How Gift Cards are exploited by Cyber Criminals

by
gift card

Why Gift Cards are exploited by Cyber Criminals

Gift cards – we all use them – they are particularly useful as gifts for those people who say “Oh I don’t know what I want for Christmas”. But a less well-known use of gift cards is to monetise cyber-attacks. (Fletcher. 2022)

What motivates a hacker?

There are a range of motivations for threat actors and hackers (I am sure that list was a question in my MSc exams) from state- sponsored hacking in pursuit of political gains to doing it for kicks and prestige with their hacker peers. But one of the most common motivations for large and small hacker operations is money – easy money. However this is no bank job where you can walk out with the cash in a brown paper bag, Sweeney style, the proceeds of the crime have to be transmitted electronically and anonymously. Bitcoin and blockchain have a major role in facilitating cyber-crime and are appropriate for large hacks, such as ransomware targeting large corporations. But for smaller hacks, scam gift cards are the hackers’ currency of choice, quick and anonymous.

Add a bit of social engineering to get you to buy a gift card

We have had experience dealing with this type of scam. A new member of staff was deceived by what appeared to be a legitimate email from the CEO asking her to buy £300 of Amazon vouchers, then follow a link and fill out the online form with the voucher numbers. The scam only came to light at the end of the month when she tried to claim £300 on expenses – the client decided to take no legal action. Probably a good idea as the criminals were long gone.

What can you do about it?

  • These scams get to you by phishing texts and emails – always with a compelling story to make you take action. Training and scepticism are essential to foil these attacks.
  • When it comes to the business email compromise attack (BEC) – the type of attack described above and here – policies, procedures and clear financial cut-offs that operate when senior staff are out of the office and do not rely on business emails.
  • Government agencies and official bodies will never ask for payment in gift vouchers!
  • If you get a suspicious phone call, that you think may be a scammer do not engage with them – hang-up.

Happy Christmas Shopping

How Gift Cards are exploited by Cyber Criminals Cyber Awake

Having spread this little bit of Christmas cheer, watch out this Thursday on Smart Thinking for my Geek’s Christmas Shopping blog post (the start of the article is on the iPad above) – it will be more fun than this article, I promise.


Clive Catton MSc (Cyber Security) – by-line and other articles

References

Fletcher, E. (2020). Gift Cards Top Scammers’ Wish lists. Federal Trade Commission. Retrieved November 28, 2022, from https://www.ftc.gov/news-events/data-visualizations/data-spotlight/2020/12/gift-cards-top-scammers-wish-lists

Terranova. (2022). Gift Card Scams: How to spot these cyber threats. Retrieved November 28, 2022, from https://terranovasecurity.com/gift-card-scams/

Further Reading

Why I do not like “Meet the Team” web pages – CyberAwake

Remember when you are shopping online there are malicious web pages out there – here is some advice

“JARVIS” image credit Clive Catton (www.clivecatton.co.uk)

Contact us for consultation

Wake up to cyber threats..

How Gift Cards are exploited by Cyber Criminals Cyber Awake
HQ Based between Newark and Lincoln

Get in touch

CyberAwake
Unit 2 Kingsley Court
Kingsley Road
Lincoln
LN6 3TA
United Kingdom

01522 508089

useful links

Website Cookies Icon

This website uses cookies to ensure you get the best experience on our website. Click for more information.

accept & Close