If Football Club means as much to you as it does to us, taking the time to protect your FC 27 account is essential. This guide explains how to safeguard your progress and avoid the scams and tricks used by cheaters to steal sensitive account information.
How to Keep your FC 27 Account Safe
To reduce your risk of falling victim to phishing attempts and other scams, follow these key guidelines:
- Always confirm that the sign-in URL starts with https://www.ea.com;
- Check that the URL does not redirect to another site;
- Do not share your personal information on forums, social media, or through your console;
- Avoid clicking on links in emails that request your account details or claim that your account is compromised.
Remember, EA will never ask for your login information. Any email requesting this is almost certainly a scam.
How to Avoid Scammers
Scammers often target Football Club players to gain access to their accounts. Being aware of common tactics can prevent you from becoming a victim.
Fake Emails and Copycat Websites
You might receive an email that looks like it’s from EA regarding a special Ultimate Team promotion. Clicking the link may lead you to a page that appears to be the official login screen. After entering your username and password, you might later discover your players or rewards have disappeared. This is a classic phishing scenario.
Phishing works by tricking users into providing sensitive information, such as login credentials, by directing them to fake websites. These sites often imitate legitimate ones perfectly, making them hard to spot until it’s too late.
While these phishing pages can look identical to the official site, the URL is the key difference. The official EA website always uses https://www.ea.com/. If the URL is different, you are likely on a fraudulent site. Always double-check URLs before entering personal information to avoid phishing attacks.
Redirecting
Redirecting scams use links that first take you to the real website but then send you to a fake page that looks identical. A common example to watch for is: https://www.ea.com/redirect?url=https://fakesite.com
The presence of ‘redirect?’ in the URL indicates you are not on the official EA website. EA will never redirect you from https://www.ea.com/ to an external site.
Scare Tactics
Some scammers try to frighten you into thinking your account has been compromised. A typical message might read: ‘Your account has been temporarily suspended due to suspicious activity. Log in here to see more information.’ Such messages aim to steal your login credentials by directing you to a fake site. EA will never send emails claiming your account has been compromised and will not request sensitive information through email or messages.
Direct Contacts
If you receive a private message on forums or your console’s messaging system claiming to be from EA staff, exercise caution. Scammers often use convincing names like ‘EA Admin’ or ‘EASFC Developer’ to appear legitimate. EA will never request your account information or reach out via console messaging. Report any suspicious messages using forum tools or the platform’s reporting system to protect yourself and others.
Fake Web App
Shared Squad links are sometimes exploited for phishing. You do not need to log in to view a Shared Squad—anyone can see them. Official links always start with https://www.ea.com. If a Shared Squad link redirects you to a login page, stop and do not enter any credentials to avoid risk.
Additional Security Steps
Beyond the guidelines above, the following steps add extra layers of protection for your FC 27 account.
Preview Links
Hover over any link before clicking to see where it leads. Most browsers display the link destination at the bottom of the window.
Auto-Fill Passwords
Set your browser to remember passwords for EA sites. This allows automatic form-filling on legitimate sites. If you land on a phishing page, the fields will remain empty, alerting you to danger. Only enable this feature on personal devices for security.
Create Strong Passwords
Although not directly phishing-related, strong passwords are essential. Use unique passwords for your EA account, console login, and email. Change them regularly, avoid easily guessable info, and delete any emails containing password details promptly.
Avoid Public Computers
When using public computers, ensure your login info is not saved and clear the browser cache after logging out.
Use Browser Tools
Enable built-in phishing filters in your browser. You can also check a site’s security using Google’s diagnostic tool: https://www.google.com/safebrowsing/diagnostic?site=easports.com.
Turn On Login Verification
EA Login Verification adds a second layer of security. When activated, EA sends a code to confirm it’s you logging in from a new device.
Double-Check Emails
If you receive a suspicious email, don’t panic. Your FC 27 account is not automatically compromised. Scammers often copy images and text from legitimate EA emails. Check the sender and hover over all links to verify destinations. Phishing emails often use names you can easily find and fake login links. EA only contacts you via email to reset a forgotten password when you request it.