Equifax sends breach victims to fake notification site

Equifax sends breach victims to fake notification site

7 years ago
Anonymous $wKBR2uNMvM

https://arstechnica.com/information-technology/2017/09/equifax-directs-breach-victims-to-fake-notification-site/

The official Equifax Twitter account encouraged people to visit a knock-off website that mocks the company's security practices instead of the site the company created to warn of a massive data breach. That recent breach exposed personal details for as many as 143 million US consumers.

In a tweet on Tuesday afternoon, an Equifax representative using the name Tim wrote: "Hi! For more information about the product and enrollment, please visit: securityequifax2017.com." The message came in response to a question about free credit monitoring Equifax is offering victims. The site is a knock-off of the official Equifax breach notification site, equifaxsecurity2017.com. A security researcher created the imposter site to demonstrate how easy it is to confuse a legitimate name with a bogus one. The Equifax tweet suggests that even company representatives can be easily fooled. The tweet was deleted late Wednesday morning, more than 18 hours after it went live.

Equifax sends breach victims to fake notification site

Sep 20, 2017, 7:19pm UTC
https://arstechnica.com/information-technology/2017/09/equifax-directs-breach-victims-to-fake-notification-site/ >The official Equifax Twitter account encouraged people to visit a knock-off website that mocks the company's security practices instead of the site the company created to warn of a massive data breach. That recent breach exposed personal details for as many as 143 million US consumers. >In a tweet on Tuesday afternoon, an Equifax representative using the name Tim wrote: "Hi! For more information about the product and enrollment, please visit: securityequifax2017.com." The message came in response to a question about free credit monitoring Equifax is offering victims. The site is a knock-off of the official Equifax breach notification site, equifaxsecurity2017.com. A security researcher created the imposter site to demonstrate how easy it is to confuse a legitimate name with a bogus one. The Equifax tweet suggests that even company representatives can be easily fooled. The tweet was deleted late Wednesday morning, more than 18 hours after it went live.