Slashdot Mirror

← Back to Stories (view on slashdot.org)

Equifax Has Been Sending Consumers To a Fake Phishing Site for Almost Two Weeks (gizmodo.com)

Posted by msmash on from the security-nightmare dept.

An anonymous reader shares a Gizmodo report (condensed for space): For nearly two weeks, the company's official Twitter account has been directing users to a fake lookalike website. After announcing the breach, Equifax directed its customers to equifaxsecurity2017.com, a website where they can enroll in identity theft protection services and find updates about how Equifax is handing the "cybersecurity incident." But the decision to create "equifaxsecurity2017" in the first place was monumentally stupid. The URL is long and it doesn't look very official -- that means it's going to be very easy to emulate. To illustrate how idiotic Equifax's decision was, developer Nick Sweeting created a fake website of his own: securityequifax2017.com. (He simply switched the words "security" and "equifax" around.) As if to demonstrate Sweeting's point, Equifax appears to have been itself duped by the fake URL. The company has directed users to Sweeting's fake site sporadically over the past two weeks. Gizmodo found eight tweets containing the fake URL dating back to September 9th.

8 of 154 comments (clear)

  1. Re:Is someone paying them to be this stupid? by phantomfive · · Score: 3, Funny

    How can anyone be this bad at their core business?

    Their core business is, literally, collecting and sharing information. They shared it with a few too many people in this case, but hey, can you blame an over-achiever?

    --
    "First they came for the slanderers and i said nothing."
  2. Re:Is someone paying them to be this stupid? by burtosis · · Score: 5, Funny

    Hahahaha, good one - free market. We don't need those stupid consumer protections ^H^H^H^H^H^H^H^H^H^H^H^H^H^H overreaching regulations.

  3. Re:Wow by whoever57 · · Score: 4, Funny

    Don't forget that they have a talent deficit: they just lost their head of information security.

    --
    The real "Libtards" are the Libertarians!
  4. Re:Is someone paying them to be this stupid? by Anonymous Coward · · Score: 2, Funny

    Do you think they'd then be required to sell their database info to the highest bidder to recoup loses?

  5. Re:Is someone paying them to be this stupid? by Pascoea · · Score: 5, Funny

    Do you think they'd then be required to sell their database info

    I thought I heard it's already available online somewhere. Can't put my finger on where I heard that though.

  6. The only reasonable solution... by sinij · · Score: 5, Funny

    The only reasonable solution here is to jail Nick Sweeting for fraud.

  7. Re:Wow by computational+super · · Score: 4, Funny

    AND they have nobody to compose a new corporate jingle!

    --
    Proud neuron in the Slashdot hivemind since 2002.
  8. Re: Is someone paying them to be this stupid? by Anonymous Coward · · Score: 2, Funny

    No, he's Jesuit.