PlayStation Users Suffering Social Engineering Attacks

PlayStation Users Suffering Social Engineering Attacks

The last big digital attack of the PlayStation Network was in December 2014, when the Lizard Squad brought down the entire network. Since then, numerous PlayStation accounts have been subject to social engineering attacks, some of which have cost users hundreds of dollars to be fraudulently charged to their credit cards.

In one such case, a user found himself locked out of his PlayStation account. He contacted Sony customer service and the agent told him that his gaming account had been switched to another PlayStation located in Europe. Quickly remembering that he had connected his credit card to his PlayStation account, he contacted his credit card company only to discover that $570 of extra points in FIFA ’15 (points used for in-game purchases) had been billed to his card.

It seems that the attackers have been gaining access to accounts by impersonating the account owner during a customer service call, which doesn’t seem all that difficult since Sony customer service only requires the person’s name, email and PSN username before adding another console to the account. Besides lax company policies, due to Sony suffering a major data breach in 2011 that leaked information on approximately 77 million accounts, there’s reason to believe that some of this data is still available on the Internet, like names, usernames and emails. This is the perfect information to successfully execute a social engineering attack.

Victims are finding themselves stuck with bills for stolen goods while Sony’s platform still does not support two-factor authentication, which would enable users to take proactive action to further secure their accounts.

Image: charnsitr / Shutterstock.com

About the Author

Ginger Hill is Group Social Media Manager.

Featured

New Products

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.