Skip to Main Content

Make Sure You're Not Going to an Equifax Phishing Site


If the Equifax data breach isn’t bad enough, many consumers have been complaining about the sloppy ways in which the company has handled the aftermath. For example, there’s Equifax’s website dedicated to the matter: equifaxsecurity2017.com.

As Gizmodo’s Dell Cameron points out, this unofficial-looking URL could be easily spoofed, and that’s just what developer Nick Sweeting did when he created securityequifax2017.com. Sweeting made the fake site to prove just how easy it would be to copy Equifax’s website for a phishing scam and then dupe consumers to visiting the site. Check it out:

Proving Sweeting’s point, Equifax actually sent Tweets directing customers to this fake website. So if you’re going to visit Equifax’s website for updates, this is a good reminder to make sure you don’t end up at a fake phishing site.

As part of protecting your possibly stolen data, we’ve suggested freezing your credit reports at each bureau. Here’s where you can go to sign up for a freeze at each of the three major credit bureaus:

You can also give them a call:

  • Equifax: 1-800-349-9960

  • Experian: 1-888-397-3742

  • TransUnion: 1-888-909-8872

However, many readers have reported that they’ve been unable to sign up, and, as we mentioned, the problem with a freeze is that your PIN, the number you need to turn the freeze on and off, can be stolen if hackers break into the right vault (which is how this whole fiasco started to begin with). Indeed, Brian Krebs points out that it doesn’t even have to be that hard to get your PIN:

An alert reader recently pointed my attention to

a free online service

offered by big-three credit bureau Experian that allows anyone to request the personal identification number (PIN) needed to unlock a consumer credit file that was previously frozen at Experian.

The first hurdle for instantly revealing anyone’s freeze PIN is to provide the person’s name, address, date of birth and Social Security number (all data that has been jeopardized in breaches 100 times over — including in

the recent Equifax breac

h — and that is broadly for sale in the cybercrime underground).

All of these issues make it hard to take these security measures seriously, which isn’t to say you should forget about them. However, it’s a good reminder that no one cares about your data more than you. Make sure to monitor your credit, credit card accounts, and Social Security information.