The IT Nerd

If you get an email saying that you’re going to get something for free, it might be a scam. Case in point is this email using the Rogers brand and riding on the coat tails of the iPhone 16:

Let me get one thing out of the way right up front. No Canadian telco is going to give you a phone for free. That affects their bottom line. So it’s not going to happen. EVER. Thus knowing that, this is clearly a scam. And you should delete this. But if that’s not convincing enough, this might be:

The email address that sent this is not coming from “Rogers.com” so this is another sign of it being a scam. So not that you should ever do this, let’s see what these threat actors are up to:

When I tried to click on “Share Your Thoughts”, I got this on Firefox and Opera. This only worked on Google Chrome which shows that the threat actors behind this aren’t too bright as they are limiting the audience of this scam to just Chrome users.

Well, this is another one of those fake surveys to supposedly get an iPhone 16. Okay. Let’s go down the rabbit hole and see where this goes:

Ten fake questions. Oh Joy.

Great. I supposedly now get an iPhone 16. And if you look at some of the specs, they’re wrong as Apple for example doesn’t have a 200MP camera. But you know, facts.

And look at the fake comments here. The threat actors clearly didn’t spend a whole lot of time coming up with these as they seriously don’t sound authentic.

So this is the part of the scam where I assume that the threat actors would collect your personal information and your credit card details so the can commit fraud and identity theft. But the website crashed and went to Google’s home page before I got that far. I don’t know why. The scam targets Rogers customers and maybe because I am on Bell it didn’t like me? I don’t know. But this scam is something that I can see many falling for as humans gravitate towards something that is perceived as free, and let their guard down as a result. Don’t be one of those people and delete this email if it hits your inbox.

One of the things that I teach people to do when I give my seminars on how not to get scammed is to closely look at any email that you get or any website address that you’re asked to visit. We’re going to focus on the latter today by doing an exercise where I am going to show you two web addresses, and you need to determine which one is fake and why:

1. https://mobile-2fa.rogers.com
2. https://mobile-2fa-rogers.com

The correct answer is the second one. That’s because the technical term for a web address is uniform resource locator or URL for short. And understanding how URL’s work can help you to determine what is real and what is fake.

Here’s how a URL constructed:

• A URL starts with a protocol followed by the name of the resource that has to be accessed. In this case https which is a web page with SSL encryption during transport from the server to your web browser.
• That is then followed by the domain or host name. For example, itnerd.blog is my domain or host name.

If you look closely at the two examples above, they look the same. But they are not. the first one ends in “.rogers.com” after the “mobile-2fa” part of the web address. Which means that this domain name is the one for Canadian telco Rogers. And it’s going to a specific host that Rogers controls named “mobile-2fa”. That’s why there’s a period between the first part of the web address (“mobile-2fa”) and “rogers.com”

For the record, Rogers doesn’t have a host named mobile-2fa. But I am going to use it for reasons that you’ll see in a moment.

The second one has a domain name of “mobile-2fa-rogers.com” which means that that one is going someplace else other than Rogers because the entire text above is the name of a host that has been set up by a threat actor called “mobile-2fa-rogers”. And what that threat actor is hoping for is that by setting up a web address that looks very close to something that Rogers might use, you might click on it because you’re not paying attention to the details. And that in turn will lead you into all sorts of danger.

So why am I pointing this out? I got this sent to me the other day from someone who had this message pop up on his phone via text message:

The person asked me if this was a scam. And based on what I just explained above, it was. Fortunately they didn’t click on anything. And neither should you. But I did as I wanted to see what the scam was.

This is another one of these scams that uses a CAPTCHA to convince you that you’re going to the real Rogers site. But it’s clearly not the real Rogers site as explained earlier.

Once you get past that, you get to a site that has the feel of something that Rogers might create, and you also get this prompt saying that your account requires two step verification. Two step verification is something that adds security to your online accounts because there’s two factors in play. A password and a one time code that is sent to your phone. But this isn’t how Rogers does this. If you want details on how Rogers does this, click here.

You’ll notice that you as a person is not identified in any way. That should be a major red flag as any communication from Rogers will identify you with an account number or your name. Let’s continue shall we?

Now the threat actors want your name and address details. That’s great for swiping your identity.

Using some fake information to get past that, I now hit this page. I am not sure what handing over your credit card info has to do with two factor verification, but swiping your credit card details is also on the list of things to do for these threat actors.

What this example highlights is that you need to closely look at anything and everything that hits your phone, inbox, etc. Because anything and everything could be a scam. and if you’re not paying attention, you could be a victim.

Be careful out there.