Keeping Your Members and Customers Safe from Gift Card Scams and Loyalty Rewards Fraud

By Jonathan Flynn of IDX


Gift card scams and loyalty program fraud can cause undue stress and financial burdens to your members and customers. While you won’t be able to stop these scammers in their tracks, keeping your members and customers informed of common scams will reduce the risk.

Gift Card Scams

Gift card scams involve an individual posing as a legitimate business requesting payment via gift cards. They may also pose as a high-profile individual in a company, such as a CEO, asking the employee to perform an urgent task for them (purchasing a gift card) because they are stuck in a meeting. Once the gift card is purchased, the scammer requests the unique code of the card and uses it. This leaves the individual with no means of getting their money back as they legitimately purchased the gift cards.

The people who fall victim to these scams aren’t losing a few bucks here or there either. One woman lost $39k after striking up a Facebook friendship with a man that used emotional pleas to get her to buy him gift cards. The FTC states that in the first three quarters of 2021, almost 40,000 people reported gift card scams resulting in more than $148 million stolen. This number only reflects a portion of the actual scams. It’s estimated that only 3% of effected individuals report fraud to government agencies or the Better Business Bureau.

Loyalty Rewards Fraud

Businesses work hard to find ways to thank their customers. A common tactic is to offer member reward points. These points are typically redeemable as cash on purchases with the business. It’s a great way to build incentive to shop, and often those points go unused. Globally, there are $48 trillion worth of unspent loyalty points that consumers have amassed. That is a rich pot for thieves to attack. In the last year, attacks against loyalty points programs increased by 89%.

Points pirates can take several tactics to get these member points:

  • Account hacking, where an attacker uses leaked account information on the dark web or information gained through phishing scams in order to get access and use the points
  • Knock-off accounts, where the fraudster will use fake accounts, often using stolen identities, to rack up points, move those points to other accounts and use the rewards (or sell them)
  • Transactional looting, where the attacker steals information from the member’s credit card, digital wallet, or other payment accounts in order to use the points to get items without having to pay

Impact on Businesses

While gift card scams and loyalty rewards fraud doesn’t directly impact a business, they can inadvertently create brand reputation damage, and no business is spared. Even if your company doesn’t offer gift cards or have a loyalty program, your employees are likely to be hit with a phishing scam working to get their info or get a gift card or two. Businesses need to be proactive in implementing consumer privacy protection solutions to keep their employees and customers protected from fraud.

Tips for Fighting against Fraud

Gift card scams and loyalty fraud can place a heavy burden on your members or customers. Providing tools that can keep track of unused points or purchased gift cards can help. IDX has updated their Password Manager tool to include fields consumers can use to track these items.

Other ways to mitigate risk

– Encourage your shoppers to use gift cards as soon as they can or track them in a Password Manager tool
– Put an expiration on any loyalty point programs so that unused points don’t sit in accounts waiting to be stolen
– Encourage your members to use unused loyalty points via email marketing campaigns
– If you are a reseller of gift cards, keep them in locked cases and train your employees to bring up gift card scams when helping these customers
– Provide unique PINs for your digital gift cards
– Invest in security training, especially geared towards phishing scams and individuals posing as others within the company
– When receiving an email from someone like your CEO asking for an urgent favor, do not reply directly to that email, but send a separate email to that individual confirming if they do have an  urgent favor
– Ensure your employees and customers know that businesses and government entities will not ask for payment via gift cards

Protecting Your Employees and Customers

Another big step in helping your business and your customers stay clear of scammers is by protecting their personal data. It is more important than ever to keep data protected. IDX Privacy not only offers individuals increased security measures, such as deleting personal information from data broker sites, scanning the dark web for potentially leaked data, and keeping an eye on social media accounts, but it can also keep track of gift cards and rewards through their password manager. IDX’s products can also be offered as an additional member benefit, or even as an employee benefit.

Gift card scams and loyalty program fraud have many victims. Your customers and members are being burdened and your business experiences reputational damage. Staying vigilant against these scams will keep your members happy, and in turn help your business thrive.

About IDX:

IDX is a proven partner in digital privacy protection. Thousands of organizations and over 40 million individuals rely on IDX to protect sensitive personal information from the growing threat of cybercrime. As the nation’s largest provider of data breach response services, IDX is trusted by both public and private sector clients to serve as an unparalleled strategic partner in data protection. Visit for more information.


Related Posts