Beware of Equifax Phishing Scams – Cybercriminals Are Typosquatting to Catch the Unwary

Consumers should be wary of Equifax phishing attacks following massive data breach revealed earlier this month. The 143 million records possibly stolen in the breach will be monetized, which means many will likely be sold to hackers.

Trend Micro has said that a batch of data of this scale could be sold for around $27 million on underground marketplaces and there would be no shortage of people happy to pay for the data. The records include the exact types of information that is sought by identity thieves, phishers, and hackers.

However, it is not necessary to obtain access to the stolen records to conduct scams. Many opportunistic hackers are taking advantage of consumer interest in the breach and are preparing phishing websites to fool the unwary into handing over their sensitive information. Equifax’s response to the breach has also made it more simple for phishers to carry out their attacks.

Equifax has chosen not to advise all breach victims by mail. Only the 209,000 individuals whose credit card numbers were exposed will be receiving a breach notification letter in the post. All the remaining breach victims will have to check the Equifax website to find out if their information was impacted in the breach. With almost 50% of the population affected, and next to no one being directly informed, virtually the entire population of the United States will need to go online to find out if they have been impacted by the breach.

Equifax has created a new domain where information is given to consumers on the steps they can take to secure their accounts and minimize the risk of financial damage. The official website is equifaxsecurity2017.com. Using this website, U.S consumers can get constant updates and enroll in the free credit monitoring services being provided.

To obtain the free credit monitoring services, consumers will be  sent to a website with the domain trustedidpremier.com and will need to provide their name and the last six digits of their social security number to begin the process. Hackers have been quick to take advantage and have registered swathes of websites and are using them to phish for sensitive data.

Link copied to clipboard
Photo of author

Posted by

Elizabeth Hernandez

Elizabeth Hernandez is a news writer on Defensorum. Elizabeth is an experienced journalist who has worked on many publications for several years. Elizabeth writers about compliance and the related areas of IT security breaches. Elizabeth's has a focus data privacy and secure handling of personal information. Elizabeth has a postgraduate degree in journalism. Elizabeth Hernandez is the editor of HIPAAZone. https://twitter.com/ElizabethHzone