Are you currently experiencing an attack?

Are you currently experiencing an attack?

Gift Card Fraud

Summary

One common method is for criminals to use bots to stuff possible card numbers into web applications until valid card numbers are found. Validated card numbers are used to purchase goods, or are sold for cash through various online services.

Keep reading: Related Content

More Topics

Summary

One common method is for criminals to use bots to stuff possible card numbers into web applications until valid card numbers are found. Validated card numbers are used to purchase goods, or are sold for cash through various online services.

Gift Card Fraud

Criminals steal gift cards in a variety of ways. Theft of physical gift cards from retail stores is common, but online theft occurs as well. 

One common method is for criminals to use bots to stuff possible card numbers into web applications until valid card numbers are found. Validated card numbers are used to purchase goods, or are sold for cash through various online services. 

Criminals can use similar methods to perform coupon code discovery. While not as outright fraudulent as the above, it still has a direct impact on revenue. Another technique is to use credential stuffing to take over loyalty/reward accounts and drain their balances (potentially extracting funds from customers’ debit cards too, if they have linked them to their loyalty accounts). 

Threat actors have proven quite creative in exploiting gift and loyalty programs. Past examples included the discovery of programming errors in certain gift-card account APIs, creating potential race conditions. To exploit them, bots would submit simultaneous transfers among multiple cards, sometimes resulting in funds being credited to one card without being debited from another. Fraudsters were able to convert a small “seed” of initial funds into large gift-card balances.

Get your price quote

Fill out your email below, and we will send you a price quote tailored to your needs

This website uses cookies to ensure you get the best experience on our website.