Apple ID accounts, payment card data and other personal information are at risk for victims of a fairly convincing phishing scam being hosted on a compromised EA Games server, according to UK-based internet security company Netcraft.
“The compromised server is used by two websites in the ea.com domain, and is ordinarily used to host a calendar based on WebCalendar 1.2.0,” according to a Wednesday Netcraft post. “This version was released in September 2008 and contains several security vulnerabilities which have been addressed in subsequent releases.”
Some of those vulnerabilities may enable an unauthorized individual to modify settings and execute arbitrary code, which is likely what allowed an attacker to compromise the EA Games server, according to the post.
The Apple ID phishing page looks like an authentic Apple website and asks users to input their usernames and passwords. A second page then asks for full names, payment card numbers, expiration dates and verification codes, dates of birth, phone numbers, mother’s maiden names and other personal information essential to committing fraud.
This article has been extracted from http://www.scmagazine.com, please click on this link to read the article in full http://www.scmagazine.com/hacked-ea-games-server-puts-apple-ids-and-card-data-at-risk/article/338984/
Montash is a multi-award winning , global IT recruitment firm. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions including:
ERP, BI & Data, Information Security, IT Architecture & Strategy, Scientific Technologies, Demand IT and Business Engagement, Digital and E-commerce, Infrastructure and Service Delivery, Project and Programme Delivery.
For more information please contact us on +44 (0) 20 7014 0230 or alternatively send us an email on firstname.lastname@example.org.