**Scam Campaign Report: Fraudulent CVS Rewards Scheme**
This cybersecurity analysis reveals a coordinated scam campaign exploiting CVS branding to deceive consumers with fake rewards offers. The operation centers around two suspicious domains, www.cvsloyalty.com and www.rewardsclub.com, operating alongside three phone numbers: 6573002997, 9493535728, and 2065061696. The domain www.cvsloyalty.com was registered through Internet Domain Service BS Corp. with an unusual future registration date of January 31, 2026, suggesting potential fraudulent registration practices. All entities demonstrate interconnected relationships through co-reporting patterns, indicating a unified campaign structure.
The scam operates through coordinated voice calls and web redirections, with community reports documenting identical scripts across multiple phone numbers. Consumers report receiving voicemails from a person identifying herself as "Jessica" claiming they have been selected for a $250 CVS award. Multiple victims received calls from both 9493535728 and 6573002997, with the same fraudulent messaging directing them to claim rewards through the suspicious websites. The connection to REPORTS, INC., a debt collection company with 10 CFPB complaints, suggests potential data harvesting or follow-up collection schemes targeting victims who engage with the initial fraud.
Consumer impact appears to be in early stages, with community reports showing 0 upvotes but consistent reporting patterns across multiple phone numbers. Victims describe receiving multiple calls days apart with identical scripts, indicating persistent targeting. While FTC complaint counts remain at 0 for all three phone numbers, the coordinated nature of reports across multiple communication channels suggests broader unreported victimization. The professional-sounding voicemails and legitimate-appearing CVS branding create significant deception potential for unsuspecting consumers.
To protect against this campaign, consumers should verify any rewards claims by contacting CVS directly through official channels rather than responding to unsolicited calls or visiting provided websites. Legitimate companies do not typically award prizes to customers who have not entered contests or loyalty programs. If contacted by these numbers or directed to these domains, hang up immediately, do not click any links, and do not provide personal information. Report incidents to the FTC at reportfraud.ftc.gov or file complaints with the FCC. Consumers can verify the safety of phone numbers and domains by checking community reporting sites and official company websites before engaging.
**Threat Assessment:** This campaign represents a moderate threat level with sophisticated coordination across multiple communication channels and professional presentation mimicking legitimate CVS communications. Recommended next steps include monitoring for expanded phone number usage, tracking domain registration patterns, and alerting CVS corporate security about brand impersonation. Consumers should exercise heightened caution regarding unsolicited reward offers and verify all communications through official company channels.