PlayStation Users Suffering Social Engineering Attacks

PlayStation Users Suffering Social Engineering Attacks

The last big digital attack of the PlayStation Network was in December 2014, when the Lizard Squad brought down the entire network. Since then, numerous PlayStation accounts have been subject to social engineering attacks, some of which have cost users hundreds of dollars to be fraudulently charged to their credit cards.

In one such case, a user found himself locked out of his PlayStation account. He contacted Sony customer service and the agent told him that his gaming account had been switched to another PlayStation located in Europe. Quickly remembering that he had connected his credit card to his PlayStation account, he contacted his credit card company only to discover that $570 of extra points in FIFA ’15 (points used for in-game purchases) had been billed to his card.

It seems that the attackers have been gaining access to accounts by impersonating the account owner during a customer service call, which doesn’t seem all that difficult since Sony customer service only requires the person’s name, email and PSN username before adding another console to the account. Besides lax company policies, due to Sony suffering a major data breach in 2011 that leaked information on approximately 77 million accounts, there’s reason to believe that some of this data is still available on the Internet, like names, usernames and emails. This is the perfect information to successfully execute a social engineering attack.

Victims are finding themselves stuck with bills for stolen goods while Sony’s platform still does not support two-factor authentication, which would enable users to take proactive action to further secure their accounts.

Image: charnsitr / Shutterstock.com

About the Author

Ginger Hill is Group Social Media Manager.

Featured

New Products

  • Hanwha QNO-7012R

    Hanwha QNO-7012R

    The Q Series cameras are equipped with an Open Platform chipset for easy and seamless integration with third-party systems and solutions, and analog video output (CVBS) support for easy camera positioning during installation. A suite of on-board intelligent video analytics covers tampering, directional/virtual line detection, defocus detection, enter/exit, and motion detection.

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.