Is Lucky Mobile a scam?

Forums › One NZ (including Farmside) › Is Lucky Mobile a scam?

Geektastic

18009 posts

Uber Geek
+1 received by user: 8465

Trusted

Lifetime subscriber

#251190 12-Jun-2019 15:36

Recently when browsing on my VF connection I get interrupted by a VF branded page claiming to offer free stuff to VF subscribers.

It has the odour of a scam for sure and if it isn't one, VF really ought to consider the optics.

1 | 2

1702 posts

Uber Geek
+1 received by user: 771

Lifetime subscriber

#2256853 12-Jun-2019 15:45

Interesting. I had the same experience a few days ago. But it did seem clear(?) that it was not VF behind the popup. Scam written all over it.

Linux

12173 posts

Uber Geek
+1 received by user: 8467

Trusted

Lifetime subscriber

#2256879 12-Jun-2019 16:05

Yes SCAM!

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41024

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2256882 12-Jun-2019 16:15

I'd say they are just using the IP address to identify which ISP you are using and putting a message there to make it look like Vodafone. If you were on 2degrees the message would say 2degrees instead.

Likely your computer is infected with malware, or your router or something else. Remember this thread - the user had port forward set to his cameras, which were all infected with malware and causing problems in the network.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

richms

29097 posts

Uber Geek
+1 received by user: 10205

Trusted

Lifetime subscriber

#2256954 12-Jun-2019 18:53

There is a wordpress thing going around injecting spammy stuff into crap unmaintained wordpress installations. Probably just the site you are viewing is negligent or accepts ads from equally negligent places.

Richard rich.ms

Geektastic

18009 posts

Uber Geek
+1 received by user: 8465

Trusted

Lifetime subscriber

#2256997 12-Jun-2019 20:06

freitasm:
I'd say they are just using the IP address to identify which ISP you are using and putting a message there to make it look like Vodafone. If you were on 2degrees the message would say 2degrees instead.

Likely your computer is infected with malware, or your router or something else. Remember this thread - the user had port forward set to his cameras, which were all infected with malware and causing itproblems in the network.

It only happens on my Galaxy S10+.

And happens on 4G.

sbiddle

30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#2257024 12-Jun-2019 20:31

I've had the same thing happen a few times recently on my phone browing legit sites.

HP

Shop now for HP laptops and other devices (affiliate link).

mentalinc

3384 posts

Uber Geek
+1 received by user: 1023

Trusted

#2257053 12-Jun-2019 21:13

also had the same thing happen every now and again but only on one legit site. Assume it's just something getting through the normal ad networks.

click close and carry on.

CPU: AMD 5900x | RAM: GSKILL Trident Z Neo RGB F4-3600C16D-32GTZNC-32-GB | MB: Asus X570-E | GFX: EVGA FTW3 Ultra RTX 3080Ti| Monitor: LG 27GL850-B 2560x1440

Quic: https://account.quic.nz/refer/473833 R473833EQKIBX

Oblivian

7345 posts

Uber Geek
+1 received by user: 2117

ID Verified

#2257092 12-Jun-2019 23:28

Geektastic:
freitasm:

I'd say they are just using the IP address to identify which ISP you are using and putting a message there to make it look like Vodafone. If you were on 2degrees the message would say 2degrees instead.

Likely your computer is infected with malware, or your router or something else. Remember this thread - the user had port forward set to his cameras, which were all infected with malware and causing itproblems in the network.

It only happens on my Galaxy S10+.

And happens on 4G.

Have a squirt at this, and it will likely identify one of the apps with introusive ads that run background

https://play.google.com/store/apps/details?id=com.denper.addonsdetector&hl=en

Lorenceo

904 posts

Ultimate Geek
+1 received by user: 336

Trusted

#2257256 13-Jun-2019 09:57

I've had this happen as well, although on Spark. It just appeared as a pop up while browsing. I took a screenshot, but didn't open any of the links it wanted me to.

MichaelNZ

1594 posts

Uber Geek
+1 received by user: 485

Trusted

Net Trust Ltd

#2257276 13-Jun-2019 11:06

Lorenceo:

I've had this happen as well, although on Spark. It just appeared as a pop up while browsing. I took a screenshot, but didn't open any of the links it wanted me to.

Totally irreelvant to this thread, but I once received a call from Telecom to advise me I had won a motorbike. I had never entered any competition so I was naturally doubtful.

In due course I confirmed the legitimacy of the prize with them and the motorbike was delivered.

Unfortunately, it needed a motorbike licence which i didn't have at the time so I sold it.

WFH Linux Systems and Networks Engineer in the Internet industry | Specialising in Mikrotik | APNIC member | Open to job offers | ZL2NET

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41024

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2257284 13-Jun-2019 11:21

Ok, looking at this I'd say a site you visited was compromised. This happens a lot with some sites not being automatically updated or the company not applying security updates as they are available.

I found a similar problem about nine months ago - a Wellington-based cafe website, all works fine if visited directly, but if you search it in Google and then click the link it will show a similar spammy page. I notified the owners via their contact form and personally when I visited the cafe. It was obviously never fixed because nine months later, I opened an incognito browser, search for it and got the same... Some people will never learn.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

Quic Broadband

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.

richms

29097 posts

Uber Geek
+1 received by user: 10205

Trusted

Lifetime subscriber

#2257303 13-Jun-2019 11:35

freitasm:

Ok, looking at this I'd say a site you visited was compromised. This happens a lot with some sites not being automatically updated or the company not applying security updates as they are available.

I found a similar problem about nine months ago - a Wellington-based cafe website, all works fine if visited directly, but if you search it in Google and then click the link it will show a similar spammy page. I notified the owners via their contact form and personally when I visited the cafe. It was obviously never fixed because nine months later, I opened an incognito browser, search for it and got the same... Some people will never learn.

I generally just report them as a malware site using the google thingie. Perhaps when they get blocked from search results they will sort it out?

Richard rich.ms

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41024

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2257307 13-Jun-2019 11:42

richms:

freitasm:

Ok, looking at this I'd say a site you visited was compromised. This happens a lot with some sites not being automatically updated or the company not applying security updates as they are available.

I found a similar problem about nine months ago - a Wellington-based cafe website, all works fine if visited directly, but if you search it in Google and then click the link it will show a similar spammy page. I notified the owners via their contact form and personally when I visited the cafe. It was obviously never fixed because nine months later, I opened an incognito browser, search for it and got the same... Some people will never learn.

I generally just report them as a malware site using the google thingie. Perhaps when they get blocked from search results they will sort it out?

I doubt they would even realise traffic stopped coming from Google search results...

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.