000 more points on my credit card. I think I got to the account before they had the chance to spend the 10,000 that they bought. Credit card cancelled, account locked, no live for 3 weeks, no free ppv.

EVERYONE CHANGE YOUR XBOX, FACEBOOK, AND EMAIL PASSWORDS

#18 Posted by handlas (2685 posts) -

so uh...how did this happen to you? Do you know?

#19 Edited by Sooty (8082 posts) -

I have never ever ever had anything like this happen, what kind of password system do you use? Use numbers, uppercase and lowercase combinations in your passwords.

Use a decent web browser, e.g. Chrome, Firefox, Opera, have an anti-virus installed (MSE is the best for free on Windows) on OS X I don't bother with an anti-virus but on my PC I do, just in case.

A good email service helps too, Gmail catches a lot of phishing emails, all in all just be extra sceptical of any links you see emailed to you or sent over IM chats.

#20 Posted by Demoskinos (14883 posts) -

Well that sucks duder. Not the best way to start out the new year. :(

Online
#21 Posted by Napalm (9020 posts) -
@Cwaff said:

@GenghisJohn: Had this happen to me, except they used my card to buy the points and spent them all too. Still trying to get my money back from Microsoft who after 2 phonecalls and 50 days of waiting say they can't see anything wrong.

Contact your bank and dispute it with them.
#22 Posted by gamma_male (69 posts) -

@The_Laughing_Man: I can't see what else it could be. Ultimate Team coins are transferable between accounts. If you want you can buy them on eBay. You can even find specific player cards for sale. It's been going on since, I think, FIFA 09 so it's obviously quite a lucrative business. The game itself is quite ingenious. It's a card collection game where you make these virtual coins by playing games with the players in your card deck. FIFA is already a hugely popular game and this adds another incentive for people to play. Like most things, some people don't have the patience to earn the coins themselves so they turn to those people who can in exchange for real-world cash. It's effectively the same gold-farming that blights WoW.

The problem is how to stop it. It's obviously a feature people are very happy with. Do they remove it when most users don't resort to this behaviour?

Do they prevent the transfer of coins between accounts? What do MS do about ensuring our accounts are safe without treating people with legitimate queries like common criminals? It's a complete minefield. I feel sorry for everyone involved, except for the dirty bastards who are stealing from people, natch.

#23 Posted by Napalm (9020 posts) -
@GenghisJohn said:

Quick update:

Account hacked, 4500 MS Points spent. Then they bought 10,000 more points on my credit card. I think I got to the account before they had the chance to spend the 10,000 that they bought. Credit card cancelled, account locked, no live for 3 weeks, no free ppv.

EVERYONE CHANGE YOUR XBOX, FACEBOOK, AND EMAIL PASSWORDS

Fuck man, you're starting to make me nervous.
#24 Edited by C0V3RT (1377 posts) -

That sucks dude. Last night I freaked out, my wife said that earlier in the day my hotmail account that I use for live that I haven't sent anything from in years sent out spam. I immediately changed my password (twice) and removed my credit card off my profile.

#25 Posted by mordukai (7153 posts) -

Shit that sucks. Some people are just waste of space and air.

#26 Posted by Hizang (8532 posts) -

That is pretty bad, I missed all of this Fifa stuff, surely you could get compensation from the game developers if not them Microsoft?

#27 Posted by MB (12525 posts) -

There was another user on Giant Bomb recently who this happened to, it took a couple of weeks for Microsoft to return his points and restore his account.

It seems like you either got phished, got a trojan on your computer, or had a weak password.

Moderator
#28 Posted by UltorOscariot (207 posts) -

I'm pretty tired of Microsoft letting EA's soccer game spiral into this scale of a black market. I had my own account hijacked 2 months ago for what I suspect Fifa was part of it as well. I want an option on my Live profile that causes the Xbox my profile is being used on to explode if it my profile comes into contact with Fifa, because that game has no place in my console.

#29 Posted by Demoskinos (14883 posts) -
@MB

There was another user on Giant Bomb recently who this happened to, it took a couple of weeks for Microsoft to return his points and restore his account.

It seems like you either got phished, got a trojan on your computer, or had a weak password.

Social Engineering tricks have been used to gain access in some cases. Either way like others have said you should NEVER EVER click on links in emails/twitter/Facebook unless your 110% sure what they are.
Online
#30 Posted by Questionable (619 posts) -

@Demoskinos said:

@MB

There was another user on Giant Bomb recently who this happened to, it took a couple of weeks for Microsoft to return his points and restore his account.

