EA server compromised in effort to steal Apple IDs
Hackers have targeted Electronic Arts (EA), the company behind Titanfall, FIFA 14 and Battlefield 4, to try and steal your Apple ID and credit card details by hacking into an EA server and hosting a phishing site, according to NetCraft, a security company.
In a blog post (http://tinyurl.com/obuv3l4), NetCraft says compromised server is used by two websites in the ea.com domain, and is ordinarily used to host a calendar based on WebCalendar 1.2.0. (Newer versions of the calendar application have fixed the loopholes.) The phishing site attempts to trick a victim into submitting his Apple ID and password.
It then presents a second form which asks the victim to verify his full name, card number, expiration date, verification code, date of birth, phone number, mother's maiden name, plus other details that would be useful to a fraudster. After submitting these details, the victim is redirected to the legitimate Apple ID website (http://tinyurl.com/3ygyw8d).