Is that Ace Hardware Survey Legit?

A woman with brown hair sits at her computer. On the screen is a warning that the email she is viewing is a scam.
Photo ID: 135854994 © Rawpixel/

You receive an email supposedly from Ace Hardware, saying you’ve won a prize, like a fancy drill or a space heater. All you have to do to receive it is take part in a short survey. Should you do it? Nope! It’s a common scam! 

In this post, I’ll break down one such scam email that made its way to my husband’s inbox. I’ll point out some telltale signs that it’s a scam and explain how the scam works. I’ll also tell you what to do if you receive a similar email.

The suspicious email 

Email subject: Email verification
From Ace Hardware <>
You have won an Milwaukee Power Drill
Answer & Win
Get Started Now
My husband received this scam email pretending to be from Ace Hardware on June 14th 2023.

This scam email made its way into my husband’s inbox a few weeks ago. At first sight, it looks pretty convincing!

The email is eye-catching and appears to be from a trusted brand. If you want a fancy drill and are a fan of Ace Hardware, it would be tempting to click through to the survey.

But on closer inspection, the email has some serious red flags which give away its true nature.

First, Ace Hardware is listed as the sender, but the email was actually sent from [email protected]. This is not an official Ace Hardware address and is a major red flag that the email is sketchy.

Sender's info:
Ace Hardware <>
That address isn’t associated with Ace Hardware! Screenshot edited in Canva.

Worse, when I looked up information about the domain arklmmst[.]space at, I found it was registered the same day the scam email was sent. This is another red flag, as scammers frequently have to register new domains since their old ones get blacklisted.

The third red-flag is the subject, which is “Email verification.” This doesn’t match the content of the email, which tells us we’ve won a prize. A big company like Ace Hardware isn’t likely to have a weird mismatch between their email’s subject and its content.

Subject: Email verification
Content: You have won an Milwaukee Power Drill
What does a message about winning a prize have to do with email verification? Screenshot edited in Canva.

Fourth, although there’s not a lot of text in the email, there is still a typo. The email claims we have “won an Milwaukee power drill,” instead of informing us we have “won a Milwaukee power drill.” Again, this is a red-flag because a big company like Ace Hardware is not likely to make a mistake like that.

The fifth red-flag is that the link in the email has been shortened to obscure its final destination. In this case, the scammers used the link shortening service TinyURL to hide where the link goes to.

Scam link: hxxps://
Hovering over the “You have won an Milwaukee Power Drill” showed it linked to this address, which hides the domain of the scam site.

These five red-flags are more than enough to determine the email is a scam. 

The scam

But where does the link in the scam email go? And how does the scam work? 

While clicking on the scam link would be a bad idea, we can find out more about it without clicking on it using two online tools: and VirusTotal.

When I entered the TinyURL link into, it told me the link’s final destination was utileboards[.]com. It also flagged this site as malicious, noting it was a survey spam site.

URLScan's interface. It identifies the scam domain as utileboards[.]com and lists it as a potentially malicious customer survey spam site.
Screenshot from, edited in Canva. You can see the original on

When I ran utileboards[.]com through VirusTotal, 6 out of 88 website scanners listed it as malicious. While that might not seem like a lot, the domain had only been registered for about a month, and it takes time for the scanners to recognize when domains are being used for malicious activity.

Screenshot of VirusTotal's interface. Bitdefender, Fortinet, Kaspersky, CRDF, G-Data and Netcraft identified utileboards[.]com as malicious.
6 scanners on VirusTotal identified utileboards[.]com as malicious.

The screenshot from shows us what the scam site looks like. In the screenshot, the page is displayed in German, probably because the site recognized it was being scanned from Germany (’s default setting), and changed its language settings accordingly.

Screenshot of the malicious site. The text is in German and states: Gluckwunsche!
Fullen Sie diese kurze 30-Sekunden Umfrage uber Ihre Core-Backbone erfahrung aus, um eines unserer exklusiven Pramienangebote auszuwahlen.

