Put another check in the Equifax goof column.
As if consumers weren’t already confused enough when they tried to find out if they were part of the credit reporting company’s massive data breach, at least some of them were misdirected to a phishing website by Equifax itself, according to various published reports.
Over the last couple of weeks, tweets from the official Equifax account and signed by “Tim” directed a handful of Twitter users to a fake site instead of to the official Equifax site set up specifically to help concerned consumers, Equifaxsecurity2017.com.
The fake site used an address similar to the valid Equifax site. Instead of offering help, the site mocks Equifax for “using a domain that’s so easily impersonated by phishing sites.” (A CNBC computer blocked access to the site, calling it a security threat.)
Equifax has since deleted the tweets.
“All posts using the wrong link have been taken down,” a company spokesperson said. “We apologize for the confusion.”
Equifax has said that the personal information of 143 million consumers was potentially compromised in the cyberattack revealed by the company Sept. 7.
The takeway from all this: You need to triple check that you’ve landed on the right webpage.
Source: Tech CNBC
Equifax tweets sent breach victims to phishing site