[Editor’s note: November is Holiday Survival Month at Card Not Present (sponsored by Sift Science). The holidays are the best of times for most merchants, but they can result in sleepless nights for fraud professionals charged with protecting the bottom line amid a crush of orders. Check back here throughout the month for updated content that will help merchants make their customers’ holidays memorable while holding fraudsters at bay and keeping their staffs sane.]
Digital gift cards provide an easy, convenient alternative to physical gifts during the holiday season. And they’re skyrocketing in popularity among shoppers: with 200-percent annual growth, e-gift cards are the fastest growing part of the $127 billion gift card industry.
But digital gift cards are also popular among cybercriminals, offering numerous ways for fraudsters to steal money and scam unsuspecting victims. Therefore, merchants face a dilemma: If they offer digital gift cards, they risk seeing their fraud rates inch up … but if they don’t, they risk disappointing customers and missing out on prime revenue opportunities.
Let’s look at some common ways fraudsters exploit digital gift cards:
Profiting from credit card theft. In a common scheme, a fraudster places an ad for an expensive item on a peer-to-peer (P2P) marketplace, asking for a lower price than retail. Once the buyer jumps on the deal, the fraudster purchases a gift card using stolen credit card details, buys the item online, and ships it to the buyer.
Stealing gift cards from resellers. A phony buyer asks the seller to perform a three-way phone call with the merchant to check the gift card balance. While listening to the seller enter the gift card number, the buyer records the sound of the touch tone numbers to steal the gift card number.
Using free gift cards as a trap. Businesses use free gift card sites to give out gift cards in exchange for filling out surveys. In one scam, the victim is asked to pick what gift card they want, but instead of completing a survey, they’re asked for personal information like an email address.
Requesting gift cards as payment. The FBI issued a warning last year against scammers that ask for gift cards as payment for goods or services. Fraudsters will use social engineering to prey on the seller’s sympathies, claiming they’ve been hurt by shady practices like chargebacks. When the victim provides the scammer with gift card info, the funds on the card are removed and the victim never receives their product.
Redeeming stolen rewards points. If a cybercriminal gains the credentials to a victim’s credit card or loyalty rewards program, they will redeem the victim’s points for gift cards and exchange the card for cash.
Money laundering. According to the Office of Terrorist Financing and Financial Crime, terrorists and money launderers are increasingly turning to anonymous online payment services, gift cards, and other prepaid cards to move illicit funds.
Merchants will have to balance offering digital gift cards to keep up with customer expectations and investing in fraud prevention methods to protect their bottom line. Before you choose to offer gift cards, make sure you’ve got a robust fraud solution in place.