Many Equifax Domain Names Registered

Yesterday, we learned that there was a major security breach at Equifax that may impact well over 100 million Americans and others. This is a concerning situation to those who are impacted, but there may be another threat looming for victims and others who may become victims in an effort to see if they were impacted by this breach.

A look at Verisign’s DomainScope tool that tracks new domain name registrations shows 135 .com and .net domain names were registered just yesterday with “Equifax” in them. There have been more registrations today, and I presume this number will continue to climb. I only searched for the correct spelling of Equifax, so this result does not include any typographical errors that spelled the company name wrong, nor does it include domain names that are related but do not include “Equifax” in them. In addition, because the tool is Verisign’s, it does not include registrations made in other extensions such as .org, .us, or any of the new gTLD extensions.

Domain name registrations are a concern because of the potential for bad actors to set up websites that attempt to confuse consumers into giving their personal information in an attempt to see if they are impacted by the breach or are looking to obtain identity theft protection. Maliciously registered domain names could also be used to send phishing emails with the same goal of stealing information.

Some (or many) of these domain names may have been registered by Equifax or companies acting on behalf of Equifax to keep them out of the hands of bad actors. I did not do an exhaustive search of domain registrations, but the company may have registered a swath of domain names that could be confusing to consumers. Many of the domain registrations I checked are privately registered, so without visiting each domain name individually to see what resolves and where, it is tough to know who owns what domain name.

There are possibly ways that domain names that have “Equifax” in them could be used by unrelated entities. I presume law firms could register domain names to seek out clients who wish to participate in class action lawsuits. This is probably more of a grey area in intellectual property law, so I am not entirely sure about whether these domain names could be used legitimately.

Unfortunately, there really isn’t much that can be done at the registrar or registry level, although the Equifax legal department could (and should) take legal action to recover these domain names. UDRP filings and litigation are two options the company has at its disposal.

As with everything these days, people really need to be aware that a domain name with a brand name in it may not be legitimate.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn


Leave a Reply

Recent Posts Acquired for More than $10 Million

Last week, Hilco Digital's Andrew Miller shared that he and Larry Fischer brokered the sale of the domain name. Andrew mentioned that it...

Hilco Digital Assets Announces $10m Investment in Squadhelp

Squadhelp has become a leading brand naming marketplace, connecting business owners and entrepreneurs with domain names listed for sales on its platform. Led by...

Questions Related to Uni —> Afternic Parking Migration

If you are a Uniregistry customer, you most likely received an email explaining the upcoming migration of the Uniregistry Market and parking platform to...

Some Uni-Registered New gTLDs Will be Transferred to 1API

I received an email from Uni (formerly Uniregistry) that I initially thought was a Whois verification email and almost ignored. It was, in fact,...

Advice and Resources for a Newbie Domain Investor

Someone reached out to me on Twitter seeking advice for selling domain names. In a short tweet thread, I shared a few thoughts and...