The content material of this put up is solely the duty of the creator.  AT&T doesn’t undertake or endorse any of the views, positions, or info supplied by the creator on this article. 

Present playing cards have change into a go-to Christmas current for many individuals, however their dramatic rise in recognition has additionally sadly made them a main goal for hackers.

The explanation why reward playing cards are such a well-liked current is due to how sensible they’re to make use of. If you’re unsure what to purchase somebody, reward playing cards current a simple and accessible option to present somebody how a lot you admire them.

However don’t permit the comfort of reward playing cards to get the higher of your judgment in regard to safety. It’s straightforward to assume that reward playing cards are secure from cybercriminals, however in actuality, reward card fraud (also referred to as reward card scamming) is a really actual risk not solely to retailers and enterprise house owners however to on a regular basis people equivalent to your self as properly. 

Overlooking fundamental cybersecurity hygiene if you’re speeding to attain the perfect offers which you could on-line has at all times been a danger you’ve taken prior to now, nevertheless it additionally will not be a danger you possibly can afford to take this 12 months.

Learn on to seek out out why and how one can stop it. 

Why do scammers like reward playing cards?

Present card fraud is a much bigger drawback than most individuals understand. In 2022, for instance, FTC knowledge revealed that practically $230 million was misplaced to reward card fraud, affecting greater than 48,000 individuals in whole.

Present playing cards are common with retailers as a result of they current a really dependable stream of income. However on the similar time, they stop a viable alternative for scammers to get away with straightforward cash due to how troublesome they’re to trace.

Scammers like reward card playing cards as a result of they’re straightforward to interrupt into and likewise as a result of they don’t have the identical degree of safety authentication that credit score or debit playing cards have. Most cybercriminals will steal reward card numbers on-line from shops providing them. They will accomplish this through the use of botnets that carry out brute drive assaults. The one factor a felony has to do is to check 1000’s of various mixtures of PIN and reward card numbers earlier than hacking right into a person’s account and depleting the cardboard of its funds. 

Moreover, as soon as the assault is accomplished, there’s normally no hint of the felony’s id and the funds can’t be traced. And despite the fact that most reward playing cards have restricted quantities of cash loaded on them (most reward playing cards run between $15 to $500 on the most), when cybercriminals are operating their operations on a big scale they will flip a really sizable revenue. 

Cybercriminals may also monetize reward playing cards by illegally promoting them on the darkish internet or different third-party web sites. A few of these web sites will provide the flexibility to transform reward playing cards to money at 30%+ of the entire card worth, presenting a simple option to make fast cash. 

Within the subsequent part, we’ll dive into the precise sorts of reward card fraud that may have an effect on you. 

Forms of reward card scams 

Listed here are the most typical sorts of reward card scams:

Fictitious adverts

On this technique, cybercriminals will put up faux however realistic-looking ads for gadgets ‘on sale’ on ecommerce web sites the place they’ll trick customers to into sharing their reward card numbers to buy the gadgets. As soon as the cash has been obtained, the adverts will disappear, and the sufferer will probably be out of luck. 

In different phrases, individuals can fall for this trick the identical approach they will fall for different widespread sorts of id theft, with individuals being unassuming because the risk comes from a innocent supply (on this case, a web based reward card for the vacations).

Present card demand

On this technique, cybercriminals will ship a textual content message or a telephone name to victims posing as a regulation enforcement or authorities company and demanding you to pay them in reward playing cards (Amazon, Apple, and Google Play playing cards are essentially the most generally requested). They’ll demand that you simply buy the playing cards after which present them the reward card info, at which level they’ll disappear immediately. 

One other technique on this similar vein is for the cybercriminal to pose as somebody you recognize, equivalent to your boss, supervisor, buddy, or member of the family. They will discover this info out by your social media or LinkedIn profiles. Pretending to be the particular person you recognize, they’ll ask you to buy a present card for them and to ship the codes over, normally developing with a narrative for why you want to take action within the course of. 

This is likely one of the commonest sorts of reward card fraud that may have an effect on on a regular basis individuals. 

Stealing codes 

This technique is the place a sophisticated cyber attacker will hack into the net database of a present card firm to seek out and monitor the reward card numbers and activation codes, normally through brute drive assaults as we mentioned above. 

It’s possible you’ll go to buy a card, after which as soon as it’s been activated, the felony will deplete it of its funds. Then if you or the recipient of the cardboard goes to spend it, it received’t work as a result of there’s not any cash on the cardboard. 

Generated reward playing cards 

Different instances, cybercriminals will create web sites or cell apps that declare you possibly can generate reward card codes which are redeemable at main retailers and on-line shops. After you’ve ‘bought’ the reward card, the cash will probably be transferred to the account of the cybercriminal, and the sufferer will find yourself with nothing.

Alternatively, scammers could give you a present card that merely has much less worth than what you paid for it. If that is so, the cardboard is both faux or was stolen. 

The way to cease reward card scams 

The primary option to cease your self from changing into a present card rip-off is to be alert. Don’t have the mindset that “it would by no means occur to you,” as a result of that’s precisely the identical mindset that the 1000’s of different victims of reward card scams initially had as properly.

Be sure you by no means present your private or monetary knowledge to unsolicited telephone calls, textual content messages, or emails of any type. No official enterprise, authorities company, or regulation enforcement division will ask you to supply your private or monetary knowledge for no cause, and so they definitely received’t demand you to pay for something through reward playing cards. Normally, nonetheless, fraudster playing cards are straightforward to detect. 

One other smart way to make sure you’re secure is to make use of correct doc administration strategies and avoid susceptible mainstream options on the subject of recording your monetary knowledge, together with your reward card numbers. If the reward card finally ends up being a malicious software, accessing your deeds, private info, and even work notes is greatest carried out by way of a protected platform (equivalent to an encrypted PDF) and never Google Workspace or Workplace 365. 

In case your boss or member of the family asks you through textual content message to purchase them a present card, you possibly can relaxation assured that it’s probably not your boss or member of the family. The actual fact that your ‘boss’ or ‘member of the family’ is texting you through a distinct telephone quantity (and normally one with a very completely different space code) ought to inform you the entire story. 

Moreover, be sure you solely store with trusted companies or on-line retailers which are PCI DSS compliant, which means that they adhere to the twelve safety requirements for conducting transactions as set by the Cost Card Business Safety Requirements Council (PCI DSS). In a nutshell, these requirements are designed to make sure the continuing encryption and authentication of buyer private and monetary knowledge. It’s a significant purple flag if a enterprise is just not PCI-DSS compliant or doesn’t also have a Visa or MasterCard seal of approval. 

Conclusion

Present card fraud doesn’t need to spoil your vacation season. Keep in mind that despite the fact that reward playing cards could also be handy to make use of, they can be handy for cybercriminals as properly because the transactions can’t be tracked. Have enjoyable procuring on your family members this upcoming vacation season however be in your guard on the similar time.