It seems like you either got phished, got a trojan on your computer, or had a weak password.

Social Engineering tricks have been used to gain access in some cases. Either way like others have said you should NEVER EVER click on links in emails/twitter/Facebook unless your 110% sure what they are.

Or you use your smartphones browser if you are really curious. Pretty much all exploits are platform specific

#31 Posted by Village_Guy (2598 posts) -

@Questionable said:

@Demoskinos said:

@MB

There was another user on Giant Bomb recently who this happened to, it took a couple of weeks for Microsoft to return his points and restore his account.

It seems like you either got phished, got a trojan on your computer, or had a weak password.

Social Engineering tricks have been used to gain access in some cases. Either way like others have said you should NEVER EVER click on links in emails/twitter/Facebook unless your 110% sure what they are.

Or you use your smartphones browser if you are really curious. Pretty much all exploits are platform specific

Smartphones aren't secure, so if you are really curios you should only view it on your phone if you have nothing worth losing on the phone.

#32 Posted by gamma_male (69 posts) -

@Hizang: Ford aren't liable if one of their cars is used in a bank robbery. ISPs aren't liable if their network is used to transmit child pornography. The same applies here. Microsoft has security systems that work as well as can be reasonably expected. They're not completely secure but no system is. FIFA 12's Ultimate Team is a fun game that isn't advertised as a means to make stacks of real-world cash from complete imbeciles with more disposable income than sense. Even those selling Ultimate Team coins legitimately over eBay aren't liable because what they're doing isn't illegal.

The only ones liable are the ones hacking accounts and committing credit card fraud. Hopefully they'll be brought to justice sooner rather than later.

#33 Posted by Sterling (2361 posts) -

Sorry to hear man. Hopefully MS will refund the transaction for you.

This happened to me on the the 15th of this month. I didn't have a payment option linked to my account so they were not able to buy anything. But I had points on my account, which they spent on Gold Player packs. Since I myself was only out 2200 points I didn't bother contacting MS as I didn't want my account locked. I know why my account was hacked though. I had changed my password to something simple to allow my nephew to use it for a while. Totally my fault.

#34 Edited by JasonR86 (9715 posts) -

@GenghisJohn:

You ever hear the saying "don't look a gift horse in the mouth"?

EDIT:

Saw your update. Shitty dude, hope you can get retribution.

#35 Posted by GenghisJohn (256 posts) -

@Sooty: I have a virus scanner, I use chrome, I don't go to 1337 wArEz siteZZZZ. My 360 and facebook accounts are linked, I imagine there is some exploit in the Fifa 12 facebook game that allows them to get access to my account, recover my gamertag, and spend/buy shit

#36 Posted by Demoskinos (14883 posts) -

Gotta say I'd be up for a Steam Guard like system for XBL profiles. Its a bit of a hassle but even if they get your password you have a second line of defense.

Online
#37 Posted by BigSocrates (375 posts) -

This frickin' sucks on a bunch of levels (the loss of the free PPV especially). On the other hand, I don't really think it's FIFA or Microsoft's fault unless there is some specific security weakness in their software (like in a facebook game or whatever.) It seems like FIFA ultimate team cards are being used just because they are virtual items of value. If it weren't them it would be something else. What is interesting to me is the specificity of FIFA with this, since Ultimate Team modes exist in Madden and other EA Sports games. Is it because the thieves are European and don't really know about Football or Hockey, or is it because FIFA ultimate team is really that much bigger as a market?

Anyway, good luck with getting your stuff restored.

#38 Posted by Cwaff (1260 posts) -

@Napalm: Wise words from a wise man. I think I better do that!

#39 Posted by oobs (339 posts) -

yes..good luck with it..and just hope they never purchased other things since they have your number..so i hope you cancelled your credit card also

#40 Posted by Demoskinos (14883 posts) -
@BigSocrates Internationally FIFA is a MUCH bigger game in the long run. The potential market opens itself up greatly. And seeing in most cases these guys usually have a small window to turn a profit before the account is locked they probably wanna get in and get out as quickly as possible.
Online
#41 Posted by GenghisJohn (256 posts) -

Yep, card is cancelled. New card on the way, just wanted to stop in and say thanks for all the support guys. GB is the best community anywhere!

