OFFICIAL SECURITY BLOG
June 19, 2014 | BY Christopher Boyd
We’ve noticed fake EA support accounts plying their trade on Twitter for a while now, but here’s something a bit different and lurking over on Instagram.
On Twitter, the fakes typically inject themselves into support conversations before steering the victim to a phish page.
On Instagram, the lure is EA sports World Cup fever, with the promise of new / exclusive characters as long as you visit the link in the profile.
Here’s one such promise, along with a list of people doing the equivalent of posting “first” on an article (except in this case, trying to be first to lose access to their accounts).
The text reads:
“Neymar #MOTM is here! The 20 first who log in on the link in our bio get him #Neymar #Brazil”
They make use of Instagram hashtags, which place tagged images under the selected keywords for all to see.
“Don’t forget to play FUT #WorldCup with all the world cup players! If you want a free #TOTW player just log in on the link in our bio #Fifa14″
In fact, the whole Instagram page is one attempt after another to drive victims to the page on the bio link.
Note that the account has close to 9,000 followers, and most of the images typically have a minimum of 400+ likes with multiple users posting that they’re visiting the linked URL to enter their details. In short, they have a ready supply of potential victims to toy with.
The link is, of course, a phishing page which contains a chart of the various World Cup groups and a couple of forms to fill in. On the left, they’re going for Origin passwords; on the right, XBox logins. Regardless of selection, your details will be sent to the scammers.
While fake support accounts are most definitely a bad thing, we shouldn’t forget about more traditional forms of account theft such as the one above…especially as World Cup fever is now underway.
Do yourself a favour, and – here comes the football related closing gag – kick this one into touch.