Equifax’s (NYSE: EFX) software engineer, Nick Sweeting, created an imitation of equifaxsecruity2017.com which is the company’s page about the security breach that exposed 143 million Americans’ personal information. Equifax’s Twitter account raised many concerns after directing consumers to the fake version, securityequifax2017.com.
The layout of the fake website was same as the real version with a complete identical top heading, “To enroll in complimentary identity theft protection and credit file monitoring, click here.” However, another headline in large text was different saying, “Cybersecurity Incident & Important Consumer Information Which is Totally Fake, Why Did Equifax Use a Domain That’s So Easily Impersonated By Phishing Sites?”
Sweeting says that Equifax’s site is dangerously easy to impersonate. Any person entering their information would be required to enroll in identity theft protection which would be their surname and the last 6 digits of their Social Security number. The site was created only to draw attention to the weakness of the company’s security and all posts as well as data collected from the wrong link had been removed and deleted.
Consumers are urged to be aware of fake websites that don’t originate from their original two pages, equifaxsecurity2017.com and Equifax.com.