It’s the time of year where we often get gift cards for people. But after reading this report from Cybersixgill, I might rethink that.
Adi Bleh, threat analyst at global threat intelligence firm, Cybersixgill, has found that cybercriminals are using automated hacking tools to generate gift cards for top brands, including Amazon, Netflix, PayPal, Spotify, and Sony. In addition to creating these fake gift cards to steal from retailers, Adi has also uncovered that cybercriminals are using gift cards to launder money and evade law enforcement.
So, how do you protect yourself? Here’s some tips from Cybersixgill:
Consumers should check their gift card balance regularly and report any suspected fraudulent activity to the relevant retailer.
Retailers and gift card issuers, meanwhile, should monitor the tools available on the underground so they can create countermeasures. They should use more complex codes to prevent generators from enumerating the numbers, and they should implement controls to detect and block checkers from validating a large quantity of codes. Furthermore, they should monitor their gift cards’ internal traffic to detect unusual expenses, locations, multiple cards held by one customer, and other activities that indicate fraudulent activity.
I can easily see this becoming a huge problem as we approach the holiday season. Thus both retailers and consumers need to be on guard.