PlayStation Users Suffering Social Engineering Attacks

PlayStation Users Suffering Social Engineering Attacks

The last big digital attack of the PlayStation Network was in December 2014, when the Lizard Squad brought down the entire network. Since then, numerous PlayStation accounts have been subject to social engineering attacks, some of which have cost users hundreds of dollars to be fraudulently charged to their credit cards.

In one such case, a user found himself locked out of his PlayStation account. He contacted Sony customer service and the agent told him that his gaming account had been switched to another PlayStation located in Europe. Quickly remembering that he had connected his credit card to his PlayStation account, he contacted his credit card company only to discover that $570 of extra points in FIFA ’15 (points used for in-game purchases) had been billed to his card.

It seems that the attackers have been gaining access to accounts by impersonating the account owner during a customer service call, which doesn’t seem all that difficult since Sony customer service only requires the person’s name, email and PSN username before adding another console to the account. Besides lax company policies, due to Sony suffering a major data breach in 2011 that leaked information on approximately 77 million accounts, there’s reason to believe that some of this data is still available on the Internet, like names, usernames and emails. This is the perfect information to successfully execute a social engineering attack.

Victims are finding themselves stuck with bills for stolen goods while Sony’s platform still does not support two-factor authentication, which would enable users to take proactive action to further secure their accounts.

Image: charnsitr / Shutterstock.com

About the Author

Ginger Hill is Group Social Media Manager.

Featured

  • Return to Form

    My first security trade show was in 2021. At the time, I was awed by the sheer magnitude of the event and the spectacle of products on display. But this was the first major trade show coming out of the pandemic, and the only commentary I heard was how low the attendance was. Two representatives from one booth even spent the last morning playing catch in the aisle with their giveaway stress balls. Read Now

    • Industry Events
    • ISC West
  • Live from ISC West: Day 1 Recap

    The first day of ISC West 2023 is in the books, and it’s safe to say that vendors have brought their A-game to Las Vegas. The booths of this year’s Live From partners—NAPCO Security, Alibi Security, Vistacom, RGB Spectrum, and DoorKing—were swamped all day long. Here’s a brief recap of just a few highlights from each partner’s presence at the show. Read Now

    • Industry Events
    • ISC West
  • Turn on the AC, ISC West is Hot

    Nothing warm about the Las Vegas weather outside. It is cold, and it was raining after the opening day. No one seemed to care inside the convention center. The hall was packed with inquisitive security professionals. Read Now

    • Industry Events
    • ISC West
  • Live From ISC West 2023: Day 1

    ISC West 2023 in Las Vegas, Nevada, has officially begun! Make sure to keep an eye on Security Today’s ISCW Live 2023 page, as well as our associated Twitter accounts—@SecurToday and @CampusSecur—for the latest updates from the show floor at the Venetian Expo. Read Now

    • Industry Events
    • ISC West

Featured Cybersecurity

New Products

  • HID Signo Readers

    HID Signo Readers

    HID Global has announced its HID® Signo™ Biometric Reader 25B that is designed to capture and read fingerprints in real-world applications and conditions. 3

  • Paxton10 CORE Cameras

    Paxton10 CORE Cameras

    The new CORE Series cameras feature edge processing for ultimate scalability, built-in edge storage, and plug-and-play installation. The addition of the CORE Series gives installers new hardware, better choice, and more value than ever before. 3

  • FlexPower® Global™ Series (FPG) from LifeSafety Power

    FlexPower® Global™ Series (FPG) from LifeSafety Power

    The FlexPower® Global™ Series (FPG) from LifeSafety Power—designed to provide DC power for access control systems in international applications—is now PSE listed for Japan and compatible with the country’s 100VAC applications. 3