Today, I have been the target of a phishing scam with users trying to obtain access to my Xbox LIVE Account by emailing me with messages claiming that I have an interrupted service to my Windows LIVE Account and Xbox LIVE Services. It was stated that I need to confirm my details because I submitted incorrect details during a registration process.
The content of the emails is as follows:
This e-mail has been sent to you by the Xbox LIVE Team to inform you that we were unable to verify your account details. This might be due to either of the following reasons:
1. A recent change in your personal information. (eg: address, phone)
2. Submitting incorrect information during register process.
Due to this, to ensure that your email service is not interrupted, we request you to confirm and update your information today by following the link below
[Login Link Removed]
If you have already confirmed your information then please disregard this message.
Xbox LIVE Team
Thanks for your cooperation.
The email also is being sent under Hotmail and Windows LIVE services, but the phishing scam is originating from the owners of the website Ireland-Rugby.com which is being hosted by enom.com. If you receive an email to your Xbox LIVE registered email address do not click the link, but hover over it instead – if you can see Ireland-Rugby.com in the url which intends to forward you to a hosted sign-up page where they want to grab your details to have access to your account. Please report it to their host.
Enom.com have their own phishing scam and abuse team who need to be aware of this issue. I have already reported the details, but if others follow pursuit then maybe action will be enforced quicker. So here are the steps to take if you have received a phishing email from them:
2: Report the phishing details and copy & paste the whole email & headers in the comment box on the enom page above. To obtain the headers, where it says reply on the far right – hit the arrow and view source. Copy and paste the whole lot to enom.com
3: All done and for precautionary measures change your password anyway.