AAPL Stock: 118.88 ( + 1.13 )

Printed from

EA server used in Apple ID phishing scam, claims security firm

updated 02:40 pm EDT, Wed March 19, 2014

Compromised EA server used to collect Apple IDs, personal information

A web server owned by game publisher Electronic Arts has been compromised and used in a phishing attack against users of Apple services, a security firm has claimed. The server, apparently used to host a calendar under the domain, is said to be used to try and acquire the Apple ID credentials of potential victims by posing as an account verification site.

The site in question attempts to trick the viewer into signing in to verify their Apple ID and password, according to Netcraft. The Internet security firm alleges the phishing site then asks for more personal information to confirm the victim's identity, including their full name, credit card details, date of birth, phone number, mother's maiden name, and other related sensitive information. Completing this second form takes the victim to a genuine Apple ID site, in an attempt to cover their tracks.

Screenshot of Apple ID phishing page on EA domain
Screenshot of Apple ID phishing page on EA domain

It is believed the server was infiltrated via a vulnerability in WebCalendar 1.2.0, software which was first issued in 2008 but has since received a number of security-related updates. This could have allowed the attacker to install scripts to the server, as well as access to other data stored on the server itself.

In a statement to the BBC, EA said "Privacy and security are of the utmost importance to us, and we are currently investigating this report."

by MacNN Staff



Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented