Security firm Malwarebytes has uncovered a phishing scheme on Instagram that may have already claimed some victims. The scam takes advantage of the World Cup going on this week, by pretending to be EA support on Twitter and lures people to an Instagram page offering new / exclusive FIFA 14 characters for free as long as you visit the link in the profile.
Malwarebytes says that the Instagram page is one big attempt to drive victims to the page on the bio link. The Twitter account, @easportsut2014, has close to 9,000 followers, and most of the images its posts typically have a minimum of 400+ likes with multiple users posting that they’re visiting the linked URL to enter their details.
The link (easportsfifafretotwplayer.yolasite.com) is a phishing page which contains a chart of the various World Cup groups and a couple of forms to fill in. With the form on the left of the site, they are looking to nab Origin passwords; and on the right, Xbox logins.
"Whatever you do, don’t enter your information there," says Malwarebytes researcher Chris Boyd. "The Instagram account takes advantage of popular hashtags to get the attention of unsuspecting followers."
You can learn more about this scam by visiting the Malwarebytes Blog.
As always be careful where you visit and always pay attention to the URL of the sites that you do visit. Also, as Microsoft points out on its support page for Xbox Live, the majority of phishing scams offers deals that are "too good to be true."