Monday, 18 December 2017
Latest news
Main » After Equifax breach, company sent victims to wrong site for weeks

After Equifax breach, company sent victims to wrong site for weeks

21 September 2017

The website that the company was planning to send the data breach victims to was equifaxsecurity2017.com, as we have previously reported.

Over the last couple of weeks, tweets from the official Equifax account and signed by "Tim" directed a handful of Twitter users to a fake site instead of to the official Equifax site set up specifically to help concerned consumers, Equifaxsecurity2017.com.

More news: Sony launches 'Xperia XA1 Plus' with 23MP camera at Rs 24990

A phishing website is a website that is created to look visually similar to the website someone is looking for, and is usually meant to steal information. Soon after it launched, some browsers flagged it as a phishing site.

The credit agency's Twitter account tweeted links on Wednesday to a fake site pretending to be Equifax, further bungling the company's response to a massive hack that affected 143 million customers. The decision to do all of this on a separate domain rather than its known and trusted Equifax.com website was controversial. Some sites are claiming that the fake site itself was a phishing site - Google alerts Chrome users that it is - but according to The Verge, the fake site itself was set up by full-stack developer Nick Sweeting to "expose vulnerabilities that existed in Equifax's response page".

More news: Ivanka Trump felt postpartum depression hindered her 'potential' as a parent

General Slatery encouraged Equifax to "take all possible steps to help consumers access any rehabilitative services easily and efficiently" and advised Equifax of the frustration that many consumers are experiencing when they contact Equifax or visit its website. The timestamp on the tweet is from September 19, and the tweet was still up as of the morning of September 20 (it was deleted during the course of writing this story).

"It's in everyone's interest to get Equifax to change this site to a reputable domain", Sweeting said. "Consumers need to be vigilant about regularly monitoring their financial accounts and credit reports, and Equifax must actively assist consumers in those efforts", General Slatery said. "I can guarantee there are real malicious phishing versions already out there". In the 11 days since then, he said he's received more than 100,000 hits on his fake URL.

More news: Ron Howard Teases Kessel Run — Han Solo Spin-off

"Their response to this incident leaves millions vulnerable to phishing attacks on copycat sites", the fake website states.

After Equifax breach, company sent victims to wrong site for weeks