Cold calls from Georgeson a Computershare subsidiary

Turns out the phone calls from +61 3 9415 5000 I’ve been receiving is from Georgesons, a Computershare subsidiary who are using the same outbound number and probably utilizing the same call centre staff as Computershare. While my view may certainly be debatable, I feel personally this impacts on Computershare’s reputation of impartiality as a share registry and Administrative service.

“Georgesons” acting on behalf of APVG (wishing to take over MetLife Care) have repeatedly called me on my number stating the directors of APVG are encouraging MetLife Care shareholders like me to vote yes to the take over offer.

They also wanted me to advise right there and then on the spot which way I would be voting. I repeatedly replied saying that “I have yet to review the information and I am unable to provide you an answer right at this point in time”. I suspect that Georgeson staff are given incentives.

Have finally got around to reviewing the documentation and will personally be voting ‘No’ to the take over offer. In a high level (superficial) nutshell…

  • Offer I feel is a little bit too low for the potential future gain I will be leaving on the table.
  • (To be direct) Tired of losing access to an ever diminishing range of investment opportunities, given the global liquidity glut courtesy of central bank endless money pump.

NZ Shareholder’s association have also provided their views to their members with the view of voting against the take over offer.

 

 

Cold calls from Georgeson a Computershare subsidiary

Security Warning – Click Hijack investigation

Investigations so far suggest that there is some type of conditional redirect exploit/hijack being planted on many WordPress websites redirecting search engine referred visitors to fake award/survey sites such as “moviesuddenvalley”“applefacetook”, “hurryexpectsugar”, “mouthtroubleask”, “ondiesmall”, “thendownmeat”, “makemodernfive”, “sayhitome”, “whateyeweight” among several others typically ending in a “.live” or “.top” address. While this Hijack, as far as I have seen appear to predominantly affect some WordPress websites, I wouldn’t be surprised to learn that this possibly affects other types of websites as well.

In my experience, for sites that are affected, to replicate…
(These most certainly could differ depending on the site affected)

  1. Prerequisites…
    • Needs to be done from an IP address that has yet to access the site in question. (e.g Mobile Data Connection, activate and deactivate airplane mode to get a new IP address)
    • Chrome or Firefox browser (Win 10 or Android) in Incognito Mode (No plugins). Reportedly in other variations of the exploit, it only occurs on Safari under iOS
  2. Search for the site in Google search
  3. Click on the search result that points to the website. Instead of loading up the website as expected, you get redirected to a hijack site.

The hijack will not fire If you access the site directly (via bookmarks or typing the address directly in the address bar of your browser). This appears to be some conditional exploit based on visitors coming from Search Engines. (e.g by typing the site URL directly into the Address bar, you won’t get redirected) and it looks like it will only fire once per IP Address each week (resets at the start of each week).

I probably should add that many so called WordPress vulnerability scanners online I’ve discovered aren’t even set up to detected this sort of hijack. The scanners based on “Securi” certainly will not detect this exploit, I’ve found.

Other resources…

Original Post (Old):
Noticing some apparent weird intermittent redirect hijack on the general web where some sites are allegedly redirecting to some dodgy website with names such as “mouthtroubleask”

Update – 2020-09-11T06:55:00+12:00: Added steps to replicate (from my own experience)

Update – 2020-09-12T18:20:00+12:00: Added note to mention that all of the online WordPress malware scanners I’ve tried won’t detect this sort of hijack.

 

 

Security Warning – Click Hijack investigation