Microsoft’s Latest Security Breach: How to Protect Your Accounts Against Hackers

Chinese hackers working for the company iGSKY have been sued by Microsoft for breaking into multiple Xbox accounts. Court documents detailing the incident reveal that Microsoft employees happened upon an iGSKY website by accident, where users could illegally purchase credits for use on various Microsoft gaming platforms. These credits were purchased using credit cards attached to compromised Microsoft accounts.

The iGSKY and Gameest Hacking Partnership

After running a series of test transactions on the hacked Xbox platforms, Microsoft employees discovered that the iGSKY site’s operator, Gameest International Network Sales, Co. Ltd., had accessed Xbox users’ credit card information when the users purchased gaming credits through their account. This well-known hacking technique is called phishing. These phishing scams often involve disguising a malicious webpage to look like a well trusted site, such as a site for a bank, social networking site, or gaming platform.

Once a user logs into the bogus site, hackers are able to obtain information linked to that user’s account, such as passwords and personal and credit card information. It is estimated that in 2013, hackers made over 5 billion US dollars from phishing campaigns, including from those involving fraudulent websites. Despite this recent scandal, Microsoft continues to be a leader in the fight against hacking and phishing scams, and employs hackers to teach Microsoft computer scientist how to create more secure user platforms.

How You Can Protect Your Microsoft Accounts

Our Microsoft accounts contain many important aspects of our work and personal lives. So how do you keep these accounts safe? Here are a few helpful tips and tricks. While password encryption practices are common knowledge for many hackers and computer users alike, many do not know how to create safer security question answers. Instead of inserting a legitimate answer for security questions such as “What is your mother’s maiden name?” and “What is the name of your first pet?”, consider using an answer that you might use for an actual password, such as aA7b9C, or whatever else you may choose. This way, hackers will not be able to guess the answers to your security questions based any knowledge of you that may be available online.

Compromised Microsoft accounts can be prevented by doing your research to avoid downloading software infected with malware. There are many legitimate sites that let you buy and download Microsoft Office for cheap prices. Legitimate Microsoft Office products will always feature a product key, a Microsoft online account, a Microsoft product license, and of course, the software you are purchasing. Always look at the layout you are purchasing you Microsoft product from. Malicious sites will often be laced with incorrect spelling, improper grammar, and feature a poor site design. Lastly, as the old saying goes, if you think something is too good to be true, it probably is.

Hacking as a Career

Keeping up knowledge of hacking and network security could one day land you a job at Microsoft. Microsoft and other tech companies are known for hiring hacker to hack into their systems and identify bugs in their software. Microsoft has even been known to offer up to $100,000 for information about bugs in their security systems and products before they are released to the public. Continuing your hacking skills will be increasingly important for the job market of the future as computer technology fields continue to grow year after year. 
Irfan Shakeel
Irfan Shakeel, the founder of ehacking project, he also hosts cyber security training classes at EH Academy. He has discovered many vulnerabilities in the famous platforms (like Google, Dailymotion, Harvard University & etc.). He specializes in Network hacking, VoIP pentesting & digital forensics. He is the author of the book title “Hacking from Scratch”.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...