Have been hacked - lost access to accounts etc

[philstanbridge]

I’ve tried that number and it says it’s all done online, but maybe paid is the way to go. I would try that however my accounts are currently frozen

 

[philstanbridge]

So I finally managed to speak to someone, who tried their best to help. I think the problem is the account is still active - and Microsoft can't seem to understand that fact. It has been taken over! I don't know how to rectify that really. I'm concerned my son will lose his games and stuff on his xbox, as his account is linked to this one. Because we can't login we can't change anything. I'm hoping because his games are stored locally he should be able to use them with a new login?

 

[Haze]

Who is your email with? Nothing like this ever makes it through the spam filters on Hotmail and Gmail, I would get a better account with someone

 

[superleeds27]

Who is your email with? Nothing like this ever makes it through the spam filters on Hotmail and Gmail, I would get a better account with someone

It does.

What I can't understand is how/why his son had access to his emails?

 

[Raymond Lin]

Randomly I just got a login request myself for my MS account!

Luckily I went through setting up MFA on everything I can think of a few years ago.

 

[superleeds27]

Randomly I just got a login request myself for my MS account!

Luckily I went through setting up MFA on everything I can think of a few years ago.

Doesn't that mean they know your password then? If it's triggered the 2nd step?

It's scary viewing that 'Login attempts' section of the MS account.

 

[philstanbridge]

It does.

What I can't understand is how/why his son had access to his emails?

It’s really complicated. Years ago I created my Hotmail account. My sons Xbox account was linked to my Hotmail account. It was setup for parental support etc. in retrospect I should have created a separate account for him but I didn’t. So over the years he has been using my account as his. I’ve tried to separate the two without success so I’ve just given up and he uses it mostly now for Xbox stuff. The problem is I also had everything pointing towards it, and I didn’t overly think about that. So it’s like a job share.

 

[superleeds27]

It’s really complicated. Years ago I created my Hotmail account. My sons Xbox account was linked to my Hotmail account. It was setup for parental support etc. in retrospect I should have created a separate account for him but I didn’t. So over the years he has been using my account as his. I’ve tried to separate the two without success so I’ve just given up and he uses it mostly now for Xbox stuff. The problem is I also had everything pointing towards it, and I didn’t overly think about that. So it’s like a job share.

Ahh okay.

Do you not use any form of AV protection at all?

 

[Efour]

Doesn't that mean they know your password then? If it's triggered the 2nd step?

It's scary viewing that 'Login attempts' section of the MS account.

Can't you turn off password in Microsoft and just have authentication log ins ? Or hello whatever they call it. Face recognition, or some biometric info.

 

[superleeds27]

Can't you turn off password in Microsoft and just have authentication log ins ? Or hello whatever they call it. Face recognition, or some biometric info.

Ahh. Suppose that could be it yeah.

 

[philstanbridge]

Ahh okay.

Do you not use any form of AV protection at all?

Only what MS provides.

 

[dlockers]

Ahh okay.

Do you not use any form of AV protection at all?

AVs don't work on humans

 

[philstanbridge]

It's not a virus anyway - it was my son gifting the password to the scammer.

 

[Feek]

It's not a virus anyway - it was my son gifting the password to the scammer.

Yeah, not 'hacked' at all.

 

[superleeds27]

It's not a virus anyway - it was my son gifting the password to the scammer.

Yeah but decent AV will have browser/phishing protection too. So, if it's a known domain, or a known hack/file being used then chances are it would have blocked the site.

 

[jpaul]

some comments about providing proof of subsiduary xbox account ownership.

Retrieving Compromised Microsoft Minecraft Accounts
Getting back your Microsoft account is hard but not impossible. Now, Minecraft accounts cannot be transferred to another Microsoft account, only through aliases, which makes it possible for you to retrieve it if you have proof of ownership.
Things to prepare:
(Must) The Original Email Access, regardless of whether the hacker changed it.
(Must) Xbox Gamertag can be found on the default Minecraft launcher.
(Maybe) Transaction ID.
(Unlikely) Gameplay/Video Proof.
After you have the listed Must prepared, you can go ahead and contact Microsoft support. Here are the links I provided (you can copy and paste it)
....

 

[Raymond Lin]

Doesn't that mean they know your password then? If it's triggered the 2nd step?

It's scary viewing that 'Login attempts' section of the MS account.

I don’t think so, I don’t log in with password, only through the authentication app.

A few years ago I used to get daily login attempt at my Steam account too.

 

[Jimmeh]

Help with the Microsoft account recovery form - Microsoft Support

These steps will help guide you when filling out the account recovery form.

support.microsoft.com

it's not clear that you've carried out this process, so am sharing it just in case.
Seems fairly straight forward to prove its you and that you have an issue? Granted, it's annoying not to be able to talk to someone, but it says they should be able to verify with you and provide steps to recover the account within 24 hours...

 

[Nasher]

Add all the IP ranges for all of the middle east countries, Russia, China, India, Pakistan, etc to a firewall block list on your router. Most of this crap is directed there and there is really nothing legit and useful comes out of them so no loss. A lot of companies do this.

 

[GGizmo]

The most scary thing about this is that in Windows 11 Microsoft heavily push people into using a Microsoft account to control Windows.