Equifax Sends Customers to Fake Phishing Website
It’s common for people to create fake versions of larger companies’ websites all the time, usually for phishing purposes – to get sensitive information such as usernames, passwords and credit card information by posing as a trustworthy entity. But it’s not often that the companies link to them by mistake. That’s what credit card reporting company Equifax did after a cyberattack exposed the personal information of 143 million people.
Equifax Still Vulnerable
How did this happen? Equifax set up the site, equifaxsecurity2017.com, a website to help people if they had been affected. However, on multiple occasions, over a period of weeks, the company’s official Twitter account responded to customer inquiries by directing to a fake phishing site called securityequifax2017.com. Thankfully, the fake site was flagged by many Internet browsers and taken down.
In fact, this fake phishing website was set up by software engineer Nick Sweeting to educate people rather than steal their information. He had apparently received 200,000 hits. Sweeting tweeted out the fact that not only did Equifax tweet the wrong link, but did it three times. He said he wanted to bring attention to the fact that their site is “dangerously easy” to impersonate and that it took him only 20 minutes to build his fake website. Equifax later apologized for the confusion and said that all posts containing the wrong links had been deleted.
What Consumers Should Know
Here are a few things you should know in order to protect yourself as a consumer after the Equifax data breach:
- Scam artists: Be careful about con artists who may pretend to have information about the breach or who may falsely claim to want to help you. Some calls or messages may even be scams designed to steal your money or personal information. Never give your personal information to anyone.
- Arbitration clauses: Equifax has stated that enrollment in “TrustedID Premier,” which is their product offered in response to the breach, will not subject an enrollee to mandatory arbitration. The company’s original terms and conditions did include such a clause, but they say they have removed it. But that came only after widespread criticism about the arbitration clause. Equifax has also stated that the Terms of Use do not create a waiver of class action rights.
- Credit report: Be sure to monitor your credit report to help you identify signs of potential identity theft. Place an initial fraud alert on your credit report, which is free of charge.
- Bank accounts: Monitor your bank accounts for any suspicious activity. If you do find errors, notify your bank or credit provider immediately.
If you have been affected by the Equifax data breach, contact an experienced class action attorney to obtain more information about pursuing your legal rights.