Is Lucky Mobile a scam?

Forums › One New Zealand (including Vodafone, WxC, Farmside) › Is Lucky Mobile a scam?

Geektastic

17943 posts

Uber Geek

Trusted

Lifetime subscriber

#251190 12-Jun-2019 15:36

Recently when browsing on my VF connection I get interrupted by a VF branded page claiming to offer free stuff to VF subscribers.

It has the odour of a scam for sure and if it isn't one, VF really ought to consider the optics.

1 | 2

1695 posts

Uber Geek

Lifetime subscriber

#2256853 12-Jun-2019 15:45

Interesting. I had the same experience a few days ago. But it did seem clear(?) that it was not VF behind the popup. Scam written all over it.

Linux

11424 posts

Uber Geek

Trusted

Lifetime subscriber

#2256879 12-Jun-2019 16:05

Yes SCAM!

freitasm

BDFL - Memuneh
79281 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2256882 12-Jun-2019 16:15

I'd say they are just using the IP address to identify which ISP you are using and putting a message there to make it look like Vodafone. If you were on 2degrees the message would say 2degrees instead.

Likely your computer is infected with malware, or your router or something else. Remember this thread - the user had port forward set to his cameras, which were all infected with malware and causing problems in the network.

richms

28176 posts

Uber Geek

Trusted

Lifetime subscriber

#2256954 12-Jun-2019 18:53

There is a wordpress thing going around injecting spammy stuff into crap unmaintained wordpress installations. Probably just the site you are viewing is negligent or accepts ads from equally negligent places.

Richard rich.ms

Geektastic

17943 posts

Uber Geek

Trusted

Lifetime subscriber

#2256997 12-Jun-2019 20:06

freitasm:
I'd say they are just using the IP address to identify which ISP you are using and putting a message there to make it look like Vodafone. If you were on 2degrees the message would say 2degrees instead.

Likely your computer is infected with malware, or your router or something else. Remember this thread - the user had port forward set to his cameras, which were all infected with malware and causing itproblems in the network.

It only happens on my Galaxy S10+.

And happens on 4G.

sbiddle

30853 posts

Uber Geek

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#2257024 12-Jun-2019 20:31

I've had the same thing happen a few times recently on my phone browing legit sites.

mentalinc

3233 posts

Uber Geek

Trusted

#2257053 12-Jun-2019 21:13

also had the same thing happen every now and again but only on one legit site. Assume it's just something getting through the normal ad networks.

click close and carry on.

CPU: AMD 5900x | RAM: GSKILL Trident Z Neo RGB F4-3600C16D-32GTZNC-32-GB | MB: Asus X570-E | GFX: EVGA FTW3 Ultra RTX 3080Ti| Monitor: LG 27GL850-B 2560x1440

Quic: https://account.quic.nz/refer/473833 R473833EQKIBX

Sharesies

Trade NZ and US shares and funds with Sharesies (affiliate link).

Oblivian

7297 posts

Uber Geek

ID Verified

#2257092 12-Jun-2019 23:28

Geektastic:
freitasm:

I'd say they are just using the IP address to identify which ISP you are using and putting a message there to make it look like Vodafone. If you were on 2degrees the message would say 2degrees instead.

Likely your computer is infected with malware, or your router or something else. Remember this thread - the user had port forward set to his cameras, which were all infected with malware and causing itproblems in the network.

It only happens on my Galaxy S10+.

And happens on 4G.

Have a squirt at this, and it will likely identify one of the apps with introusive ads that run background

https://play.google.com/store/apps/details?id=com.denper.addonsdetector&hl=en

Lorenceo

904 posts

Ultimate Geek

Trusted

#2257256 13-Jun-2019 09:57

I've had this happen as well, although on Spark. It just appeared as a pop up while browsing. I took a screenshot, but didn't open any of the links it wanted me to.

MichaelNZ

1389 posts

Uber Geek

Trusted

Integrity Tech Solutions

#2257276 13-Jun-2019 11:06

Lorenceo:

I've had this happen as well, although on Spark. It just appeared as a pop up while browsing. I took a screenshot, but didn't open any of the links it wanted me to.

Totally irreelvant to this thread, but I once received a call from Telecom to advise me I had won a motorbike. I had never entered any competition so I was naturally doubtful.

In due course I confirmed the legitimacy of the prize with them and the motorbike was delivered.

Unfortunately, it needed a motorbike licence which i didn't have at the time so I sold it.

WFH Linux Systems and Networks Engineer in the Internet industry | Specialising in Mikrotik | APNIC member | Open to job offers

freitasm

BDFL - Memuneh
79281 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2257284 13-Jun-2019 11:21

Ok, looking at this I'd say a site you visited was compromised. This happens a lot with some sites not being automatically updated or the company not applying security updates as they are available.

I found a similar problem about nine months ago - a Wellington-based cafe website, all works fine if visited directly, but if you search it in Google and then click the link it will show a similar spammy page. I notified the owners via their contact form and personally when I visited the cafe. It was obviously never fixed because nine months later, I opened an incognito browser, search for it and got the same... Some people will never learn.

richms

28176 posts

Uber Geek

Trusted

Lifetime subscriber

#2257303 13-Jun-2019 11:35

freitasm:

Ok, looking at this I'd say a site you visited was compromised. This happens a lot with some sites not being automatically updated or the company not applying security updates as they are available.

I found a similar problem about nine months ago - a Wellington-based cafe website, all works fine if visited directly, but if you search it in Google and then click the link it will show a similar spammy page. I notified the owners via their contact form and personally when I visited the cafe. It was obviously never fixed because nine months later, I opened an incognito browser, search for it and got the same... Some people will never learn.

I generally just report them as a malware site using the google thingie. Perhaps when they get blocked from search results they will sort it out?

Richard rich.ms

freitasm

BDFL - Memuneh
79281 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2257307 13-Jun-2019 11:42

richms:

freitasm:

Ok, looking at this I'd say a site you visited was compromised. This happens a lot with some sites not being automatically updated or the company not applying security updates as they are available.

I found a similar problem about nine months ago - a Wellington-based cafe website, all works fine if visited directly, but if you search it in Google and then click the link it will show a similar spammy page. I notified the owners via their contact form and personally when I visited the cafe. It was obviously never fixed because nine months later, I opened an incognito browser, search for it and got the same... Some people will never learn.

I generally just report them as a malware site using the google thingie. Perhaps when they get blocked from search results they will sort it out?

I doubt they would even realise traffic stopped coming from Google search results...