ADVERTISEMENT
ADVERTISEMENT

Equifax mistakenly told consumers worried about its data breach to go to a spoof site (EFX)

On Twitter, Equifax representatives pointed consumers to a site set up specifically to point out a problem with the company's security, according to a report.

Add another "oops" to Equifax's pile.

For more than a week, company representatives have been directing consumers to a fake phishing site instead of to one maintained by the credit-reporting agency, according to a new report by The Verge.

The site — securityequifax2017.com — was created by a software developer to show how easy it would be to spoof the webpage Equifax created to inform consumers about its recent massive security breach, according to the report.

The site Equifax set up is equifaxsecurity2017.com.

ADVERTISEMENT

"I made the site because Equifax made a huge mistake by using a domain that doesn't have any trust attached to it" as opposed to hosting it on equifax.com, Nick Sweeting, who created the spoof page, told The Verge. "It makes it ridiculously easy for scammers to come in and build clones — they can buy up dozens of domains, and typo-squat to get people to type in their info."

In an emailed statement, an Equifax representative told Business Insider: "All posts using the wrong link have been taken down. To confirm, the correct website is https://www.equifaxsecurity2017.com. We apologize for the confusion."

The company did not provide an explanation for how it made such an obvious mistake, particularly at a time when its practices were already under the spotlight.

Earlier this month, the credit-reporting company acknowledged that a hack had compromised the personal data of 143 million US consumers and an unknown number of foreign ones, making it one of the biggest computer-security breaches in history. In response to the breach, the company set up a site for consumers to check whether their information was affected.

But at least as early as September 9 — two days after announcing the breach — Equifax representatives on Twitter were directing consumers to Sweeting's spoof site rather than to the company's page, according to The Verge. Sweeting said he had taken steps to protect the data of consumers who inadvertently ended up at his site.

ADVERTISEMENT

JOIN OUR PULSE COMMUNITY!

Unblock notifications in browser settings.
ADVERTISEMENT

Eyewitness? Submit your stories now via social or:

Email: eyewitness@pulse.ng

Recommended articles

Here's everything to know about being a virgin on your wedding night

Here's everything to know about being a virgin on your wedding night

7 do's and don’ts of the Holy month of Ramadan

7 do's and don’ts of the Holy month of Ramadan

Top 5 sweetest celebrity mother-child relationships that stand out for us

Top 5 sweetest celebrity mother-child relationships that stand out for us

International Women's Day: 5 Nigerian female celebrities championing women’s rights

International Women's Day: 5 Nigerian female celebrities championing women’s rights

Top 5 female directors in Nollywood

Top 5 female directors in Nollywood

6 things that will break a Muslim's fast during Ramadan

6 things that will break a Muslim's fast during Ramadan

5 benefits of fasting during Ramadan

5 benefits of fasting during Ramadan

5 reasons Easter was more fun when we were children

5 reasons Easter was more fun when we were children

Dos and don’ts of supporting Muslims during Ramadan

Dos and don’ts of supporting Muslims during Ramadan

ADVERTISEMENT
ADVERTISEMENT