I have a couple friends who've had their accounts hacked and credit cards charged for over a hundred dollars each. There's a 5 page thread at Neogaf with people describing their troubles and then their subsequent lengthy experiences with xbox live support. And it seems the problem isn't limited to Live but also to Games for Windows accounts too.
Someone used my debit card to buy $75 worth of Microsoft Zune points and spent all the points on my xbox. They bought From Dust, Vanquish someone warhammer arcade game and something else. Spent all the points exactly.
When I went to my local bank of america to file a claim and get a new card the guy there said this happens all the time with Xbox Live users. He says he just got off a phone call with an Xbox live representative a couple days ago and they explained everything.
Apparently they "hack" your xbox, or your account etc., use your stored payment information to buy around $75 worth of points. Apparently $75 worth of points is just under the amount Microsoft considers suspicious. If you purchase more (around 10,000) they flag your account for fraud.
They then spend the points but do not download the games. Somehow, he didn't explain this part thoroughly, they call up microsoft and say they want the points refunded as a gift card. They sell these gift cards on ebay.