Gift Card Scams Explained
Giftcard scams are becoming more and more popular. These email phishing scams rely on impersonation and social engineering tactics to engage with victims to ask them to purchase gift cards. The hackers leverage authority and urgency in their requests. They will frequently impersonate high-level executives, CEOs, etc as part of the scam. After a few exchanges, the person asks you to purchase gift cards and send them the activation codes. Let's be real here, your boss probably isn't going to email you to ask you to purchase gift cards on your own dime.
So why do these attacks work? They are a simple and a quick way to get money from their targeted victims, especially when the email is impersonating someone in the organization.
What Should I Do?
- If you get an email from a co-worker asking if you "are available?" or asking for you to only "text them", before responding, reach out to the sender in a separate email or call them to check if they actually sent the request.
- Don't reply to the email or use any contact information provided in the email. Hackers often provide fake numbers or email addresses that they control.
- If you discover the email is a phish, report it to your boss or the IT department.
Below are three examples of these types of attacks:
|Example # 1:|
Subject: URGENT REQUEST
Are you available ?
No calls text only 9513072XXX
I'm in a meeting and need help getting some Amazon Gift Cards
If you get an unexpected email from your boss or co-worker asking for this kind of help:
- Don’t pay for anything with a gift card. Gift cards are for gifts. If anyone asks you to pay with a gift card, it’s a scam.
- Double-check with your supervisor. Call your boss using a known number — not something that was written in the email.
- Take a pause. Don't reply to the email! Can’t reach your manager? Talk to a trusted coworker or friend. Tell them the situation and see what they would do.