Energy giant ExxonMobil recently sent snail mail letters to its Plenti rewards card members stating that the points program was being replaced with a new one called Exxon Mobil Rewards+. Unfortunately, the letter includes a confusing toll free number and directs customers to a parked page that tries to foist Web browser extensions on visitors.
The mailer (the first page of which is screenshotted below) urges customers to visit exxonmobilrewardsplus[dot]com, to download its mobile app, and to call “1-888-REWARD+” with any questions. It may not be immediately obvious, but that “+” sign is actually the same thing as a zero on the telephone keypad (although I’m ashamed to say I had to look that up online to be sure). 
Anyone curious enough to guess at other ending numbers other than zero will wind up at a call center advertising “free” Caribbean (1) cruises or at a pricey adult chat service dubbed “America’s hottest talk line” (6).
Worse, visiting the company’s new rewards Web site in Google Chrome prompted my browser to run a “security check,” followed by a series of popups offering to install a Chrome extension called “Browsing Safely.”
That extension changes your default search engine to Yahoo and appears to redirect all searches through a domain called lastlog[dot]in, which seems to be affiliated with an Israeli online advertising network. After adding the Browsing Safely extension to Chrome using a virtual machine, my browser was redirected to Exxon.com.
The Google Chrome extension offered when I first visited exxonmobilrewardsplus-dot-com.
Many people on Twitter who expressed confusion about the mailer said they accidentally added an “e” to the end of “exxonmobil” and ended up getting bounced around to spammy-looking sites with ad redirects and dodgy download offers.
ExxonMobil corporate has not yet responded to requests for comment. But after about 10 minutes on hold listening to the same Muzak-like song, I was able to reach a customer service person at the confusing ExxonMobil Rewards+ phone number. That person said the Web site for the rewards program wasn’t going to be active until July 11.
“Currently the Web site is not available,” the representative said. “Please don’t try to download anything from it right now. It should be active and available next week.”
It always amazes me when major companies with oodles of cash (ExxonMobil made $20 billion last year) roll out new marketing initiatives without consulting professionals who help mitigate security and privacy issues for a living. It seems likely that happened in this case because anyone who knows a thing or two about security would strongly advise against instructing customers to visit a parked domain or one that isn’t yet fully under the company’s control.
Update, July 11, 11:36 a.m. ET: As several readers have observed in the comments below, it appears that ExxonMobil has registered a different domain for its new rewards program: https://exxonandmobilrewardsplus.com/welcome/home (note the inclusion of the word “and” between Exxon and Mobil). This domain is advertised as the official new rewards program domain via ExxonMobil’s corporate homepage, exxon.com (albeit via a redirect).
I also ran into the “too early to register, come back later” talk from a phone rep. I just tried to register (July 11) and I get as far as putting in account info but the page will not activate the NEXT button.
I am having the exact same problem
Just tried this morning to register my card and page was not available
It’s 7/11 and I can’t get anywhere. The mailer said to go to the website and click the “register my card” button. There is no register my card button to click. I called the number and was redirected to the rewards activation department, after 33 minutes on hold I GIVE UP. Guess I won’t be buying gas from Exxon or Mobil for a while which sucks because I was excited about earning 15 points per gallon for the first month.
I tried to registration my card too and I can not find where to do that at. Please can someone tell us all how to do that. can they make it so we can all find it with out any trouble. Thank you.
Am having same problem-the next button will not connect! Very infuriating, they(Exxon Mobil) should be able to have site up and properly running.
cannot get anywhere on web sight and no one answers on the phone# given
having thesameproblem cannotaccesswebsight&cannotgetanybodyonthephone
If I can’t access your correct website, how can I fully register to have a valid rewards card with it’s benefits? This card is only valid when I completed a full registration.
No wonder EXXON/MOBIL make so much in profits they have to keep developing new point systems. They have to; with this fiasco!!!!
wtf i have tried to register my new card without any luck what’s going on here guess, i won’t be getting any gas from until they get this straighten out bummer come on man
I have tried to register my card all day. Your site is still not up. When will these new cards be ready to use. Wife
I’ll never understand why everyone has to come up with a unique and extremely long, complicated domain name when they could just use their normal domain name with a /clevernamehere that redirects to the page they’re running everything from, which is what the long complicated name normally does anyway.
In theory if your normal domain name is relatively simple (e.g. test.com) then all the visitor has to do is figure out where / is on their keyboard then type a word or two or three. They still have to deal with the domain hijackers for mispelled domains (e.g. tesst.com) but that’s less likely than if they’re typing in a long complicated name comprised of multiple words.
As an added bonus you’ll never distribute the name of your complicated domain before you actually get around to registering it, because you already own your domain. Or at least I hope you do.
I assume it’s because they hand off their extra website to a subsidiary or business partner.
This way, when they’re sued for something, it is easier to deny responsibility.
Exxon’s main site still lists the wrong rewards page at the bottom of this page. (Yes, I saw your 11:36 a.m. update).
How’d I get to the following page? By googling “Exxon rewards.”
https://www.exxon.com/en/rewards-program
Here’s a snippet of the footnote on that page (as of a minute ago), with the WRONG domain STILL written there:
“*Exxon Mobil Rewards+ is a rewards program available . . . See exxonmobilrewardsplus.com to complete enrollment. Points have no monetary value . . .”
