Equifax team accidentally sent some people to a phishing website

By Brittany Roston/Sept. 20, 2017 7:40 pm EST

Equifax has been heavily criticized over its decision to use a separate website for its data breach info, and it just demonstrated the reason why: it is easy for people to get the address mixed up with other similar websites set up by scammers or anyone else. Some Equifax team members were spotted erroneously pointing concerned people to a phishing website with a domain name similar to the official one Equifax is using.

A phishing website is a website that is designed to look visually similar to the website someone is looking for, and is usually intended to steal information. For example, a phishing website targeting a specific bank's customers may steal the official site's design, stealing users' login information when they attempt to log into their account.

FTC breaks trend to confirm it is investigating Equifax breach

After revealing its massive data breach, which exposed highly sensitive information belonging to millions of people, Equifax launched a dedicated security website where customers could get more information, sign up for ID protection, and more. The decision to do all of this on a separate domain rather than its known and trusted Equifax.com website was controversial.

Experts pointed out that hackers and others could purchase very similar domains, set up a website that looks official, and then seed the website URL out into the wild, hoping to lure in unsuspecting victims. That is exactly what happened, sort of: a software engineer named Nick Sweeting set up a 'phishing' website designed to expose the inherent security risk Equifax created by using something other than its Equifax.com domain.

The official domain address is "equifaxsecurity2017.com" whereas Sweeting's version is "securityequifax2017.com." It's easy to see how someone could confuse them, and that's exactly what happened. Some Equifax team members were spotted tweeting the phishing website link to people instead of the official link. Upon visiting the phishing website, people were greeted with a statement warning about phishing risks.

The website appears to no longer be live, and Chrome/Safari/Firefox browsers automatically block visitors from trying to access it. Concerns still abound, though, over whether some people will unwittingly fall victim to other websites that may pop up in coming days and weeks to deceive consumers. The tweets with the phishing link have since been deleted.

SOURCE: NYT