Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 17 submissions in the queue.

Equifax Linked to a Fake Breach Info Site for Weeks

posted by Fnord666 on Thursday September 21 2017, @09:03PM   Printer-friendly
from the faux-phishing dept.

takyon writes:

Equifax's Twitter account linked to a website created by a software engineer imitating the real breach info site:

People create fake versions of big companies' websites all the time, usually for phishing purposes. But the companies do not usually link to them by mistake.

Equifax, however, did just that after Nick Sweeting, a software engineer, created an imitation of equifaxsecurity2017.com, Equifax's page about the security breach that may have exposed 143 million Americans' personal information. Several posts from the company's Twitter account directed consumers to Mr. Sweeting's version, securityequifax2017.com. They were deleted after the mistake was publicized.

By Wednesday evening, the Chrome, Firefox and Safari browsers had blacklisted Mr. Sweeting's site, and he took it down. By that time, he said, it had received about 200,000 hits.

Fortunately for the people who clicked, Mr. Sweeting's website was upfront about what it was. The layout was the same as the real version, complete with an identical prompt at the top: "To enroll in complimentary identity theft protection and credit file monitoring, click here." But a headline in large text differed: "Cybersecurity Incident & Important Consumer Information Which is Totally Fake, Why Did Equifax Use A Domain That's So Easily Impersonated By Phishing Sites?"

Also at The Verge.

Previously: Equifax Data Breach Could Affect 143 Million Americans [Updated]
Are You an Equifax Breach Victim? You Could Give Up Right to Sue to Find Out
Outrage Builds after Equifax Executives Banked $2 Million Following Data Breach
Equifax CIO, CSO "Retire" in Wake of Huge Security Breach

Original Submission

 
This discussion has been archived. No new comments can be posted.
Equifax Linked to a Fake Breach Info Site for Weeks | Log In/Create an Account | Top | 9 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Thursday September 21 2017, @10:26PM (3 children)

    by Anonymous Coward on Thursday September 21 2017, @10:26PM (#571440)

    The comments of the fake website's comment applied to me as well. I thought good and hard about going to that website and entering personal information. The same could be said of numerous class action lawsuit websites, too (which may be a strategy to reduce the number of claimants).

    Regardless, though, I'm immediately reminded of PuTTY. It's such a great and versitile tool. Too bad it's hosted on one of the least official [greenend.org.uk] websites. In fact, I suspect it is the single best and industry standard program on the most suspicious location.

    I wonder why they never moved it. Anybody here know?

  • (Score: 0) by Anonymous Coward on Thursday September 21 2017, @10:56PM

    by Anonymous Coward on Thursday September 21 2017, @10:56PM (#571451)

    You needn't provide any personal information to download PuTTY. The executable is "signed using an Authenticode certificate". You do check those, right?

  • (Score: 2) by requerdanos on Thursday September 21 2017, @11:04PM

    by requerdanos (5997) Subscriber Badge on Thursday September 21 2017, @11:04PM (#571455) Journal

    PuTTY [is] hosted on one of the least official [greenend.org.uk] websites. In fact, I suspect it is the single best and industry standard program on the most suspicious location. I wonder why they never moved it. Anybody here know?

    Admittedly, I don't know, but would guess that as a Windows application intended for people who live in the Windows World, much of their target audience is of the "I don't really get that security stuff" variety, and one might wonder why go to the trouble of making a real-looking website or having signed official builds if the userbase of the program wouldn't, by and large, notice.

    There are lots of windows admins and lots of windows users that do know what's up, of course, but I wouldn't think they would make up a huge percentage of the userbase of any Windows-World software, not even this one. (Though of course this one, as a common ssh tool, should have a higher percentage of security-savvy users than other windows things, I believe that still doesn't make for an overpowering number.)

    This is rather a shame, because the situation has been exploited [securityaffairs.co] in the wild.

    Situation for Equifax is similar--the vast majority of their victims* don't know from good security. But in both cases, just because there's a large group of users or victims that doesn't know much about security doesn't mean that there are not experts who DO know about security, and doesn't absolve Equifax nor Mr. Tatham of their responsibilities in the realm thereof.

    ---
    * Equifax's users are those who have subscriptions to negative or neutral things that Equifax says about their victims; it's a different group than the one to which I refer above.

  • (Score: 3, Informative) by FatPhil on Thursday September 21 2017, @11:34PM

    by FatPhil (863) <{pc-soylent} {at} {asdf.fi}> on Thursday September 21 2017, @11:34PM (#571466) Homepage
    If you don't know chiark, maybe you're the ignorant one.
    You'll be telling me you've never hears of Ian Jackson next.
    "What the fuck's Debian?" I hear you cry!

    Chiark's one of the more reliable hosts on the internet - it's not rebranded, mergered, or renamed itself in at least 20 years. Simon Tatham's stuff hasn't moved either, why would it - it's where it belongs, on his chiarck home page?
    --
    Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves