Skip to main content

Did Equifax Send Concerned Users To A Phishing Site?

By October 5, 2017June 22nd, 2022Cybersecurity

By now, you’ve probably heard that Equifax recently suffered a massive data breach which left them with a considerable amount of egg on their faces.

The investigation into that matter is ongoing, and the company issued a video-based mea culpa to its customers, but unfortunately, the situation for the company just got worse. Here’s the basic timeline of events and where things stand so far:

• The first successful breach against Equifax occurred between May 2017 and July 29, when the intrusion was discovered.
• The secondary breach was just discovered this month, but actually occurred in March of 2017, before the main breach. The company maintains that the earlier attack had nothing to do with the most recent one, although a variety of anonymous sources claim that this is not the case.
• In both cases, Equifax retained the services of security company Mandiant to assist them with the investigation into the breaches
• As part of the company’s formal response to the breaches, they set up a website, “equifaxsecurity2017.com” which was designed as a portal that Equifax customers could use to see if they’ve been impacted by either breach.
• Unfortunately, the company recently sent out a tweet to its customers directing them to “securityequifax2017.com” which is a phishing site, almost certainly set up by the same hackers that attacked the company in the first place.

Equifax representatives quickly caught the mistake and deleted the tweet, but of course, the damage had already been done. As of today, Google Chrome now flags the phishing site as deceptive, but it is likely that at least some of Equifax’s customers clicked the link embedded in their tweet and found themselves on a bogus site.

The attack on Equifax, even considering the impact of the errant tweet, certainly wasn’t the largest hack we’ve seen in 2017 in terms of scope and scale. But it, taken together with the recent hack of the SEC’s EDGAR system, has done tremendous damage to the confidence in our economic system as a whole. Damage is done far beyond the physical size of the attacks and the total number of records impacted.

It’s too soon to say whether this represents a trend, with hackers pursuing some type of agenda-based strategy in preference for simple theft, but recent events could very well be interpreted in that way. Time will tell.

In any case, the answer to the question asked in the headline is yes. For a brief time, Equifax did indeed direct its users via Twitter, to a bogus site.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.