Categories

Online Security

This Origin Phish Isn’t Very Sporting

We’ve observed a Twitter feed claiming to be a support channel for all things EA Sport.

What tends to happen is someone sends a query to the official EA Sport account (@EASPORTSFIFA, note the verified symbol on the profile), at which point the one in question (@EAFlFAHELPUK) will interject into the conversation with a link to visit.

As it uses the same avatar as the official account, recipients may not notice they’ve been sidelined into an entirely different conversation. This is a pretty clever tactic – here’s an example:

eatwteet2

Another one:

Where is the linesman?

The account sending links isn’t verified, and swore at another Twitter user not too long ago – not common behaviour for a support channel!

Yellow card, ref!

The link is a bit.ly link which so far has had 282 clicks since April 2nd. It leads to an EA Sports Origin login page.

uh oh

Origin is EA’s answer to Steam, and all your EA games are tied to your Origin account. Handing that login to phishers could prove expensive if you can’t reclaim your stolen credentials.

Red card, please…

Christopher Boyd


0 thoughts on “This Origin Phish Isn’t Very Sporting

Leave a Reply

Subscribe to our YouTube Channel