JuralMin / Pixabay

What happened?

Equifax can’t catch a break. The company’s most recent security event involved infectious malware placed on its main website, Equifax.com.

The malware was initially discovered by a security analyst attempting to dispute information on his credit reports. According to news sources, he was redirected to a fake page titled “hxxp:centerbluray.info” where he was prompted to download an Adobe Flash player.

In reality, the Flash player download was harmful malware designed to flood Internet Explorer browsers with unsolicited ads.

What’s Flash?

Flash is a browser plug-in that provides streaming animation for various web pages. While security experts agree that it is “powerful” software, Flash has also been criticized by the industry when it comes to its security. Because of Flash’s numerous security holes, hackers have continuously used it in malware development.

The Flash player malware that affected Equifax was intended to convince victims of its legitimacy by using the real Equifax website. As a result, victims were convinced to download the malware, ultimately spreading it to others.

The Equifax run-in with the Flash player malware shows, once again, just how easy it is to be fooled by cybercriminals. Criminals often place malware in high-volume areas of the Internet to reach as many potential victims as possible.

What should you do?

Equifax took immediate action by removing the page from its site. Even though you cannot prevent how hackers use malware, you can take a proactive approach when it comes to online downloads and providing information on the Internet:

  • Investigate all download prompts. Most websites will ask if you’d like to approve a download from the Internet. If you do not recognize the file, do not download it.
  • Avoid files or downloads that contain double extensions (i.e. File.doc.exe). Double extensions often indicate that cybercriminals are trying to disguise a malicious file.
  • Never accept downloads or enter personal information into sites without a secure green lock.