It’s the eleventh hour, your loved one’s birthday, graduation or special day is fast approaching and you have yet to buy a gift. There’s a good chance that you are part of the growing sector who reaches for a gift card—or an even more convenient e-gift card— in such situations. And you’d be in good company! The National Retail Federation reports that for 2017, “gift cards remain the most popular items on wish lists, requested by 61 percent of those surveyed.”
The bad news? Fraudsters are equally eager to take a bite out of the growing $127 billion gift card industry. To make matters worse, CNP fraud against e-gift cards is virtually untraceable when they’re resold for cash on gift card resale marketplaces.
While there are many ways fraudsters target physical gift cards (like those that you see at the grocery check-out aisle), e-gift cards are a growing sector rife for fraudulent activity. There are a few key ways that fraudsters target e-gift cards that merchants and consumers should be aware of:
- Brute Force lives up to its name, and means an attacker can guess activation codes without having to steal user credentials. This is typically caused by weak back end security processes and should be guarded against to minimize fraud losses.
- Multiple Account Creation. To confuse fraud prevention and tracking systems, fraudsters will create hundreds of accounts using synthetic or stolen identities to buy large quantities of e-gift cards without being detected! Having a solid fraud mitigation strategy in place that utilizes machine learning can help merchants discover patterns of multiple stolen or synthetic identities where one fraud prevention officer would be rendered helpless.
- Device/Carrier Switching takes advantage of the fact that the majority of fraud takes place on mobile, by overriding simple antifraud tools like device detection. This way one fraudster can appear to be many different legitimate consumers instead of a fraudster—until it’s too late.
- Bots and Botnets are the consequence of increasingly sophisticated fraud networks. By leveraging automated technologies, fraudsters can exponentially increase the number of attacks, increasing the overall success rate of e-gift card attacks.
- Phishing is when fraudsters trick users into revealing vital account information via a legitimate-looking email seeking information, like account data or passwords. This tactic is not just used for e-gift card fraud, but in fact is employed by fraudsters for all types of insidious means. A good rule of thumb is just to never enter your password because you are prompted by an email.
Hopefully in the near future, more of the general public will be aware of how to guard against bad actors and e-gift card fraud. In the meantime, Kount’s Blog Against Fraud will continue to educate as many shoppers and merchants as possible.
To learn more, download the eBook “E-gift Card Fraud: The Gift That Keeps On Taking” for tips and actionable advice on how to guard against e-gift card fraud while boosting sales in the process.
