Here are some steps you can take to protect yourself.
Some of the common mistakes that lead to users being targeted and some steps to follow:
No1 Mistake: You give away your account password to a Web site advertising free Microsoft Points.
Tip: "It's extremely difficult to recover an account in this situation. If you use that password for anything else, there's a good chance the same hackers are now busy using that password combination on Amazon, eBay, CraigsList, bank accounts, etc."No2 Mistake: You routinely trade your gamertag around with friends.
Tip: "Passing gamertags makes it easy for people to trade Achievements together or play parts of a game they have not unlocked yet. If you are trading with multiple people and one of them ever gets compromised, a hacker has your gamertag and others' as well."No3 Mistake: Someone guesses or otherwise obtains your details (such as the answer to your secret question) and resets your password.
Tip: "It's important to remember not to give out personal information. One good thing you can do is change the answer to your secret question. If you make the answer completely unrelated to the question (i.e. Question: What is your favorite TV show? Answer: Avril Lavigne), you're essentially creating a second password."As social engineering does not involve actual "hacking," it's a difficult and expensive problem to solve. Coming up with proper defenses rests in the hands of Microsoft.
In the meantime, maybe it's time to change your password.
Source: MTV News