Equifax's Latest Headache: a $10 Fake Website

Still reeling from a double data breach and accusations of insider trading, the New York Times now reports that Equifax's latest problem comes via a software engineer who created a phony copy of its website about the data intrusion—which the company then included in a series of tweets. Nick Sweeting says he worked up securityequifax2017.com (a flip of the company's equifaxsecurity2017.com) to expose how easy it would be for phishers to make a copycat site. 

"Their site is dangerously easy to impersonate," he says. Sweeting took pics of some of the now-deleted Equifax tweets, which started around Sept. 9 and went through at least Sept. 19, per Gizmodo. The company's critical error, per cybersecurity experts who spoke to the Times: It created an entirely new site instead of a subdomain of Equifax.com, making the company's site more vulnerable to phishing.

Read the full story on Newser.com

• One of the Best Online Comments Ever, Explained
• Company Will Front Your Down Payment. Here's the Catch
• SEC: Our Filing System Got Hacked