The cunning method that Thieves are using to steal your PSN account

Lock your doors, hide your kids, hackers are coming for your PSN account and here’s how they’re doing it…

First of all, they’re buying lists of email addresses and passwords, and then cross-referencing them with PSN accounts. This is the exact reason that you’re always cautioned to use different passwords for different sites.

They’ll take lists of hundreds of thousands of email addresses and passwords that have already been hacked, and then they’ll match them up with PSN accounts using bots to see who uses the same password. If you do, that’s it, you’re done.

It’s worth mentioning that this practice isn’t unique to PSN. If you’ve ever had any type of account get hacked, and used that same password on any other site, it’s only a matter of time. People buy these huge lists of usernames and passwords, and they’ll cross reference them against any number of other sites, not just PSN.

Furthermore, they’ve even hacked smaller websites that use your PSN info to log you in, like trophy tracking sites. You’d be surprised how many people use the same password for those trophy sites as they do for their PSN account. Once again, if that’s you, you’re done.

Fingerguns.net recently spoke to a PSN hacker and got some insights into exactly how they operate:

“Yahoo, ClixSense and AFF were good for us. You’d be surprised by the number of people that use the same email address and password for every online account they use. We took some lists from hacks, set up some bots and we started to get some luck on PSN. We even managed to hack a few of the smaller PlayStation trophy tracking websites ourselves and 90% used the same username and password as PSN”

Once they have your info, they log into the PSN website and deactivate your account from your PlayStation. You can only deactivate accounts once every 6 months, which gives the hackers plenty of time to sell your account and all of the games you’ve purchased on that account.

image: fingerguns.net

The people buying these accounts will then register them as primary accounts on their own PlayStations, and in a lot of cases the original owner of the account won’t even know that they had been hacked, meanwhile someone else is sharing their games at a fraction of the cost.

Accounts can sell for anywhere from a few dollars, to $1000+ if the account has a ton of games on it. There are underground auction websites where people can bid on other people’s accounts in order to save a bit of money on games.

image: fingerguns.net

How to avoid getting your PSN account hacked

Sometimes, there’s just nothing you can do, but there are steps you can take to deter 99.9% of common hacks.

  • First of all, 2 factor authentication is a must. It can be a bit of a pain, but it improves your account security drastically.
  • Secondly, don’t use the same passwords for everyone, AND change your passwords on a regular basis.

Why does changing your password help, if it’s already a strong and unique password? Well, if your password is already floating around on one of those underground lists of email addresses and passwords, it’s only a matter of time until someone gets into your account with it, even if it’s a strong password.

By changing your password, you’re making that info obsolete and useless to hackers. Once they try to log into your account and the data they have doesn’t work, it’ll get removed from the list.