CIP Cyber

Microsoft’s Latest Security Breach: How to Protect Your Accounts Against Hackers

Table of Contents

Chinese hackers working for the company iGSKY have been sued by Microsoft for breaking into multiple Xbox accounts. Court documents detailing the incident reveal that Microsoft employees happened upon an iGSKY website by accident, where users could illegally purchase credits for use on various Microsoft gaming platforms. These credits were purchased using credit cards attached to compromised Microsoft accounts.

The iGSKY and Gameest Hacking Partnership

After running a series of test transactions on the hacked Xbox platforms, Microsoft employees discovered that the iGSKY site’s operator, Gameest International Network Sales, Co. Ltd., had accessed Xbox users’ credit card information when the users purchased gaming credits through their account. This well-known hacking technique is called phishing. These phishing scams often involve disguising a malicious webpage to look like a well trusted site, such as a site for a bank, social networking site, or gaming platform.



Once a user logs into the bogus site, hackers are able to obtain information linked to that user’s account, such as passwords and personal and credit card information. It is estimated that in 2013, hackers made over 5 billion US dollars from phishing campaigns, including from those involving fraudulent websites. Despite this recent scandal, Microsoft continues to be a leader in the fight against hacking and phishing scams, and employs hackers to teach Microsoft computer scientist how to create more secure user platforms.

How You Can Protect Your Microsoft Accounts

Our Microsoft accounts contain many important aspects of our work and personal lives. So how do you keep these accounts safe? Here are a few helpful tips and tricks. While password encryption practices are common knowledge for many hackers and computer users alike, many do not know how to create safer security question answers. Instead of inserting a legitimate answer for security questions such as “What is your mother’s maiden name?” and “What is the name of your first pet?”, consider using an answer that you might use for an actual password, such as aA7b9C, or whatever else you may choose. This way, hackers will not be able to guess the answers to your security questions based any knowledge of you that may be available online.

Compromised Microsoft accounts can be prevented by doing your research to avoid downloading software infected with malware. There are many legitimate sites that let you buy and download Microsoft Office for cheap prices. Legitimate Microsoft Office products will always feature a product key, a Microsoft online account, a Microsoft product license, and of course, the software you are purchasing. Always look at the layout you are purchasing you Microsoft product from. Malicious sites will often be laced with incorrect spelling, improper grammar, and feature a poor site design. Lastly, as the old saying goes, if you think something is too good to be true, it probably is.

Hacking as a Career

Keeping up knowledge of hacking and network security could one day land you a job at Microsoft. Microsoft and other tech companies are known for hiring hacker to hack into their systems and identify bugs in their software. Microsoft has even been known to offer up to $100,000 for information about bugs in their security systems and products before they are released to the public. Continuing your hacking skills will be increasingly important for the job market of the future as computer technology fields continue to grow year after year. 
x
Irfan Shakeel

Irfan Shakeel

Irfan Shakeel is a distinguished cybersecurity professional, thought leader, and trainer. As a director at CIP Cyber, he contributes valuable insights and opinions on the industrial cybersecurity domain. In addition to his written expertise, Irfan hosts the popular CIP Cybersecurity webinar, further showcasing his extensive knowledge and commitment to enhancing critical infrastructure protection.

Most popular

Industrial Cybersecurity

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Related Articles

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings