If you haven't received them yet, you probably will soon. Here comes the spam - unwanted e-mail messages - from scammers, supposedly related to the massive Equifax data breach. The spam will likely include phishing attacks: attempts to trick consumers into disclosing sensitive bank account and payment data.
What might this spam look like? The spam filter by my e-mail provider recently trapped the message below in my spam folder:
The sender's intent is to clearly leverage consumers' anxieties and fears about the massive, horrific Equifax breach. The e-mail message also states:
The message offers both three free credit scores and free credit reports. The problems I see with this e-mail:
- The message doesn't list a price for its offer. The company name -- FreeCreditClick -- implies the offer is free.
- Key items in the e-mail don't match. The company name in the "From" field doesn't match the e-mail address. Nor does the company name in the "From" field match the company name in the body of the message.
- The sender's e-mail address in the "From" field includes a version of an e-mail address I've seen before in other spam.
- The Equifax site already directs consumers affected by the data breach to an Equifax site to learn how to get protection (e.g., credit monitoring and fraud resolution services) for free.
- The e-mail offers credit reports from the three major credit reporting agencies: Experian, Equifax, and TransUnion. Informed consumers know that the official website for free credit reports is annualcreditreport.com.
- Informed consumers know that while there are several brands of credit scores, they probably need a single good one.
- The e-mail contains order and unsubscribe links with destinations that doesn't match either the company's name in "1" nor "2."
To understand #7, I reviewed the underlying HTML markup language used to create this e-mail message:
The destinations for both the order link (A) and the unsubscribe link (B) contain the "proffbuilder.com" site and embedded redirect commands. The redirect commands could take your web browser anywhere. Too risky, so I did not click on them.
As best I can tell, this definitely is spam. I don't trust it. What do you think?