* FAKE * Shaw survey + reward

technut
Grasshopper

Just a heads up that while browsing the internet today I got redirected to a FAKE Shaw survey + reward offer (see picture attached). It had the Shaw logo and a countdown timer to encourage a fast decision to start answering questions.

I was redirected to the domain "mobilevd.com" to take the survey but that may not be consistent. It looked somewhat realistic since it had the Shaw look & feel. It probably uses the logo/style of whatever ISP that it detects you are coming from (not just Shaw).

I didn't fall for it but I'm concerned others could. Not sure what the end result would be if you answered the "survey" but I'm sure it's not a reward and nothing good can come from it.

SO BEWARE.

10 Replies

Re: * FAKE * Shaw survey + reward

Moderator
Moderator

Hey technut

Thank you for bringing this forward, we have additional support here on phishing schemes or scams. You can also report that directly to internet.abuse@sjrb.ca.

Cheers,

Tony | Community Mod.

0 Kudos
Reply
Loading...

I totally fell for this? please advise me as to what to do

jayne12
Grasshopper

I totally fell for this? please advise me as to what to do

Reply
Loading...

oh no! I'd recommend reporting it to internet.abuse@sjrb....

Moderator
Moderator

@jayne12 oh no! I'd recommend reporting it to internet.abuse@sjrb.ca and update any passwords may have used on the site. 

0 Kudos
Reply
Loading...

I checked with support at shaw and this had nothing to do...

Suzierachel19
Grasshopper

I checked with support at shaw and this had nothing to do with them but looks very real. I hope the security team shuts this down as soon as possible!!

0 Kudos
Reply
Loading...

Saw this today. Very authentic.

David-G
Grasshopper

Saw this today. Very authentic. 

0 Kudos
Reply
Loading...
Highlighted

I saw this today too, as well as in the past...

Chris_B
Grasshopper

I saw this today too, as well as in the past. I was redirected from TutorialsPoint, but I've seen it come up when using Outlook.com as well. I believe the attacker snuck a redirect into an advertisement through AdSense, AdChoice, or Valueimpression.

Even if I didn't think it were a scam, it is so aggressive I would have closed it out of anger.

Here's all of the info I could gather...

From browser history:
ca-win.com/win/ca/shaw/index2.php?ip=0.0.0.0&lpkey=15fb66783533005871&uclick=gxa9m73v8n
(edited my IP address out where ip=0.0.0.0)

Remote Address: 167.99.186.30:443

icann.org lookup:
Name: CA-WIN.COM

Registry Domain ID: 2410181333_DOMAIN_COM-VRSN

Domain Status: clientTransferProhibited

Nameservers:
ISLA.NS.CLOUDFLARE.COM
TOM.NS.CLOUDFLARE.COM

Dates
Registry Expiration: 2020-07-07 05:28:12 UTC
Created: 2019-07-07 05:28:12 UTC

Registrar Information:

Name: NameCheap, Inc.
IANA ID: 1068
Abuse Contact Email: abuse@namecheap.com
Abuse Contact Phone: tel:+1.6613102107

DNSSEC Information
Delegation Signed: Unsigned

Authoritative Servers
Registry Server URL: https://rdap.verisign.com/com/v1/domain/ca-win.com
Last updated from Registry RDAP DB: 2019-08-20 11:50:23 UTC

ipinfo.io
IP Address Details for 167.99.186.30

ASN AS14061 DigitalOcean, LLC
Toronto, Ontario
Postal: M5N

Partial list of domains hosted by DigitalOcean:
ca-telius-phone.com
ca-eastlink-phone.com
ca-videotron-phone.com
au-optus.com
canada-winner5.com
phone-wins2.com
australia-winners.com
phone-wins1.com
canada-winners.com
canada-winner2.com
ca-teksavvy-phone.com
ca-win-phone3.com
ca-win.com
canada-winner1.com
ca-telus-phone.com
canada-winner3.com

0 Kudos
Reply
Loading...

Saw this yesterday (Aug 28/19). Now redirects to "songlux...

NM
Grasshopper

Saw this yesterday (Aug 28/19). Now redirects to "songluxury.com" and tries to sign you up for a 4 day trial, and a $60+ contract to their service. 

0 Kudos
Reply
Loading...

Good information, I wish there is some sort cyber crime p...

Sman
Grasshopper

Good information, I wish there is some sort cyber crime prevention agencies do some sort of police work to shut off these scum.

0 Kudos
Reply
Loading...

Yes indeed. They used the Shaw cable logo. I almost went...

Rat-Tomango
Grasshopper

Yes indeed. They used the Shaw cable logo. I almost went for it. Just didn't feel right. I hope they get tuned up for this.. 

0 Kudos
Reply
Loading...
TALK TO US
Need more help?