What about phishing/spam in Init7’s name, such as prize draws and so on?

Prize draws and satisfaction surveys with promises of prizes are currently being run in Init7’s name. Visitors are being redirected to websites where they are promised free mobile phones, for example, if they provide credit card information and personal data.

These offers are phishing attempts and fraud. Init7 does not run prize draws or surveys such as these, and neither does it task others with doing so on its behalf.

We advise all customers not to click on relevant links or advertising and to leave such websites immediately. Do not, under any circumstances, disclose any personal data or credit card information!

To provide information about the technical background, fraudsters use hijacked websites, advertising networks and redirect services such as URL shorteners to redirect visitors to phishing websites. The visitor is redirected several times to conceal the intermediate pages. The target page will use a GET request to transfer certain information about the visitor, such as their operating system, country, IP address, ISP or access keys. Generally speaking, the target page cannot be accessed directly.

Example of a URL:
example.com/?osv=Windows%2010.0&isp=Init7%20(Switzerland)%20Ltd.&ip=AA.BB.CC.DD&os=Windows&key=...&site_id=XXXXXX&conv_id=XXXXXXXXXX

The information about the ISP – Init7, for example – will be used to address the visitor in the ISP’s name. If you are taken to these phishing pages via another provider (such as Sunrise or Salt), the design and wording will be adapted.

Phishing Beispiel