Thousands of companies offer statically-priced and reloadable gift cards. With that much cheddar flying around it isn’t a surprise that there is big business in gift card theft. The FTC has stated that gift card scams are up a whopping 270 percent since 2015. With so much money at stake, keeping yourself out of the way of the scammers has to be priority one.
A Great Way to Give a Gift
Many of us have utilized the gift card to extend our appreciation for friends, co-workers, and loved ones, and they are typically a pretty well-received gift. The problem is that a lot of money is being diverted from the gift giver, not to the recipient, but to third-party scammers. The IRS has been forthcoming on this issue, stating that gift cards “are the currency of criminals”.
What Is the Scam?
Unfortunately, there are several. The first one we’ll go into briefly (just because you should know about it) requires hackers to go to the store, get all the information off of the card, physically scrape off the little foil sheet to expose the security code, replace the foil sheet, and wait. Eventually the card will get filled, and if the hacker hadn’t triggered the security measures by repeatedly checking the account associated with the card, they would have access to whatever funds were put on the card by the provider.
Another scam we are seeing a lot of is effectively laundering money with cards. The FTC’s website itself identifies one of the big problems: “Gift cards are for gifts, not payments.” How this works is that a scammer will call a potential victim up and give them horrible, or incredible, news to get the victim out of a pragmatic mindset and then take advantage of his/her distraction by making them pay using a loadable gift card. If anyone wants you to pay with a gift card, STOP immediately, it’s a scam. Gift cards are the number one payment method imposters demand. Much like the phishing scams that extort sensitive information from users via email, these gift card scammers take untraceable money via fraud.
The last scam, and the one we are most concerned about as faithful gift card supporters is one where a host will turn computers and Internet of things devices on the websites where consumers access their gift card balances. This botnet attack continually tests the system with millions of combinations of gift card account numbers and stolen PINs or passwords. The machines on the botnet are spread out enough, and mimic human behaviors well enough, to allow these hackers to get the money they want before they are detected. It is estimated by industry professionals that nearly 90 percent of login activity for online accounts that are set up to manage gift cards comes from botnet attackers.
There are actions you can take to protect yourself. You can buy your gift cards online. While it makes an already impersonal gift a little bit less personal, it could go a long way toward ensuring the recipient gets a gift. If you are going to buy gift cards at a store, make sure the packaging isn’t disturbed and that the foil hasn’t been removed from the security code. Finally, if you can, change the PIN on a card you have received as soon as possible after receiving it (and before using it).
Fuse Technology Group IT professionals make a living keeping our clients from all manners of threats.