Reply
Big Daddy
Registered: 03/14/2007
Online
16774 posts
 

Re: Another Playstation Network Security breach?

Dec 12, 2013

FuelX666 wrote:

Hi guys.

 

I‘m quite sure this is not a security breach.

Your password had nothing to do with it.

And it was not because of games sharing.

 

EA told Sony we bought for 150$ in annual pass and FIFA points. Those points are probably still linked to your account. I may be wrong, but I do believe this is all accidental.

 

The fact is: they could take everything from my credit card and they did not. So I think it‘s all an infortunate and frustrating bug from EA Sports billing process.


Hmm... There was a person who showed their email string of the emails from Sony PSN store. It showed that they funded their wallet for $50, 3 times, then went to purchase Fifa points. Is the process for Fifa to bill Sony? What I struggle to understand is funding the wallet instead of a direct purchase. Sony caps the wallet at $150, but you could in theory just charge points over and over billed to a credit card. So there is a reason the wallet is being funded and then points being pruchased. Maybe the way it has to be done on the Fifa in game store?

 

To add fodder to your discussion. The same lady above does not own the Fifa game. There are others on the forum that have said the same thing. I'd like to know if Internet has fifa?

Contact PlayStation Support
Chat with a PlayStation Specialist 
Mon - Sat, 6:00AM - 10pm , Sunday 8am-8pm Pacific

Consumer Services and Technical Support____ 1-800-345-7669
Mon - Fri, 8:00AM - 8:00PM Pacific
Playstation Network Accounts and Billing Support____1-877-971-7669

Playstation Forums Support MVP. I do not work for Sony. Just a helpful gamer.
Message 21 of 25 (373 Views)
Reply
0 Likes
First Son
Registered: 12/03/2013
Offline
6 posts
 

Re: Another Playstation Network Security breach?

[ Edited ]
Dec 13, 2013

Well, TwinDad, I mostly based myself on the Sony representative I spoke with and the emails I received from EA.

 

I did'nt know there is a 150$ cap on the wallet so it does look like a process filled my wallet then spent it all in EA Sports products in two distinct steps. My wallet was filled at 2:21:26 AM then spent more than two hours later at 4:50:11 AM. In my case, it was'nt 3x50$ but 7 transactions for a total of 145$, which is quite close to that cap.

 

I think the reason why it is not a direct purchase is because, like you said, this was likely done from a FIFA Ingame Store (if there's one of course) and not the PS Store. Maybe someone who own FIFA would be able to tell.

 

Well, I realy can't say for sure if it's malicious or just a bug. However, I received receips from both PS Store and EA Sports. Also, I can't be sure as I don't own any EA Sports game, but I think the EA Sports Season Ticket is linked with my PSN account. I wonder why someone would make me buy a season pass on my own account. So that's mostly why, for now, I'll lean toward the billing bug theory.

Message 22 of 25 (352 Views)
Reply
0 Likes
Gaming Beast
Registered: 12/03/2013
Offline
2144 posts
 

Re: Another Playstation Network Security breach?

Dec 13, 2013
OP IT TAKES UP TO 7 DAYS TO GET A REFUND -.-
Message 23 of 25 (331 Views)
Reply
0 Likes
Uncharted Territory
Registered: 10/25/2007
Offline
1784 posts
 

Re: Another Playstation Network Security breach?

Dec 13, 2013

https://help.ea.com/article/fifa-13-ultimate-team-stay-safeFIFA Ultimate Team: Stay Safe

Print

Updated:  11/5/2013

We know that it's important to keep your FIFA Ultimate Team account safe, so we have provided this important information to help you keep your account safe and secure. For even more information, check out this article on How to Maintain Account Security.


TABLE OF CONTENTS

ASKING FOR YOUR INFORMATION
EA will never ask you for your login information
On the Forums
On Your Console
FUT Web

PHISHING EMAILS, LINKS and WEBSITES
Fake Emails and Copycat Websites
How Can I Tell the Difference Between a Phishing Site and the Authentic EA One?
Misleading Hyperlinks
Beware of Redirects
Scare Tactics

ADDITIONAL SECURITY

WHAT TO DO IF YOU’VE BEEN PHISHED
Overview
I Received a Phishing Email
Report Phishing Sites to EA


ASKING FOR YOUR INFORMATION

EA Will Never Ask for Your Login Information:
There are no exceptions to this rule. Even if you receive an email that looks like it’s coming from EA, if it asks for your account information it’s a scam.

Back to Top


On the Forums:
If you ever receive a private message in the forums asking for your account information, it is fake. Scammers will even use names that sound legitimate, such as “EA Admin” or “FIFA Developer”. Again, EA will never ask you for your account info.

If you do receive a message like this, report it to one of the forum moderators. Those responsible for sending messages of this kind will suffer swift justice – justice that could affect more than just their forum privileges, up to and including a full console ban.

Back to Top


On Your Console:
If you ever receive a private message through your console’s online messaging system asking for your account information, it is fake. EA will never contact you through your console’s messaging system for any reason. Do not give out your details and report the details of this message using the built-in report tool.

Back to Top


FUT Web
Scammers are using Shared Squad links to try to phish information. Remember: you don’t need to be logged into to your EA account to view a Shared Squad. Shared Squads can be viewed by anyone, and like every other official link, they always start with http://www.ea.com or http://www.easports.com/fifa.

Back to Top




PHISHING EMAILS, LINKS and WEBSITES

Fake Emails and Copycat Websites:
Sometimes emails and websites can appear to be official emails or websites from EA, but they are actually from a third party**.

