New scam using a .com IDN domain, a .site domain and Viber

There is a new scam circulating fast using the Viber instant messaging app.

The scam promises a 250 Euro gift card for Sephora in Greece and I was told there are more similar targeting other well known brands and chains. Many other countries could be targeted as well.

The scam works like this. You are added in a Viber group by a friend that tells you that they got a 250 Euro gift card.

Then you are asked to visit a website that looks like sephora-gr.com (that is not even registered) but it really is an IDN .com domain: xn--sephora-r-x6d.com.

You are then redirected to a .site domain name: sephoragift.site.

After you complete a small survey you are asked to enter your mobile phone number and invite 15 of your friends into a Viber group where you share this gift card giveaway info. So you can see this spreads fast.

And that is where I lost it cause I didn’t invite 15 friends. Not sure what happens next. They could ask for your credit card number so you can receive your gift card or ask you to login to your Sephora account, thus turning into a phishing scam.

They could also be using your phone number in numerous ways.

Of course scammers might be also be using WhatsApp or Facebook messenger, Skype or any other app or email.

Both domain names were registered today and are both behind whois privacy:

sephoragift.site at namesilo.com
xn--sephora-r-x6d.com at name.com

There must be many more domains names involved in this and in similar scams by these same people.

I am sad to report that I received this scam from my wife. I thought I had taught her so much about domain names! 🙁

At first I thought this was some kind of virus but I called her and she confirmed that she had send it. I then informed everyone in the group that this was a scam.

If you receive this message from a friend please don’t click on any links, don’t share it and don’t give out any personal information.

Sold.Domains

About Konstantinos Zournas

Konstantinos studied Computer Engineering and Computer Science in London and lives in Athens, Greece. He works on domain names, websites and software development. Has been online since 1995 & domaining since 2002.

One comment

  1. There is similar scam for Costco (.com) as well as IKEA(.com) here in USA. Both are IDN so from Phone it looks like real site but they are not.

Leave a Reply

Your email address will not be published. Required fields are marked *