The fact they reference 2 factor when this whole issue is about by passing the 2 factor due to EA swapping email addresses is just embarrassing. What a joke of a company
2FA is key though. It might not prevent all the cases but it prevent a lot. There was a screenshot of someone's email account with loads of requests.
2FA is the same process that any company uses, and we should all turn it on.
The problem here isn't a technical one, it's an organisational culture one within the EA Help department. Therefore it's a lot harder to fix, without neutering the reason it exists (to help with genuine issues) since the people are the root cause.
There's no difference here to someone trying to do this with your bank account, the method would be the same.
A bank is far less likely to give your account away. Banks' help services have much less, or no, access to your account. And they can advise you to go to a branch to resolve an issue.
I just watched runthefutmarket video, you have to feel for him and others, it’s actually more and more outrageous when you think about it.
EA should have systems in place where this can’t happen, it’s not even difficult.
2FA is key though. It might not prevent all the cases but it prevent a lot. There was a screenshot of someone's email account with loads of requests.
2FA is the same process that any company uses, and we should all turn it on.
The problem here isn't a technical one, it's an organisational culture one within the EA Help department. Therefore it's a lot harder to fix, without neutering the reason it exists (to help with genuine issues) since the people are the root cause.
There's no difference here to someone trying to do this with your bank account, the method would be the same.
This is absolutely not true. Do you think banks rely on their customer service advisors not to make mistakes? Of course not or these hackers wouldn't be wasting their time on fifa. Any bank worth its salt will ensure their customer advisors simply cannot get into a customers details or change anything without going through customer validation. Been working on this sort of thing 20 years.
The reason this is a problem for EA is the same reason they make mistakes constantly. Their culture is to not care
2FA is key though. It might not prevent all the cases but it prevent a lot. There was a screenshot of someone's email account with loads of requests.
2FA is the same process that any company uses, and we should all turn it on.
The problem here isn't a technical one, it's an organisational culture one within the EA Help department. Therefore it's a lot harder to fix, without neutering the reason it exists (to help with genuine issues) since the people are the root cause.
There's no difference here to someone trying to do this with your bank account, the method would be the same.
Tell me you don't have a bank account or know anything about banks without telling me you don't have a bank account
Anything like this should require ID verification etc like PayPal.
Doesn't even need that.
Every other company with a shred of common sense will require you to answer some security questions both personal and preset at account setup and once done you will get the email/password you wanted.
Live chat shouldn't have the ability to change to change anybody email and something like that should be done over the phone once security questions have been answered
2FA is key though. It might not prevent all the cases but it prevent a lot. There was a screenshot of someone's email account with loads of requests.
2FA is the same process that any company uses, and we should all turn it on.
The problem here isn't a technical one, it's an organisational culture one within the EA Help department. Therefore it's a lot harder to fix, without neutering the reason it exists (to help with genuine issues) since the people are the root cause.
There's no difference here to someone trying to do this with your bank account, the method would be the same.
Tell me you don't have a bank account or know anything about banks without telling me you don't have a bank account
So you want to change your email address with your bank. How do you do it? You ring up, they authenticate you, but ultimately they have the power to update your account. Relies on the person on the phone
Anything like this should require ID verification etc like PayPal.
Doesn't even need that.
Every other company with a shred of common sense will require you to answer some security questions both personal and preset at account setup and once done you will get the email/password you wanted.
Live chat shouldn't have the ability to change to change anybody email and something like that should be done over the phone once security questions have been answered
Which is the process here, until they found the one person who didn't follow the rules.
This is what I'm meaning. The hackers keep trying and failing since EA Help are sending recovery codes which they expect to be quoted back to them to verify.
Until they find the one person who skips this step.
2FA is key though. It might not prevent all the cases but it prevent a lot. There was a screenshot of someone's email account with loads of requests.
2FA is the same process that any company uses, and we should all turn it on.
The problem here isn't a technical one, it's an organisational culture one within the EA Help department. Therefore it's a lot harder to fix, without neutering the reason it exists (to help with genuine issues) since the people are the root cause.
There's no difference here to someone trying to do this with your bank account, the method would be the same.
This is absolutely not true. Do you think banks rely on their customer service advisors not to make mistakes? Of course not or these hackers wouldn't be wasting their time on fifa. Any bank worth its salt will ensure their customer advisors simply cannot get into a customers details or change anything without going through customer validation . Been working on this sort of thing 20 years.
