Bizarre Essex Police #cyberaware Tweet Mystery

Some Phishy Football Antics…

This isn’t exactly like saying Candyman 5 times into a mirror, but it’s still quite the dangerous invocation:

The bot alternates between sending messages to anybody mentioning the official EA Sports Twitter feed, and just firing the below message into the void in the hopes people might notice it:

We are currently working on the FUT Server. Therefore you get 3 packs

Typically, these scams involve fake EA Twitter accounts dropping themselves into support conversations then directing the victim to a phishing page. This one is a little more hands off in terms of approach, lazily pouncing on anybody using a keyword – however, the end result is still the same. In this case, we have a phishing URL with 1,500+ clicks at time of writing:


A few clues that this isn’t the real thing: no HTTPS / padlock in the URL bar, and the various “Host your own website for free!” banners scattered around the page. Also, the horribly non-official looking URL itself:


It seems the account sending the phish links was itself compromised, and turned into the rogue link spouting drone we see before us:


Whoops all round, really. Don’t fall for offers of freebies, especially when the Twitter account doing the sending isn’t a Verified profile as in the above example. Nobody wants a red card before the half time whistle has blown…

Christopher Boyd (Hat tip to Janne Ahlberg)


Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.