For example: You receive an email that appears to be from EA concerning an Ultimate Team (or other game) promotion. You click on the link in the email, go to what appears to be the Ultimate Team login page, and enter your account name and password. Two days later you discover all the gold players you’ve worked so hard for have disappeared.

Sound familiar? Hopefully not, as the person above was just phished. Phishing is a way of tricking someone into giving up valuable information (like your account name and password) by landing on a fake website and entering in your account details. As the majority of phishing websites look identical to the real thing, most users don’t even realize they’ve been phished until it’s too late.

When browsing and regarding your account details, be sure to check the URL, as noted below, to ensure you preserve your account's security.

NOTE: Be sure to also read this article about the risks from buying or selling FUT Coins from a third party service. 

Back to Top


How Can I Tell the Difference Between a Phishing Site and the Authentic EA One?
The official EA website uses the following URL: http://www.ea.com/. Be aware of any links that don't use “ea.com” as the domain name, even if they include "ea" somewhere in the url. For example, "ea.account.com” would not be an official EA site. However, “help.ea.com” is an official EA website. Always double check the sign-in URL starts with: http://www.ea.com or http://www.easports.com/fifa.
 

User-added image


Head-to-Head Comparison: Note that the phishing site (top), while appearing to be identical to the official EASPORTS.com site, has a different URL than http://www.ea.com or http://www.easports.com/fifa.
 
Back to Top


Misleading Hyperlinks:
The text of a hyperlink may contain a url that is not the url it actually links to. Roll your mouse over this link: www.ea.com/safe. Notice either in the bottom of your browser window or in a small text box over the link, the actual url does not match. Make sure any link you click on leads somewhere official.

Back to Top


Beware of Redirects:
Redirecting is a technique where a scammer embeds something in a link that takes you to the real site to begin with, but then moves you to a fake page that looks identical. There are many examples of this, but one simple thing to look out for in your address bar would be: http://www.ea.com/redirect?url=http://fakesite.com

Note the “redirect?” part of the URL. This means you go to a different site than official EA one.

EA will never redirect you from http://www.ea.com/ to another site.

Back to Top


Scare Tactics:
Another common tactic involves scaring you into thinking your account has been compromised when it actually hasn’t. You may receive a message saying something like: “Your account has been temporarily suspended due to suspicious activity. Please login here to see more information.” This is another attempt to get you to give up your username and password. As always, the end result its directing you to a site other than http://www.ea.com or http://www.easports.com/fifa.

EA will never send you emails claiming your account has been compromised. EA will never contact you via ANY means asking for this information.

Back to Top




ADDITIONAL SECURITY

Here are some additional precautions you can take to ensure your information is protected.

  • Preview Links- Remember those Misleading Links? Before you click on a link, preview where it is taking you by hovering over it with your mouse cursor. In some browsers the link location will be displayed at the bottom of your browser window.
  • Home Computer- passwords and bookmarks- Set your browser to remember your password for EA sites. This way it will auto-fill the login form every time you visit the site. If you unknowingly go to a phishing site, the username and password will not be filled in, so you will know it’s a fake. Be sure to only do this on your home computer.
  • Public Computers- If you login from a public computer, such as at a school or a coffee shop, double check that your login information isn’t being saved by the browser. Be sure to delete the browser cache after you logout as well.
  • Password Integrity- This is important, so we will say it again! While not directly related to phishing, updating and maintaining your passwords is an important part of online security. A secure password that is updated often is much less likely to lead to a compromised account.
  • Browser tools- These browser tools and plugins will not stop all phishing sites. Unsafe website lists are used to keep track of phishing sites. These tools can also help you avoid sites that attempt to install malicious software without you knowing.

Back to Top




WHAT TO DO IF YOU’VE BEEN PHISHED

Overview:
If you believe you’ve entered your login info into a phishing site by accident, change your password right away. It’s likely that your account has been compromised, but you may still have time to save it.

Then contact EA’s customer service team immediately at http://help.ea.com, providing as much detail and evidence as you can. In particular, our team will need accurate details of what items (if any) you have lost, plus the date and time that you lost them.

Back to Top


I Received a Phishing Email:
If you receive a phishing email message, don’t panic. Your account has not been compromised. All the scammer has is your email address, which can be relatively easy to find. Scammers duplicate the images and text from an official EA email in the same way they copy websites. If you receive a suspicious looking email, check who the sender is, as well as where the links in the email are taking you.

Some things to be aware of with phishing emails:

  • Names are easy to obtain—phishers will almost always use these in emails;
  • Other links or elements in the email will actually take you to the real site, but the “click here” or “login” link will always be to a fake site;
  • When clicking on links in emails, be sure it is directing you to the same place that was advertised;
  • The only time EA will contact you through email regarding your account is if you have forgotten your password and you make a request to have it changed.


Back to Top


Report Phishing Sites to EA
We are continually taking action against phishing sites as we are made aware of them. We are also taking strong, prompt action against any users attempting to scam others using these sites or any other scams.

Please let us know about phishing sites by contacting us and/or clicking on I STILL NEED HELP.

Message 24 of 25 (326 Views)
Reply
0 Likes
Highlighted
First Son
Registered: 12/28/2013
Offline
2 posts
 

Re: Another Playstation Network Security breach?

Dec 28, 2013
Lucky
Message 25 of 25 (277 Views)
Reply
0 Likes