To make a long scam short: users received a supposedly legitimate mail from Xbox Support, which informed them about changes being made to their accounts, plus the addition of new features. A link was provided to log in and test the so-called features. As expected, the link actually lead to a fake Passport login page, created to steal users’ logins and passwords.

Microsoft confirmed the reports in an email to NextGen. The Xbox maker states that it has already taken several steps to protect its users’ accounts. The first three measures on the list are:

– Retraining all customer support representatives
– Examining the policies and processes for account recovery
– Continuing to monitor the situation closely to take appropriate action as necessary

Furthermore, Microsoft announced it would reimburse “any customer whose account has been compromised in this fashion. If they have lost content such as Xbox Live Arcade games, we will provide the customer with replacement content at no charge”.

So Xbox Live users are pretty much covered from future scams. However, being more careful and not rushing to click a link or to share information with unknown users should also be on top of their “watch out” list.