Several EA accounts compromised by phishing mails

Recently, it has been revealed that several EA Sports accounts were compromised by hackers via phishing techniques. The threat-actors exploited EA’s live chat, targeting high-profile players for account takeover. The attackers utilised social engineering methods, exploiting errors within the customer experience team and using this to bypass two-factor authentication.

As a result, EA has released their strategy on how to prevent similar issues going forward and better secure player accounts. The steps are outlined below:

All EA Advisors and individuals who assist with service of EA Accounts are receiving individualised re-training and additional team training, with a specific emphasis on account security practices and the phishing techniques used in this particular instance.
We are implementing additional steps to the account ownership verification process, such as mandatory managerial approval for all email change requests. 
Our customer experience software will be updated to better identify suspicious activity, flag at-risk accounts, and further limit the potential for human error in the account update process.

 

The post Several EA accounts compromised by phishing mails appeared first on IT Security Guru.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt