Exxon Mobil Rewards Plus

I can’t believe this. I received a letter from Exxon with a rewards card (I was using Plenti points but they are closing July 10th).

The letter and card say, please register your card at exxonmobilrewardsplus.com but if I visit the site with:

  • Safari, it jumps to a weird site that keep telling me to update Flash (most likely a trojan/virus site)
  • Chrome, it goes to a page that say “to continue download/install this chrome plugin for secure browsing” (another malware)
  • Firefox, goes to ww1.exxonmobilrewardsplus.com and only show a general link page (like when you buy the domain and before you deploy your site)

Imagine the number of people receiving this rewards card and trying to visit a site that will install malware on their computers.

There is a phone number 1-888-REWARD+
I will call later today, I hope they understand my English.

This is bad.

Was the letter addressed specifically to you? It is so terrible that these criminals pray on the elderly and those who still have faith in the honesty of others. Whenever I receive calls from “Vindows” or the Sheriff’s office, I start talking Norwegian to them. It is so funny to me because they cannot figure out what language I’m speaking. My next step is to setup a virtual machine for them to connect to and keep them on the phone as long as possible just to waste their time and keep them from calling someone else.

The other day I just received a letter from the IRS that I may have employment identity theft on my account. Ugh. Thankfully I locked my credit files so nobody can apply for credit in my name. I also tried to get my annual credit report but i failed the answers to their questions. I only have one credit card and a mortgage. How could I have failed to authenticate? Anyway, I find it ironic that you have to pass all these questions to get your credit report but you only need a name and SSN to apply for credit.

Yes, this is a Rewards Card from Exxon Mobil. Plenti Rewards is going to end on July 10th and this is the new Rewards for Exxon Mobil.

I can’t believe that they did all the marketing without getting the domain first. Someone else registered the domain they use on the actual card, sticker and letter from Exxon Mobil and they are trying to put malware.

Edit: Here is the link for Exxon - Plenti. I guess they will put the new Rewards Plus information after July 10th.

Ah, i thought the letter was a scam but it is just the domain because Exxon failed to get it first. Nice! It sounds like Peas and Carrots were in charge of the execution.

A similar thing happened to Heinz, they let a domain expire: https://www.theguardian.com/technology/2015/jun/19/heinz-ketchup-qr-code-links-porn (article is safe for work)

Just talked to ExxonMobil. The site will not be available until July 11 a day after Plenti will expire. They told me to log on to that website on July 11 to register the card. You can also register the card by calling 1-888-739-2730 or through the SpeedPass + app.

Thank you Penny.

I can’t find the option with SpeedPass+ app, maybe having the Plenti card there is my problem. Just a few more days to the 11th, I think I’ll wait.

I hope they can take control of the domain and remove the malware.

Now the whois information show: Updated Date: 2018-07-07T23:51:31Z

This domain now redirects to https://www.exxon.com/en/ showing “registration opens on July 11th” just as they told Penny.

Today the domain redirects to: https://exxonandmobilrewardsplus.com