wcpo.com National News Partner

Equifax Fell For A Clone Of Its Website - And Then Sent Users To It

To help people sign up for its credit monitoring service, Equifax directed some Twitter users to "securityequifax2017.com."

The issue with that? It's not the right website.

Equifax's actual website is "equifaxsecurity2017.com," but the company tweeted out the link to a fake site with a similar URL for nearly two weeks.

Following reports that the links were fake, Equifax deleted the misleading tweets

The fake website — which is now blocked by Chrome and Firefox — wasn't created to be malicious. It was actually developed to draw attention to the possibility of real phishing schemes, and it worked so well even Equifax fell for it. 

SEE MORE: Equifax Was Warned To Fix System Flaws Months Ago

Nick Sweeting, the reported developer behind the misleading site, told Gizmodo he only needed $10 and 20 minutes to build his clone. He also said: "I can guarantee there are real malicious phishing versions already out there."

Phishing works when hackers clone trusted websites with reworded — or even misspelled — URLs to deceive users into entering personal information. Because "equifaxsecurity2017" is so long and unofficial-sounding, users may not recognize what's real and what's fake.


Trending stories at Newsy.com

Comments
Watch Newsy Everywhere

Mobile Apps

See All Apps
download newsy apple download newsy android

Streaming TV Devices

See All Devices
stream newsy roku stream newsy amazon stream newsy apple tv