A security researcher (Randy Abrams) found newly that an Equifax service (aa.econsumer.equifax.com) created for getting free and discounted credit reports had been redirecting users to sites offering a fake Flash Player installer to serve adware and scams.
According to the researcher:
“As I tried to find my credit report on the Equifax website I clicked on an Equifax link and was redirected to a malicious URL. The URL brought up one of the ubiquitous fake Flash Player Update screens.”
Equifax has suffered a breach of huge proportions before this cyber incident when an attacker was able to get access to the company’s servers through an unpatched Apache Struts installation and was able to steal over 145 million user records and other data.
Attackers were redirecting customers depending on the kind of device and their geographic location, for instance, Android and iOS devices were served with false updates, premium SMS services, and other false websites.
The company confirmed the issue and said that the IT and security teams are looking into this matter, and out of an abundance of caution have temporarily taken this page offline.