Economy

Equifax tweets sent victims to phishing site

The site looks exactly like the real Equifax support site but scrolling down the page reveals some of the shortcomings in how Equifax built its site, including failing to get a reputable digital certificate to authenticate the site and encrypt data transmitted to it. The company's Twitter account is only making matters worse.

The company did not provide an explanation for how it made such an obvious mistake, particularly at a time when its practices were already under the spotlight after Equifax suffered a massive security breach. The links have been deleted, but screenshots show it was not a one-time flub. By using domains that are similar to the domains of a bank or Web service and copying the overall look and feel of the site, attackers can often fool people into thinking they're visiting a site they know and trust, rather than a malicious one set up for purposes of fraud.

Equifax's response to its data breach has been a total shitshow, something the company seems determined to remind us of each and every day. Instead of offering help, the site mocks Equifax for "using a domain that's so easily impersonated by phishing sites". Soon after it launched, some browsers flagged it as a phishing site.

Since the consumer received the link from an official service representative, they would have little reason to question the legitimacy of the site and would likely enter personal information into forms on the site without giving it a second thought.

Fake Equifax breach-response site created by Nick Sweeting.

And it appears even Equifax was duped by the fake site.

He told CNN Tech the move was a part of an effort to get Equifax to change the hosting to the company's secure website.

Nick Sweeting, the web developer who created the dummy website September 8, messaged me over Twitter that it only took him 20 minutes to make the clone. He used a simple content retrieval tool, the wget computer program, to copy Equifax's real website and host it on his own.

"Their response to this incident leaves millions vulnerable to phishing attacks on copycat sites", the fake website states.

Equifax has not yet responded to Slate'srequests for comment.



Like this

Latest


21 September 2017
Gerry Ritz apologizes for calling environment minister 'climate Barbie'
Tory MP Michelle Rempel, who has spoken out about the sexism women often face in politics , also weighed in Tuesday night. Maryam Monsef, minister for the status of women, took to Twitter to call out Ritz's "gender-based name-calling".

21 September 2017
Emir urges Trump to intervene in Gulf dispute
During his address , the Emir said that his people felt betrayed by the hacking of QNA, as well as the ensuing blockade. Doha has vehemently denied the charges and has pointed out that it is victim of a smear campaign.

21 September 2017
Consumer Goods Forum Calls for Streamlined Food Labels Worldwide by 2020
It is hoped that by defining the labels it will reduce wasted food, save families money and reduce their environmental footprint. The CGF includes most of the world's consumer goods giants from Tesco Plc to Campbell Soup, Nestle SA and Unilever Plc.

21 September 2017
General Electric Co Institutional Investor Sentiment Worsened in Q4 2016
KeyCorp restated a "hold" rating on shares of Portland General Electric in a research note on Friday, September 1st. The stock of General Electric Company (NYSE:GE) earned "Outperform" rating by Credit Suisse on Monday, November 23.

21 September 2017
Vikings unclear about QB Bradford's return
But it just could be money better spent to similarly invest in a backup quarterback who can actually lead your team to victory. Bradford said he has a clear indication of what the injury diagnosis is, but he would not elaborate further on the severity.

21 September 2017
McKesson Corporation (NYSE:MCK) Shorts Up 16.11% - Currently Trading Down
BidaskClub downgraded shares of McKesson Corporation from a "hold" rating to a "sell" rating in a report on Wednesday, August 9th. After $0.57 actual EPS reported by SEI Investments Company for the previous quarter, Wall Street now forecasts 0.00% EPS growth.

21 September 2017
Neil McCann isn't fazed by 'disgusting' abuse from Celtic fans
The Hoops play in Tayside before travelling across Glasgow to face bitter rivals Rangers in the Ladbrokes Premiership at Ibrox on Saturday.

21 September 2017
1 quake reported off Japan's east coast
The Japanese quake struck along a major fault line under the Pacific Ocean about 200 miles east of Fukushima. The tremor is said to have measured above 6.1, according to the US Geographical Society (USGS).

21 September 2017
Compass Minerals International, Inc. (CMP) Shares Sold by Shapiro Capital Management LLC
Compass Minerals Intl Inc now has a P/E ratio of 19.73 and market cap is 2.39B. 39 funds opened positions while 100 raised stakes. Massachusetts-based State Street Corporation has invested 0.01% in Compass Minerals International , Inc. (NYSE:CMP).

21 September 2017
Inc. MA Purchases New Position in Becton, Dickinson and Company (NYSE:BDX)
Finally, Boston Financial Mangement LLC increased its holdings in shares of Becton, Dickinson and by 10.2% in the 1st quarter. BidaskClub raised Becton, Dickinson and from a buy rating to a strong-buy rating in a research note on Tuesday, July 11th.



Recommended