With security improving around gift cards, scammers are
resorting to new tactics, including old-fashioned trickery and new
technology. "As the locks have gotten more sophisticated, so have
the lock picks," says Ben Jackson, a senior analyst at Mercator
Advisory Group, a Maynard, Mass.-based company that tracks the
consumer payments industry.
Gift cards attract criminals because they're big business. U.S.
consumers loaded $112.3 billion onto gift cards in 2012, according
to Mercator reports published in August. The figure includes both
closed-loop gift cards, which can only be used at a single
retailer, and open-loop cards, which can be used at any store that
accepts them. The dollar amount loaded on closed-loop cards grew 4
percent from 2011, while the open-loop market grew 7 percent.
"The thing about gift card fraud is it's the old, 'John
Dillinger, why do you rob banks?' 'Because that's where the money
is,'" Jackson says.
Classic schemes evolve
Thieves continue to use some of the same scams they pioneered
several years ago, experts say, but often with a twist. In a
classic gift card scam
, a thief checks gift cards displayed in a store and writes down
identifying information or lifts it from the card's magnetic stripe
using a scanner. The crook then goes home and repeatedly checks
online to see when the card is activated (usually this is done when
the cashier rings up the purchase of the card). Once activated, the
thief spends the card balance online.
In another traditional scheme, a thief will apply a bar-code
sticker over the genuine bar code of a gift card in a shop. When
the sticker is scanned, it activates a blank card that the crook
has stolen instead of the card the consumer is purchasing.
Technology is allowing scammers to streamline part of the
process, says Jackson. Rather than having to hit "refresh" on their
computers until they see that a card has been loaded with value,
thieves now use computer software that automatically checks the
value of a card multiple times in a short span. Card processors
have caught on, however, and now consider such repeated value
checks a red flag for fraud.
Card manufacturers are also beefing up security by upgrading
packaging to make it harder for thieves to record card
identification numbers. But fraudsters have, in turn, adapted by
using "social engineering," otherwise known as the traditional tool
of the con man: the gift of the gab. They're approaching merchants
directly to obtain the necessary card data.
Often this social engineering takes place at the point of sale,
Jackson says. Scammers telephone a store, reach a clerk and
identify themselves as representatives for the company's central
office. They'll ask the clerk to activate a card, load it with
value, and then give the thieves the identifying numbers so they
can check that it was activated properly.
"They're essentially creating money out of thin air," Jackson
A similar, darker, scam involves callers using threats to try to
get information from retail employees. Stores in Savannah, Ga.,
received warnings that the stores would be blown up if a store
manager didn't load $500 onto 10 reloadable prepaid debit cards,
then read the card numbers over the phone. The
FBI, which is investigating
, says no manager complied and the bombs never went off, but the
scam has appeared in other parts of the country too.
Oldie but goodie
One of the most popular crimes involving gift cards hasn't changed
much. Thieves are still buying gift cards with stolen credit cards,
says Martha Weaver, the gift card product marketing manager at
Travel Tags, an Inver Grove Heights, Minn.-based company that
manufactures 500 million gift cards a year. Buying a gift card
allows a thief to extract money from the credit card before the
cardholder notices the credit card is missing and cancels it.
"Gift cards are an anonymous account to put money on, and
anything anonymous in the world of fraud is desirable," says
Weaver. "It's seen as a way to launder money."
Fraud detection has gotten better both at card processors and among
law enforcement agencies, says Dan DeFelippi, a former card thief
who has consulted with the Secret Service on fraud techniques and
now works as a web developer. Training has improved and there are
now more links, formal and informal, between law enforcement and
card processors' internal fraud detection departments.
"If they have inside contacts, it helps (law enforcement)
investigate, and they'll catch more people and prevent more losses
from happening," DeFelippi says.
You can protect yourself from gift card scams by following a few
Layaway 2013: Survives recession's end, but
Best ways to redeem rewards points for the
Three ways to curb pre-holiday money stress
Treat gift cards like a food purchase.
The same way you wouldn't eat a candy bar whose packaging is torn
or battered, stay away from gift cards if the packaging appears
damaged. Some card manufacturers are moving away from paper
"clamshell" packaging that can be sliced open and resealed in
favor of tougher, plastic packaging that can't be opened without
destroying the package.
Don't give out confidential information.
There's no reason for a sales clerk to ask for the number of a
gift card, so if you encounter that situation, challenge the
request and refuse to provide the information. The same applies
for callers who request such data to "check the card's
Investigate online sellers.
If you're buying a card at an online marketplace like eBay or
Gift Card Rescue, read what previous buyers say about any seller
with whom you're consider doing business. Stay away from sellers
with negative reviews.
If your gift card balance is not what you expect it to be,
contact the card issuer immediately. Not only do you improve your
chances of retrieving your money, you help others, since scammers
generally perpetrate the same fraud on multiple