The reason this is a problem for EA is the same reason they make mistakes constantly. Their culture is to not care
I think we're broadly in alignment. Banks have stronger processes (due to regulation and magnitude of liability) but ultimately the people are the weakness. EA evidently have processes, but they're less robust.
2FA is key though. It might not prevent all the cases but it prevent a lot. There was a screenshot of someone's email account with loads of requests.
2FA is the same process that any company uses, and we should all turn it on.
The problem here isn't a technical one, it's an organisational culture one within the EA Help department. Therefore it's a lot harder to fix, without neutering the reason it exists (to help with genuine issues) since the people are the root cause.
There's no difference here to someone trying to do this with your bank account, the method would be the same.
Tell me you don't have a bank account or know anything about banks without telling me you don't have a bank account
So you want to change your email address with your bank. How do you do it? You ring up, they authenticate you, but ultimately they have the power to update your account. Relies on the person on the phone
No it relies on the systems in place.
You can call the bank 1 million times saying you forgot x information but if you don't pass security questions you don't get access to change details. Some even send a code to your phone.
No banks can change anyone information via chat/phone unless security questions have been answered and that is because of the systems put in place for security more than anything else
Seems like EA has a pretty good process, but the system hasn't been optimized for it. The employee should not be able to see or change anything to an account until the employee has actually entered the security code that's being sent to the customer. That change would kind of fix this whole issue right?
2FA is key though. It might not prevent all the cases but it prevent a lot. There was a screenshot of someone's email account with loads of requests.
2FA is the same process that any company uses, and we should all turn it on.
The problem here isn't a technical one, it's an organisational culture one within the EA Help department. Therefore it's a lot harder to fix, without neutering the reason it exists (to help with genuine issues) since the people are the root cause.
There's no difference here to someone trying to do this with your bank account, the method would be the same.
Tell me you don't have a bank account or know anything about banks without telling me you don't have a bank account
So you want to change your email address with your bank. How do you do it? You ring up, they authenticate you, but ultimately they have the power to update your account. Relies on the person on the phone
No it relies on the systems in place.
You can call the bank 1 million times saying you forgot x information but if you don't pass security questions you don't get access to change details. Some even send a code to your phone.
No banks can change anyone information via chat/phone unless security questions have been answered and that is because of the systems put in place for security more than anything else
Agreed on that, but that's because they're grown-up companies with regulators breathing down their necks and massive costs if they stuff it up. As you can see in that Eurogamer tweet, there were loads of occasions where the process was followed and therefore the hacker didn't gain access.
Not saying that it's right what EA have been doing, just that it's not specced correctly for the current times.
2FA is key though. It might not prevent all the cases but it prevent a lot. There was a screenshot of someone's email account with loads of requests.
2FA is the same process that any company uses, and we should all turn it on.
The problem here isn't a technical one, it's an organisational culture one within the EA Help department. Therefore it's a lot harder to fix, without neutering the reason it exists (to help with genuine issues) since the people are the root cause.
There's no difference here to someone trying to do this with your bank account, the method would be the same.
it wont prevent any of these type of cases mate
this is ea support giving all your details to a random guy who then gets them to change the email on the named account
2FA does nothing against ea supports incompetence
to even suggest 2FA in these cases is an embarrassment
2FA is key though. It might not prevent all the cases but it prevent a lot. There was a screenshot of someone's email account with loads of requests.
2FA is the same process that any company uses, and we should all turn it on.
The problem here isn't a technical one, it's an organisational culture one within the EA Help department. Therefore it's a lot harder to fix, without neutering the reason it exists (to help with genuine issues) since the people are the root cause.
There's no difference here to someone trying to do this with your bank account, the method would be the same.
Tell me you don't have a bank account or know anything about banks without telling me you don't have a bank account
So you want to change your email address with your bank. How do you do it? You ring up, they authenticate you, but ultimately they have the power to update your account. Relies on the person on the phone
WRONG
The advisor CANNOT change your email address unless you go through validation. The system will say something like "Give me your date of birth". The advisor will enter this and they the system will tell them if its correct or not. The advisor won't be able to see their date of birth if they get it wrong. This is why banks rarely have issues with advisor fraud.
I have been working this stuff for donkeys years. If you don't believe me give it a try.
I can’t believe the incompetency level in such a massive company. It is so easy to identify the hackers. Even my grandmother can do it, you literally look at the leaderboard and see what random names have appeared there from nowhere. EA have the tools to look at the transfer profits on those accounts over the previous weeks and months so if a nobody has appeared from nothing to all of a sudden making millions in days and I mean big millions like 20, 30+ million then clearly it’s fishy.