Um Ihre Pramien zu erhalten, fullen Sie einfach unserer anonyme Umfrage aus. Es gibt fur den heutigen Tag nur noch eine begrenzte Anzahl von Pramien!
A screenshot of the scam survey site from

Using Google translate, we see the site says the following: “Congratulations! Complete this short 30-second survey about your core backbone experience to select one of our exclusive reward offers. To receive your rewards, simply fill out our anonymous survey. There are only a limited number of bonuses left for today!”

If you complete the survey, you’ll be told you’ve “won” the drill, but will then be asked to pay for shipping. However, the real Ace Hardware warns it “will never ask customers for payment information as part of any survey or promotion.”

This means that if you enter your credit card details, you’ll be giving your payment information directly to scammers. And you can be sure they will charge you far more than the listed shipping fee. Oh, and you will probably never receive the drill, either.

For example, a Redditor fell for a similar Ace Hardware scam involving a space heater. After paying the $6.95 shipping fee, they were later charged an unexpected $70 “membership fee.” The Redditor also never received their space heater, as the scammers claimed they had only entered a sweepstakes and hadn’t actually won the heater after all.

What should you do if you receive a scam Ace Hardware email?

If you receive a scam survey email from an Ace Hardware impostor and don’t click through to the survey, you have nothing to worry about.

If you do click through to the survey and enter your payment information, you’ll want to call your bank or credit card issuer. You’ll need to dispute any fraudulent charges made by the scammers and get a new card.

In either case, you should mark the scam email as spam so your email provider knows it is not legitimate. This will help make sure similar emails get sent straight to your spam folder in the future.

You can also report the email to Ace Hardware’s fraud department by sending it as an attachment to [email protected].

A woman boxer, ready to fight.
Photo ID: 146688117 © AndrewTovstyzhenko/

If you want to fight back against the scammers, you can report the domain of the scam site to the domain registrar. The registrar may then decide to suspend the domain, stopping the scammer’s operation, at least temporarily.

To report the domain, you’ll first need to know what it is. In our case, it was utileboards[.]com, but remember the scammers originally hid this by using a URL shortener. If the scam link you received starts with something like tinyurl[.]com/yyyy or bit[.]ly/yyyy then your scammers are also using a URL shortener and you’ll need to enter the link into to find out the real domain.

Once you have the domain, you’ll need to do a Whois lookup to find out who the domain is registered with. To do this, you can go to or another Whois lookup tool and enter the domain. You’ll then want to look for the registrar, as that’s who you’ll need to report the site to. In the case of utileboards[.]com, Namecheap was the registrar.

WhoXY's interface. 
Domain: utileboards[.]com
Registrar: Namecheap Inc
Registered: 9th May 2023
Updated: 15th June 2023
Expiry: 9th May 2024
Doing a Whois lookup reveals lots of information about a domain, including the registrar it is registered with and whether it has been suspended. Screenshot from Whoxy.

Next, search for the name of the registrar and “abuse” using your favorite search engine to find out how to report the scam site. For Namecheap, you’ll need to select the type of abuse and then fill out a form. You’ll want to include as much detail as possible, including a screenshot of the scam page from and evidence from and VirusTotal that the page is malicious, for example. 

Then you’ll have to wait. The registrar may or may not suspend the domain, depending on the situation. In the case of utileboards[.]com, Namecheap fortunately suspended it fairly quickly.

Namecheap Legal & Abuse Team:
Please accept our sincere apologies for the delay in reply.
Please be informed that the abusive service has been suspended.
Should you need further assistance, let us know.
Legal & Abuse Department
Namecheap, Inc.
Namecheap’s Legal & Abuse Team responded to my complaint within a few days and let me know they had suspended utileboards[.]com.

Even if the registrar suspends the domain, however, they may not let you know. But you can check if it’s been suspended yourself by doing another Whois lookup. If you see “clientHold” or “serverHold” under Domain Status, it’s been suspended. You can then feel really good about making life more difficult for the scammers!

The takeaway

Survey scam emails can look quite convincing at first, but once you know what to look for, they’re easy to spot. If you receive one, don’t click the link. Instead, mark the email as spam. If you want to get your own back on the scammers, consider reporting the domain to the registrar, too.

Leave a Comment

Your email address will not be published. Required fields are marked *