Gift Card Scams

With the holidays fast approaching, be on the lookout for this widespread scam.

This type of scam will slip through most anti-spam and anti-phishing software because most anti-phishing software only analyzes attachments or scans for suspicious links in an email. Gift Card Scam emails are dangerous because they do not have attachments or links to click — they look like emails from someone important in your organization asking for help, but are actually from a Cybercriminal.

The "From:" line of an email can display any name, so a cybercriminal can write a CEO's name but send the email from a different email address.

Gift Card Scam emails often appear to come from your company leader asking for a favor and mentions that they are too busy to talk on the phone. The scammer expects the employee will respond quickly to their boss' request.

Here are the details and how to identify this type of attack:

  1. Spoof Sender Email. The person will receive an email that looks like it came from the CEO/CFO/COO requesting help or a favor. This email will be malformed, so the reply will go to a different email address other than the CEO/CFO/COO. The email address may be a Gmail or other free email account. The spoofed email address will show when a user replies, but it is often overlooked. It is overlooked because users don't look at the reply address when responding to the email.
  2. Spoofed Reply Email Address. The person replies to the email, thinking they are responding to the CEO, but they are really responding to the Cybercriminal.
  3. Correspondence. The email thread goes back and forth, making the request more and more urgent. Train your users to be aware of any change of tone for email threads that request gift card purchases. If the person thinks – wow that doesn't sound like the CEO - it probably isn't. If you review the email thread, the reply address will be to a different domain – another clue of a fraudulent request.
  4. Purchased Gift Cards. If the scam is successful, the impersonators will ask you to take photos of the numbers on the back of the gift cards and send them back. Once you send those photos, you're never getting your money back.

Please make all users aware of these fraudulent attempts and how to spot them. Closely review how easy it is (usually VERY easy) to determine the CEO/CFO/COO/Controller emails address via your website and social media sites like LinkedIn, Twitter and Facebook.

Do yourself a big favor, don't immediately respond to emails asking for a favor. Call the person and ask if they really need any extra help (they won't). Make it a habit to always check the email address when replying to a message to verify that the message is going to the intended person. Stay safe and Happy Holidays!


Get updated on the latest Information Technology news, Cybersecurity, Information Technology Trends, and recent real-world troubleshooting experiences.