Besieged By Hackers, EA Tries To Stymie FIFA Phishing Scams

Illustration for article titled Besieged By Hackers, EA Tries To Stymie FIFA Phishing Scams

Giant video game publisher EA and its most popular video games are rich targets for hackers and scammers, but the company is determined to fight back and protect its users, EA's number two executive tells Kotaku.


Gamers should also try hard to protect themselves, chief operating officer Peter Moore advised, especially in light of rampant scams tied to the Xbox 360 version of last year's FIFA game from EA.

Since late last year, numerous Xbox 360 players of 2011's FIFA soccer game have reported that their accounts have been hacked by hooligans who would run up their credit card bills, buying Micrsoft Points on FIFA Ultimate Team cards (used for assembling the best possible team) and then selling the goods for profit.

Similar problems did not occur with the PS3 or PC versions of the game.

"It is not a FIFA hack," EA's chief operating officer Peter Moore told me during an interview in New York earlier this month. Microsoft reps have said the same thing. "It is some phishing experiment that uses FIFA as the end game because it's an attractive game." The distinction he's making is between an exploit being found in the game's software and a phishing scam, which usually involves tricking people into revealing personal information.

Neither Microsoft nor EA has detailed just what loopholes the scammers are using. (EA has published a guide to preventing FIFA phishers from getting player info.)


Moore said that EA has "worked with Microsoft" and with "some consumers" to try to fix things.

An EA spokesperson who sat with us during the interview added that, "in the last couple of weeks both on our side and Microsoft's side both have put in more security controls in place around some of the transaction mechanisms. We're not going to reveal what we've done, because it just becomes a target. We've put some additional measures in place and we think those are going to have a significant impact."


Moore doesn't think EA and FIFA were targeted by the scam because of problems on EA's end but due to the popularity of the game. "There's a currency in there," he said. "People are clever today. They want... FIFA gold packs or the currency in there, because it's global." It's something they can transact with.

EA is a popular cyber-target. Moore said the company is "attacked every day." The game publisher has a full security bureau to deal with it. "If I showed you our hack attacks every day..." he started, before trailing off.


The EA rep nearby made sure to add that "most of them don't get anywhere. They get shut down."

Moore said that the best defense is... well, it's one thing this very site recommended when Kotaku's parent company was hacked a little over a year ago. "People also need to change their passwords more regularly," he said. "I'm as guilty as that."


The FIFA phishing has been a blot for EA, even if they might be blameless here. It could be even worse, if those hack attacks make it through. For now, things are ok. "We have a lot of credit card data and we've been lucky so far that our security layers and our people that are dedicated to fending off the attacks are very good," Moore said, looking for some wood to knock on before settling for a chair cushion, "but there for the grace of god go us."



I'm still not convinced. The hack involves the only company using Live that's allowed to use their own servers and I'm expected to believe that's just co-incidence?