[RockCrusher]

Just bought a new BMW the other day. While I was still at the dealer got a text message about it being time to start my document signing session.

I ignored the message. I was at the dealer and would sign things in the financial guy's office when he invited me in to his office.

Got two more messages. One later in the purchase process about friendly signature reminder. Then one this morning.

Called the dealer and they didn't know what was up but told me not to do what the page at the link requested I do.

I had inadvertently opened the link and it reported to be asking me permission to allow electronic communication with BMW. But no BMW logo, symbols, etc.

There was a link on the document to download the communication agreement.

With no BMW logos, etc., and just a text message wanting me to use the download link I smelled a very big rat.

Needed to go to the dealer anyhow so when I got there I showed someone the messages. Was told that it was very suspicious. Neither the dealer or BMW ever submits anything like that to a customer.

I've attached a pic of the text messages. I didn't get a screen capture of the page that was displayed when I inadvertently clicked on the link.

[mjj]

To scam in real time seems like someone must have access to the BMW it system.

[Vindicator3]

FWIW, lightico dot com does appear to be an e-signature solution. I wouldn't sign it either if the dealer is disclaiming it, though.

https://knowledge.lightico.com/docs/...%20or%20laptop.

[BMWbiker]

I would officially report that to the dealer and to BMWNA, in writing. It’s one thing for some scammer to try to phish randomly. It’s another thing for it to happen simultaneously with your purchase transaction—assuming that it is a scammer.

[RockCrusher]

Thanks for the replies. I intend to speak to someone at the dealer this afternoon to give them a heads up there may be some infection of the BMW IT or dealer IT system.

[RockCrusher]

I will add that shortly (a month or two) after I competed a purchase of my 2023 M2 I received a letter from the dealer informing me there had been a security breach and my checking account info (bank, routing #, account # and other person info) had been stolen -- along with the info of a number of other customers.

So dealers are not immune to falling victim to a scam that then gains the scammer access to the customers info.

[1m4tr]

CDK that provides software that many car dealerships use for hacked in June 2024. While they’ve cleaned up most of it, I would bet there are some backdoors that have been created at dealerships that haven’t been patched.

[Mike_H_]

Quote:

Originally Posted by RockCrusher

Just bought a new BMW the other day. While I was still at the dealer got a text message about it being time to start my document signing session.

I ignored the message. I was at the dealer and would sign things in the financial guy's office when he invited me in to his office.

Got two more messages. One later in the purchase process about friendly signature reminder. Then one this morning.

Called the dealer and they didn't know what was up but told me not to do what the page at the link requested I do.

The M8 is so quick that you broke the space-time continuum, and the messages are from another dimension.

[RockCrusher]

Quote:

Originally Posted by 1m4tr

CDK that provides software that many car dealerships use for hacked in June 2024. While they’ve cleaned up most of it, I would bet there are some backdoors that have been created at dealerships that haven’t been patched.

Very interesting.

[Hit_Apex]

Doubt it's malicious given real time and this is a BMW signing vendor but good to be skeptical and ask the dealer before doing anything. Sounds more like financing process automation gone awry - or at least out of step with your dealer.