US-CERT is aware of reports that some users on the Xbox 360 video game system are receiving potential phishing attempts through an in-game messaging service.  In-game message phishing is not a Microsoft issue and has nothing to do with Xbox LIVE.  Games are products of third party developers that are playable on Xbox LIVE and other gaming systems.

Microsoft has posted a service alert on the Xbox LIVE status page regarding this issue.

US-CERT encourages users to take the following measures to protect themselves from these types of phishing attacks:
* Refer to the Recognizing and Avoiding Email Scams (pdf) document
for more information on avoiding email scams.
* Refer to the Avoiding Social Engineering and Phishing Attacks
document for more information on social engineering attacks.

Relevant Url(s):
<http://www.us-cert.gov/cas/tips/ST04-014.html>

<http://support.xbox.com/en-us/Pages/xbox-live/xbox-live-status.aspx>

<http://www.us-cert.gov/reading_room/emailscams_0905.pdf>

Comments are closed.