Basically if you play on an Xbox and are part of the Xbox Live community, don't be tempted by an email that tells you to go to a website and buy tokens for games, extra levels and all that gamey stuff.
Earlier this year Sony found its information hacked and hundreds of thousands had their accounts and security compromised. This is different as the Xbox network itself hasn't been breached, people are receiving emails and then uploading their details voluntarily.
Perhaps cleverly, the amounts are relatively small. People are finding £100 or maybe a bit more has vanished. Microsoft is urging everyone to check their bank accounts to make sure they haven't been affected.
Dave Waterson, CEO at data security provider, Sentrybay said in a statement:
"We have noticed an increase in the number and sophistication of phishing attacks over the last few months. The Xbox Live is a good example of a focussed phishing attack, by targeting an exact user type and using elements of social engineering , the attacks are more tailored and thus more believable. By pretending to offer an incentive (Microsoft gaming points), hackers were having a higher hit-rate. Subsequently, further social engineering techniques are used to extend the amount of information gained (including getting credit card information) via communications from what appears to be a trusted source.
"Conventional anti-phishing approaches are not geared to protect against this attack (especially when the web pages can easily disappear and resurface), what you need is an approach that specifically protects targeted attacks on brands."