Of course, as you noted in the article, exxonmobilrewardsplus.com doesn’t work.
If you go to ExxonMobil’s Public Relations website, they also list the broken site:
http://news.exxonmobil.com/press-release/exxonmobil-launches-new-exxon-mobil-rewards-loyalty-program
Snippet: “Customers can pick up a card at any participating station, register online at http://www.exxonmobilrewardsplus.com, or register . . .”
When was their faulty PR message posted? 10 a.m., yesterday.
Amazing.
Archived for posterity.
https://web.archive.org/web/20180712074734/https://www.exxon.com/en/rewards-program
https://web.archive.org/web/20180712073423/http://news.exxonmobil.com/press-release/exxonmobil-launches-new-exxon-mobil-rewards-loyalty-program
Having the same problem.
Well Exxon where are the rewards you promised?!
Its July 12!
Wow.
Plus in phone numbers. Usage of plus.
The + (plus) is for mobile phones and lets you enter phone numbers that are independent of what country you have traveled to.
On a mobile phone, hold the zero button until the zero changes into a + (plus), then type the country code, and then the remainder of the phone number. Frequently, you must drop country specific numerals at the beginning of the phone number to make the number independent of your location.
Some examples are +1 US; +1 Canada; +44 UK; +46 Sweden; +234 Nigeria; +91 India; +86 China; +975 Bhutan;
The point of starting numbers with + (plus) is to make the numbers independent of where you are calling from.
Well, I went to register and was informed my email was already registered. changed to a different one, that phone number is already registered. Did lost password – invalid email to any email I have. Good grief…..
Thankfully, yesterday Malwarebytes would not let me into the site saying there was malware there! Today Google says the site times out before connecting. ExxonMobile needs to get its act together.
https://exxonandmobilrewardsplus.com worked perfect & was able to register card no problem: nothing but issues before, glad I did not try to register on the other crap.
I just tried, and it won’t even let me enter my card no. or Activation Code!
Great Job Exxon.
A mini Valdez – just for a Reward’s Program?
You have to be the last Fortune 500 company to try!
I went to the website https://exxonandmobilrewardsplus.com/welcome/home and was able to register my rewards card with no issues.
Must be nice, I have tried in both Chrome and Microsoft Edge and get an error message to contact the support team, but there is not a way to contact the support team as every link on the website goes no where.
They are trying as hard as they can to screw up this new program…. When I setup my account, the password requirements state 1) 8-20 characters 2) Does NOT contain spaces 3) Contains at least one letter 4) Contains at least one number. Using my password management software, I created a complex password of 16 characters with upper/lower/digits/special characters. The website accepted my password during registration, but then refused the password when I immediately tried to login. After several “Forgot Password” attempts, I have discovered that the webapp will let you set your password with special characters, but it will not let you login to your account with a password that has special characters. I have now dumbed my password down to a simple memorable password of 8 characters just so I can access my account. #SecurityFail
It may just be that the page doesn’t allow the pasting of passwords, which is what your pwd manager is trying to do. Have you tried manually pasting your password and seeing if that’s accepted? I’m guessing it won’t be.
I’m using 1Password in the cloud from an enterprise computer that won’t allow me to install the fat client on the machine. So I have to manually paste every time. During registration, it allowed me to manually paste the password in, and it was accepted. During login it showed ********* in the field (indicating the paste had worked) but still failed authentication.
I went back and tested with a couple more “more common” special characters, and it did work when I manually pasted the password in at Login. However, my previous attempts with other less common special characters (+, =, & []) did not work. I can understand validating some characters and not others during input, but at least let us know what is acceptable so I don’t get locked out of my account when I update my password with something complex.
I had the same problems everyone else did. I looked forward to the new program since Plenti was awful. Guess I’ll put the card in my drawer hoping they come up with something that works.
Yes can’t get anywhere Nd also tried dialing number and got medical alert call center . Grrr not happy
It’s now 7-14 and still can’t find where to register my card. Will the site ever be ready? Like dealing with a politician.
I would like to know why I got this Exxon Mobile Rewards Card, So how do I activated it
couldnt register it…rip off
I got an email for Speedpass key tag users with the same info yesterday (July 16th) and that link in the email doesn’t work either.
http://www.exxonandmobilrewardsplus.com/?utm_source=emrp&utm_medium=email&utm_campaign=rewardsplus-invitation-launch_sp-tag-non-plenti/
I still don’t understand how a multi-billion dollar company issues a phone number in marketing materials without including the corresponding numbers. Yes on most mobile phones the + is on the 0, but try finding it on a VOIP or cordless phone. Yes millions of people still use something other than mobile phones. Even mobile phone users use non-mobile phones too!
It’s common practice to use the + as a prefix for placing international calls not as a replacement digit. I assume all the 8xx.REWARDS numbers were unavailable. Even labeling this as 888.REWARDS.0 would better than +. But then I supposed you’d get another set of people thinking that last zero is the letter O or that “zero rewards” would have a negative connotation and that someone in marketing nixed that idea.
I was at Exxon station today. The big placards by the pumps all have the wrong website listed for signing up for this rewards thing.
I took pics, sent to friends with link to your story.