A New Rogers Email #Scam Is Making The Rounds

My wife and I haven’t been customers of Rogers for well over a year now. Thus when this email hit my inbox, I knew immediately that it was a scam:

Now besides the fact that my wife and I aren’t customers of Rogers, here’s the other reason why it’s a scam:

This email was not sent from a Rogers.com or an rci.rogers.com email address. Which means it was not sent by Rogers.

But the question is, what is the threat actor up to? To find out, I clicked on the Review Refund button which you should never do and got this:

This is a very, very bad copy of the login screen for “my Rogers” which is Rogers account management website. Here’s the real one:

Besides the look and feel of the website, there’s the fact that the fake one is clearly not being hosted by Rogers:

This is highlighted by the fact that you don’t see Rogers.com anywhere in the web address. Contrast that with the real one:

The real one has “account.rogers.com” in it.

My initial thought was that this looks like your classic credential harvesting scam to me. By that I mean that this scam wants to grab your credentials so that the threat actors can log into your account and do who knows what. Perhaps order an iPhone or two like I’ve seen in this scam involving Rogers. But I would be wrong. Entering a fake email address and password took me to this page:

It looks like they’re trying to steal your credit card details and using the “refund” that you’re supposed to get as a pretext for that. Not exactly new and it likely won’t fool most people. But as I’ve always said, scams don’t have to be successful in volume to be successful. I’ll be alerting Rogers about this so that they are aware. And the fact that you’ve read this means that you’re aware also. Which means that the level of success that this scam could have has decreased.

Leave a Reply

%d bloggers like this: