December 5, 2018
November 29, 2018
Posted November 20, 2013
ThreatMetrix Warns of Several Fraud Scenarios Associated with Gift Cards During the Holiday Shopping Season
San Jose, Calif. – November 20, 2013 – ThreatMetrix™, the fastest-growing provider of integrated cybercrime solutions, today announces several fraud scenarios associated with holiday gift cards, as cybercriminals seek to make a profit from the lucrative market this time of year. The National Retail Federation (NRF) predicts gift card sales will reach an all-time high this holiday season – $29.8 billion in total spending – making the industry an attractive target for cybercriminals.
“Cybercriminals have developed several highly sophisticated ways to compromise gift cards and take advantage of consumers during the upcoming holiday shopping season, when merchants are often too busy with a high volume of transactions to spot all suspicious activity,” said Carmen Honacker, director of customer advocacy at ThreatMetrix. “If merchants fail to put preventative measures in place to protect against gift card fraud, it can be one of the greatest sources of revenue loss for merchants.”
Holiday Gift Card Fraud Scenarios
There are several advanced scenarios associated with holiday gift card fraud, all of which can lead to severe losses for the merchants and compromised customer account data. These scenarios include:
• Stolen Gift Card Web IDs – Cybercriminals fraudulently gain access to virtual gift cards, also known as eCerts and purchase goods and services that are then resold for profit outside the country or on auction sites.
• Virtual Goods – Fraudsters take advantage of the thriving gaming industry to compromise online currency and steal virtual goods – such as extra lives, levels and customized features in video games – for personal profit. This will be especially prevalent this holiday season with the release of two big-name video game systems – PS4 and Xbox One.
• Purchasing Gift Cards with a Stolen Credit Card – Using a stolen credit card number, cybercriminals can purchase gift cards either online or in-store. Physical goods such as clothing and electronics are then purchased with the stolen cards and sold online or shipped abroad and sold at a higher price for profit.
“Gift card purchases using stolen credit cards have become so prevalent that some retailers have resorted to ceasing online gift cards altogether and only accepting cash in-store for gift cards,” said Honacker. “However, retailers don’t need to miss out on these revenue opportunities due to the risk of cybercrime. With effective strategies and technologies in place to differentiate between authentic and fraudulent transactions, retailers can continue selling gift cards via credit card transactions and drastically decrease fraud attempts.”
Leveraging a collective data repository such as the ThreatMetrix™ Global Trust Intelligence Network (The Network) helps merchants differentiate between authentic and suspicious gift card transactions. If any given account, device or persona has been flagged in the past for masking its true location, stealing gift card PINs, selling stolen goods or other fraudulent activity, The Network can flag these transactions as high risk and recommend the merchant add additional screening before accepting the transaction.
More specifically, a comprehensive data repository such as The Network doesn’t automatically accept authentic orders or reject suspicious orders. Rather, The Network provides a recommendation and merchants can customize the parameters for classifying a transaction as low, medium or high risk depending on their specific business needs.
“Each merchant has different requirements for categorizing risk, which is why ThreatMetrix doesn’t merely offer a ‘one-size-fits-all’ cybercrime protection platform,” said Honacker. “While The Network may generally set certain locations, as high risk, a given retailer may receive significant business from that location and can adjust the risk levels.”
The holiday shopping season is the busiest time of year for gift card purchases and retailers need advanced strategies in place to assure cybercriminals are stopped in their tracks and authentic customers are not disrupted by arduous authentication processes. ThreatMetrix is committed to continuously developing new technologies to assure retailers and other businesses across industries have all the tools they need to protect against cybercrime.
ThreatMetrix secures Web transactions against account takeover, payment fraud, identity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects more than 1,900 customers and 9,000 websites across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.
© 2013 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.