This Origin Phish Isn't Very Sporting

This Origin Phish Isn’t Very Sporting

We’ve observed a Twitter feed claiming to be a support channel for all things EA Sport.

What tends to happen is someone sends a query to the official EA Sport account (@EASPORTSFIFA, note the verified symbol on the profile), at which point the one in question (@EAFlFAHELPUK) will interject into the conversation with a link to visit.

As it uses the same avatar as the official account, recipients may not notice they’ve been sidelined into an entirely different conversation. This is a pretty clever tactic – here’s an example:


Another one:

Where is the linesman?

The account sending links isn’t verified, and swore at another Twitter user not too long ago – not common behaviour for a support channel!

Yellow card, ref!

The link is a link which so far has had 282 clicks since April 2nd. It leads to an EA Sports Origin login page.

uh oh

Origin is EA’s answer to Steam, and all your EA games are tied to your Origin account. Handing that login to phishers could prove expensive if you can’t reclaim your stolen credentials.

Red card, please…

Christopher Boyd


Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.