Equifax sends breach victims to a phishing site


Equifax sends breach victims to a phishing site

Equifax, like many companies, handles customer service and complaints through its Twitter account.

Equifax has created equifaxsecurity2017.com to help anxious customers identify if they have been hacked or are in the safe zone.

Nick Sweeting, a full stack developer made a decision to show the company and the consumers about the vulnerabilities within the site and created the clone in less than 20 minutes.

Mr. Sweeting explained in his email that a Linux command, "wget", allows anyone to download the contents of a website, "including all images, HTML, CSS, etc". He created it within hours of the breach announcement to show how easily it is to impersonate the response website. Also, he ensured the people that all their data was not stored as the form was actually disabled.

A phishing website is a website that is created to look visually similar to the website someone is looking for, and is usually meant to steal information. Because "equifaxsecurity2017" is so long and unofficial-sounding, users may not recognize what's real and what's fake.

Sweeting only found out Wednesday morning that Equifax had been tweeting out his site, which he claims has been visited 78,653 times as of noon Eastern on Wednesday.

Other examples of Equifax pointing to the fake site have surfaced, dating back to September 9. But that URL isn't memorable and is easily confused with something else - say, for example, securityequifax2017.com.

But at least as early as September 9 - two days after announcing the breach - Equifax representatives on Twitter were directing consumers to Sweeting's spoof site rather than to the company's page, according to The Verge.

Unsurprisingly, someone cloned that site and hosted that copy at a very similar URL: https://securityequifax2017.com.

"We apologize for the confusion", the statement said.

From all the wrong tweets, it can be gathered that they came from a customer support employee or maybe an intern called "Tim".

In failing to correctly patch a known vulnerability and exposing the personal data of potentially 143 million Americans to hackers, Equifax made a security blunder of epic proportions - however, it appears the company is just getting started.

Clicking through the links prompts a person to enter their last name and last six of their SSN, much like on the real Equifax site, but upon hitting "continue" the cloned webpage gives you a warning.