PS: Thank god I have Skyrim to play offline

#42 Posted by Bollard (5599 posts) -

This is why I never use any service which saves my credit card details. Asking to be robbed.

#43 Posted by Demoskinos (14883 posts) -
@Chavtheworld Except your a whiskey member and they save your CC info? :/ Just saying.....
Online
#44 Posted by Subjugation (4722 posts) -

I was wondering if this stuff had died down. Apparently not. I feel for you man, hopefully you can get all of this resolved to your satisfaction. If you don't already use Gmail, start using it. It logs suspicious activity and lets you know the locations and IPs of whoever accesses your account. That's what potentially saved me when I logged into my email one morning to have Google tell me, "Yo, we just thought you should know some sketchy stuff has been going on with your email." Apparently in the wee hours of the morning before I woke up someone in Thailand was accessing my email account. Scary stuff for sure.

#45 Posted by Liam_mk (290 posts) -

Well obviously we just need to kill off all the soccer players. Seems like the only logical course of action here.

#46 Posted by Bollard (5599 posts) -

@Demoskinos: Huh, didn't think they would when I'm not signed up for a renewable subscription, I just bought a single use card to give me a year of membership when they were on sale.

#47 Posted by Demoskinos (14883 posts) -

@Chavtheworld: They have those? I was under the impression that they only did CC and Paypal.

Online
#48 Edited by Bollard (5599 posts) -

@Demoskinos: I did pay for it by Debit Card, however as it was a one time use code that got emailed to me I was thinking they wouldn't need to store my card for like renewal purposes. Hopefully.

EDIT: In particular I used this: https://auth.whiskeymedia.com/gift/ but then activated the code on my own account. When I navigate to it now there are no details automatically entered, so I believe nothing was saved.

#49 Posted by rickkybobby (4 posts) -

OK this just happened to me this morning at 5 am.. unbelievably i was online at the time as it all unfolded in front of me..now,, i dont use my Xbox much at all ever... it just sits there... about 6 months ago we wanted to see a movie so i put my PayPal info in my Xbox and rented the movie.. haven't used it since..im an above average computer person.. i build them, work on them etc. i know my way around.. i use Mozilla Firefox and have Norton anti virus running all the time. i dont open stupid emails at all.. i use last Pass password generator for all my passwords.. but what i found out was the password i had for my Xbox live was weak and not thru last pass i just forgot that one for some reason .. anyway... Here is how they got to me...somehow they got in my windows live account/Xbox live and added a second email.. once they had the second email account they bought 10000 Microsoft points and i assume the next step was to transfer them or just hijack my account all together.. but i was online checking my mail and saw this going on.. immediately i changed my password and deleted the shitheads new email account he added..called PayPal and Microsoft to dispute the charges... the points are still in my account and im hoping that Microsoft will just take them back..Funny thing is, if the moron would have just charged me once it may have slipped by.. But he bought points 7 different times at 19.99 a time..pretty obvious when email start coming in.. the reason for the multiple times is, they will try for small amount at a time till the account is maxed rather than just trying to get 200 or 300 dollars worth at 1 time and may get nothing..After this experience i think im done with the Xbox all together.. i dont use it much and prefer CPU games over Xbox anyway..i changed all my passwords and removed all CC and PayPal info from my Xbox. i have never been hacked ever, even when my passwords where the easiest to figure out. i really think the live Hotmail is the problem and the easy way into your Xbox. check your emails in Xbox live and make sure you only have the ones that are suppose to be there.. you will find my Xbox on eBay next week.. im done with it

#50 Posted by I_smell (3924 posts) -
@rickkybobby said:

im an above average computer person.. i build them, work on them etc. i know my way around.. i use Mozilla Firefox and have Norton anti virus running all the time. i dont open stupid emails at all.. i use last Pass password generator for all my passwords.. but what i found out was the password i had for my Xbox live was weak and not thru last pass i just forgot that one for some reason ..

Hey, here's a thing I saw the other day- I don't know how password hacking works, but is it true that using a group of regular words is more secure than using a bunch of crazy symbols?

This edit will also create new pages on Giant Bomb for:

Beware, you are proposing to add brand new pages to the wiki along with your edits. Make sure this is what you intended. This will likely increase the time it takes for your changes to go live.

Comment and Save

Until you earn 1000 points all your submissions need to be vetted by other Giant Bomb users. This process takes no more than a few hours and we'll send you an email once approved.