The IT Nerd

Earlier this week I told you about an email scam that was using the name of Canadian telco Rogers to make you more likely to fall for it. That scam was pretty bad. But on Friday, I came across an even worse scam that uses the Rogers name.

I got a phone call that had a caller ID of “Rogers” with an area code that started with “888” which is likely spoofed. Now my wife and I haven’t been with Rogers for just over a year, but I decided to pick up the call anyway. When I did a woman asked for my wife. That made sense because the Rogers account was under her name. I told the woman that I was her husband and she could speak to me. That’s when things got interesting. The woman told me that she was calling from “Rogers Customer Loyalty” and our Rogers account was selected as part of a promotion.

This is when I started to get suspicious. Like I said earlier, we haven’t been with Rogers for just over a year. So while I can see a scenario where Rogers might call us to try and get us back, there’s no department within Rogers called “Rogers Customer Loyalty” that would do that. Thus I was starting to think that this was a scam. Normally, this is where I would suggest that you hang up. But I wanted to confirm my suspicions, so I played along.

The woman then said that the promotion in question was that Rogers wanted to give us a free iPhone 14 Pro Max with a 35GB data plan for $50 a month. That really started the alarm bells ringing because Rogers to my knowledge never gives away free phones. Not only that, they don’t as far as I know have a 35GB data plan for $50 a month. Thus I was really thinking that this was a scam. Again, instead of hanging up, I played along.

First they wanted to confirm some information. And the information that they offered up was my wife’s email address and name. Then they wanted me to confirm the order by sending me a six digit verification code.

Ding! This confirms that this is a scam.

What the threat actors are up to are getting access to your Rogers account using your email address so that they can order an iPhone of some description, ship it to some location where this phone and every other phone from anyone who fell for this scam is then shipped to some other country for resale. Likely India given the fact that the person who called me had an Indian accent. The other possibility is that you do get the phone, but they they will call you on the day that you get it and say that they messed up and you need to send the phone back. They’ll email you a “return label” that simply sends the phone to a location from where they can forward the phone overseas. In either case, you get stiffed with the bill for the phone. The threat actors need the six digit verification code to get into your account because Rogers has moved to using using two factor authentication in order to stop threat actors from brute forcing their way into your account.

At this point I hung up, but here’s what concerned me. The threat actors clearly have acquired some accurate information that allows them to perpetrate the scam. It makes me wonder if Rogers had some sort of data breach where this information ended up in the hands of threat actors, or did they use a third party call centre who has a copy of this data and are now using this information for evil purposes? I don’t know for sure. But given that they called me with some very accurate information, the question has to be asked.

So if you get a call like this, what should you do? This is what I suggest:

1. Hang up and call into Rogers using one of the phone numbers on the Rogers website. The person that you speak to will instantly be able to tell you if you have any offers on your account. Chances are that you don’t have any offers, or not ones that fit this description. Thus validating that this is a scam They may also put a fraud alert on your account for your protection. At the same time, you should also confirm that no changes have been made to your account.
2. Never, ever give the threat actor the six digit verification code. They may say things to convince you that it’s okay to give them the verification code, but they are lying. No Rogers employee would ever ask for this code. Ever.

A suggestion that I have is that if you get a call like this, you should change the email address that your Rogers account uses. That way you can spot scams like this easier.

In my research for writing this story, I have not heard of a similar scam that targets Bell or TELUS customers. Nor any other telco in Canada. But a Reddit thread that I found seems to validate that I am not the only person who got a call like this. Thus this seems to be strictly targeted towards Rogers customers which adds some weight to the fact that the threat actors clearly have some information to allow them to target Rogers customers. Thus I have to wonder what Rogers is doing to investigate this and address this as this is clearly a threat aimed at former and current Rogers customers. Given the scale of this issue, Rogers needs to say something. And the sooner the better. In the meantime, watch out for this scam.

This entry was posted on August 13, 2023 at 8:34 am and is filed under Commentary with tags Rogers. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.