Fake or real?

Got this while using My Coke Rewards website while talking to one of their agents on the phone. I told them about this "supposed virus attack" and they denied it had anything to do with their site.

Is this fake..........I'm sure it is.

Look at the URL............http://wqwckffrd.servebeer.com/index.php?c=RaENOjEayDF925cOxP3ACC60zajgAjCTlcK0liAaKtvKheVQzm+YhzfWz1MPnw1S6zBdyf5GIpKnzaQnWQr15KzWyoM=

LVL 25
Who is Participating?
iammorrisonConnect With a Mentor Commented:
Fake, that domain is known for attempting to load false AV programs. I would suggest performing a deep scan and even HijackThis to see if your browser has been compromised.
Your URL: "Could not locate remote server"  [Opera 12.15]

Care to make it a tinyurl and post again?
Ess KayConnect With a Mentor EntrapenuerCommented:
i checked the whois records. looks like a 3rd party used to do their reward program


best thing i can suggest is log into your pc as a guest and use the coke codes. guest is limited, and cannot run scripts or install stuff - lots of restrictions
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

nickg5Author Commented:
Malwarebytes found nothing with a quick scan.
It was an event that happened exactly when I clicked a Coke link to enter a cap code.
So it was directly related to the Coke sit and a precise action on my part.
tailoreddigitalConnect With a Mentor Commented:
Anybody can put a picture of whatever they like on their website, even a picture of what looks like an anti-virus or a Windows window or My Computer or TailoredDigital's SuperDuper-Cosmic Virus Detection System, etc...   Anybody can pop a box on their website to look and say whatever they want.    It's when people are fooled by it and start interacting with the fake stuff on the page that it becomes dangerous.    I can't count how many times i've explained this and can almost count how many systems i've cleaned after someone did interact with these types of pages.
aleghartConnect With a Mentor Commented:
Several clues:
1. The misspelling of might in "migth compromise" should have been a giveaway.
2. If you don't have Microsoft Security Essentials, then it's fake.
3. The generic names of the offending software are suspicious.
4. Anti-virus and anti-malware software don't download EXE files...they just go to work (or not).
nickg5Author Commented:
I do have MSE.
Good catch there, the mis-spelled word.
nickg5Author Commented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.