How to avoid phishingHow to avoid phishing

Updated 2 days ago2 min read

Overview

Learn about phishing and how you can avoid common scams.

Table of Contents

What is phishing?

Phishing is a technique used by scammers to try to get your account information and passwords.Phishing scams typically try to trick you into thinking you’re entering information into a legitimate website when you’re actually providing information to a scammer.Scammers will try to use your login or other account information to access your account and payment details information. Avoid giving your info to phishers and scammers by only logging in on official EA sites and platforms.If you’re having trouble or notice things are missing from your account, contact us.

Phishing techniques to look out for

They'll pretend to be EA

Phishers and scammers will try to get you to give out your account information, namely your password. We will never ask you for your password.
  • If you get an email that appears to come from us asking for your account information, it’s a scam
  • If you get a private message on our forums asking for your account information, it’s not us. Scammers may use names that sound legitimate, like “EA Admin” or “EA Developer.” If you get a message like this, report it to a forum moderator.
  • If you get a private message through your console’s online messaging system claiming it’s us, it’s fake. We’ll never contact you through your console’s messaging system for any reason, so don’t give out your details. Report the details of this message through Xbox Live and PlayStation™Network.
  • If you use social media, make sure that you only talk to our verified accounts. Facebook, X, and Instagram all use check marks next to page names to show that they’re real, verified accounts. When you hover over the check marks, they’ll tell you the account is legitimate. If you don't see a verified check mark next to a page, then it isn't us.

They’ll send fake emails about your account being hacked

Scammers will try to scare you into thinking your account has been compromised when it hasn’t.You may get a message saying something like “Your account has been temporarily suspended due to suspicious activity. Please log in here to see more information.” This is another attempt to get you to give up your username and password.We’ll never send you a message asking for your login information.

They’ll offer items, cheats, and hacks

You can come across scams and phishers when you click, visit, or try to make purchases from third-party sites. These sites will try to get you to visit them by advertising great deals on games, in-game currency, gamer accounts, ways to disable digital rights management (DRM), or hacks to modify game content.
  • We don’t sell in-game currency that you can earn by playing our games, so the sale and purchase of those as well as EA accounts themselves are against our User Agreement. It's not worth the risk to your personal security or your account, and players who use these sites can end up banned.
  • Only buy games from trusted retailers. Otherwise, we won’t be able to help you when something goes wrong.
  • We don’t need your login information to grant you in-game content like packs, players, or coins. If we give out any in-game content, it’ll be automatically added to your account. We won’t ask for your account info to give you prizes or presents.
If you think you may have given your login information to a phishing site, here's how to help resecure your account.

How to recognize fake emails and copycat websites

EA sends emails from addresses that include “ea.com.” Be cautious of any email addresses that don't use “ea.com” as the domain name.Even if they include "ea" somewhere in the email address, make sure it’s from an official subdomain.All ea.com subdomains will lead with the subcategory, then ea.com.
  • Correct: www.help.ea.com
  • Incorrect: www.ea.help.com
If you see the domain or subdomain written in any other way, this isn’t an official EA website.

Is e.ea.com an official email address?

Yes, e.ea.com is an official EA email address.

Phishing emails

If you get a phishing email or message, don’t panic. Your account may not have been compromised. All the phisher may have is your email address, which can be pretty easy to find.Scammers can duplicate the images and text from an official EA email. If you get a suspicious-looking email, check who the sender is and where the links in the email are taking you.
  • Names, like email addresses, are easy to get—phishers will almost always use names in emails to seem trustworthy.
  • Other links or elements in the email might actually take you to the real EA site, but a login link will direct you to a fake site.
  • When clicking on links in emails, make sure the link is directing you to the same place that was advertised. If you want to preview a link, you can copy and paste it into something like your notes app.

Misleading hyperlinks and phishing sites

The official EA website uses the URL http://www.ea.com. Be aware of any links that don't use “ea.com” as the domain name. Even if they include "ea" somewhere in the URL, make sure it’s from an official subdomain, just like with email addresses.The text of a hyperlink may have a URL that's different from the URL it actually links to.Notice how in the image below, when you hover your mouse over the link, the URL in the text box in the bottom left doesn’t match the original one we’ve hovered over.A GIF of a cursor hovering over a hyperlink. A pop-up appears at the bottom left, warning that the link may be unsafe.Depending on your browser or email client, you can check links like this at the bottom of your screen or in a small text box that hovers over the link.Make sure that any link you click leads to the place it claims it will take you.

Redirection to a fake page

Redirecting is a technique where a scammer embeds something in a link that initially takes you to the real site, but then moves you to a fake page that looks identical.There are many examples of this, but one simple thing to look out for in any URL is the word “redirect.” For example: http://www.ea.com/redirect?url=http://fakesite.comThis means that this link will take you away from the official EA site. We’ll never redirect you from http://www.ea.com to another site.

Protect your account

Learn how to protect your EA Account from suspicious activity.
Still having issues?
Get in touch with our customer support team for more help.