Equifax Breach Relief Announcement Of $125 May Include Free Phishing

As a refresher, in 2017 there was a really, really big data breach involving the credit bureau, Equifax. It affected nearly half the population in the U.S. and caused many of those people a lot of grief trying to repair damage done by the leaked access to their social security numbers, dates of birth, addresses, credit histories, and basically any information needed to steal an identity. Well, in an effort to make that sting a little less painful, the government recently ordered Equifax to pay out about $700 million to those who were victims. It is easy to get a share of that, but it also leaves open many opportunities for phishing.

To be clear, you can potentially get other benefits instead of the $125 being advertised. They also have an option for partial credit monitoring reimbursement, if you used Equifax, reimbursement for costs related to dealing with the effects of the breach, monetary loss, and free credit monitoring.

If you were included in the long list of victims for this breach, be on the lookout for phishing email messages that will undoubtedly hit soon. They will likely mention Equifax, have a message related to the breach and/or the government action and probably will include a link or attachment. Just be sure that if you do receive anything in your email related to this that you take a few moments to review it carefully before clicking away. Watch for the telltale signs of phishing:

-The sender is not familiar-looking at all. Pay attention to the entire address.

-There are typos or the use of the language isn’t correct.
If you hover the mouse pointer over a link that is included, it doesn’t go where you would expect it to go.

-The messaging makes you feel as if you need to make a very quick, urgent choice to click something.

-The website any link takes you to isn’t secure (preceded by “https:”).

-And if you’re not one of the victims in this breach, but you get an email, definitely don’t click anything. Just delete the message. You can also get more information and find out if you were a victim by visiting the Equifax website or the FTC’s website.

To claim your resolution, just go directly to the website, equifaxbreachsettlement.com. If any link in your email doesn’t have that website in it, directly following by “.com,” don’t click it.

There is a “catch.” You can’t just get the $125, even if you were a victim. You have to accept the free credit monitoring first. If you already have credit monitoring in place, you may be eligible for the reimbursement, but may also have to prove you have it and will have it for six months. If you claim monetary reimbursement for dealing with it, be prepared to show proof before getting anything paid to you. The deadline to file is January 22, 2020. No payments will be issued before January 23 of 2020 either. That’s because they have to be authorized by a court, which will not be before that date.

Stickley on Security
Published July 30, 2019