Poor traders...someone took away their coins which they have took away from causal FIFA players in the first place. What a cruel world.
How have they taken away coins from casual Fifa players?
Ehm you know that a profit for somone results in a loose for another one. Which would be ok if everyone has the same information. But traders a using leaks which is are known much earlier by them...
You discard every card you pack? Wouldn't want to sell it to other players because you'll take coins out of their pocket.
using insider information in real world trading is illegal....you know. That's what many leaderboard traders do...using leaks to make profit which are not known by the regular Timmy playing this game.
oh shut yo boogaloo booty up man imagine wanting to buy and sell to make coins instead of bending over and gaping your butthole for ea to give you 120k in £80 of fifa points
Dangerously close the the "end of the week" here EA. 💩🤔
All the packs were given out and sorted the other day lol, despite a load of people complaining on twitter they didnt receive any but i doubt EA will do anything about it
Rated E For Everyone.
Comments
6 months?
Your being optimistic
Something for free is coming today I think, pack weight has already been reduced massively.
Yeah because that's clearly prevented these people from gaining access to accounts
The most embarrassing thing about the whole thing. Clearly didn’t read the article or issues to put that EA Support auto bot response out
set out
2FA is the same process that any company uses, and we should all turn it on.
The problem here isn't a technical one, it's an organisational culture one within the EA Help department. Therefore it's a lot harder to fix, without neutering the reason it exists (to help with genuine issues) since the people are the root cause.
There's no difference here to someone trying to do this with your bank account, the method would be the same.
EA should have systems in place where this can’t happen, it’s not even difficult.
This is absolutely not true. Do you think banks rely on their customer service advisors not to make mistakes? Of course not or these hackers wouldn't be wasting their time on fifa. Any bank worth its salt will ensure their customer advisors simply cannot get into a customers details or change anything without going through customer validation. Been working on this sort of thing 20 years.
The reason this is a problem for EA is the same reason they make mistakes constantly. Their culture is to not care
Tell me you don't have a bank account or know anything about banks without telling me you don't have a bank account
Doesn't even need that.
Every other company with a shred of common sense will require you to answer some security questions both personal and preset at account setup and once done you will get the email/password you wanted.
Live chat shouldn't have the ability to change to change anybody email and something like that should be done over the phone once security questions have been answered
So you want to change your email address with your bank. How do you do it? You ring up, they authenticate you, but ultimately they have the power to update your account. Relies on the person on the phone
Which is the process here, until they found the one person who didn't follow the rules.
On a separate note I wonder how much money pros spend on this game when they can just drop £k’s like it’s nothing
This is what I'm meaning. The hackers keep trying and failing since EA Help are sending recovery codes which they expect to be quoted back to them to verify.
Until they find the one person who skips this step.
I think we're broadly in alignment. Banks have stronger processes (due to regulation and magnitude of liability) but ultimately the people are the weakness. EA evidently have processes, but they're less robust.
No it relies on the systems in place.
You can call the bank 1 million times saying you forgot x information but if you don't pass security questions you don't get access to change details. Some even send a code to your phone.
No banks can change anyone information via chat/phone unless security questions have been answered and that is because of the systems put in place for security more than anything else
Agreed on that, but that's because they're grown-up companies with regulators breathing down their necks and massive costs if they stuff it up. As you can see in that Eurogamer tweet, there were loads of occasions where the process was followed and therefore the hacker didn't gain access.
Not saying that it's right what EA have been doing, just that it's not specced correctly for the current times.
it wont prevent any of these type of cases mate
this is ea support giving all your details to a random guy who then gets them to change the email on the named account
2FA does nothing against ea supports incompetence
to even suggest 2FA in these cases is an embarrassment
WRONG
The advisor CANNOT change your email address unless you go through validation. The system will say something like "Give me your date of birth". The advisor will enter this and they the system will tell them if its correct or not. The advisor won't be able to see their date of birth if they get it wrong. This is why banks rarely have issues with advisor fraud.
I have been working this stuff for donkeys years. If you don't believe me give it a try.
oh shut yo boogaloo booty up man imagine wanting to buy and sell to make coins instead of bending over and gaping your butthole for ea to give you 120k in £80 of fifa points
Dangerously close the the "end of the week" here EA. 💩🤔
All the packs were given out and sorted the other day lol, despite a load of people complaining on twitter they didnt receive any but i doubt EA will do anything about it