Incident Response, TDR

Phishing attack targets FIFA video game players

A fake Twitter account targeted EA Sports video game players with a phishing attack that could have handed over hundreds of logins.

The now-suspended account attempted to masquerade as part of EA Sports official support team and responded to users' support question tweets with a malicious link, according to a researcher at Malwarebytes.

Whenever a player would tweet to the real EA Sports account (@EASPORTSFIFA), the fake account (@EAFIFAHELPUK) responded with a link that would supposedly fix the issue. The phony user used the same avatar as the real account, so unobservant users could easily mistake the response as legitimate.

The scam link leads to an Origin login page, where users manage their games, so the attacker could retrieve players' credentials.

The link had been clicked on 344 times as of April 14.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.