Equifax Under Fire For Linking To Fake Site
Equifax Inc. (NYSE:EFX) is under fire after it was found to be linking to a fake website as part of its efforts to inform consumers about a cyberattack the company disclosed in early September. As many as eight public tweets has sent potential victims to the same false address since September 9th. The tweets were deleted after the mistake was publicized.
Nick Sweeting, a software engineer, created an imitation of equifaxsecurity2017.com, Equifax’s page about the security breach, at securityequifax2017.com. Mr. Sweeting said he had created the site solely to draw attention to the weakness of Equifax’s security. Mr. Sweeting said in an email, “Their site is dangerously easy to impersonate. It only took me 20 minutes to build my clone.”
In his email, Mr. Sweeting explained that the Linux command “wget” will let anyone download the contents of a website, “including all images, HTML, CSS, etc.” The layout was the same as the real version, but the text differed.
Several posts from the company’s Twitter account directed consumers to Mr. Sweeting’s site. All of the incorrect tweets ended with “-Tim,” the name of the Equifax employee who wrote them. The Equifax spokeswoman did not say whether any disciplinary action had been taken against that employee.
The people who clicked through to Mr. Sweeting’s site are not in any danger of having more information compromised. By Wednesday evening, the site had been blacklisted the Chrome, Firefox and Safari browsers. Before he took it down, it had received about 200,000 hits.
In a short statement, Equifax said, “We apologize for the confusion. Consumers should be aware of fake websites purporting to be operated by Equifax.” Although the misspelled link likely wasn’t intentional on Equifax’s part, it demonstrates just how easy it is for attackers to trick consumers. People create fake versions of big companies’ websites all the time for phishing purposes.
It may have been a mistake for the company to create a separate website rather than a subdomain of equifax.com. Phishers cannot create a page on the equifax.com domain, so a page there would have guaranteed it was legitimate. If users end up on the wrong site, they could end up leaking the data they’re already concerned was stolen.