With the Christmas season upon us, cybercriminals are looking to make extra money by stealing gift card balances. A trick that they are using is to spoof legitimate gift card balance check websites so that when an unsuspecting person enters their gift card information, the criminal drains the balance. The research team at Bolster note that online scams are predominately choosing to spoof Target’s balance checking page. Some of them look more credible than others. In one example, the criminals are imitating Target’s service so well that most users would not be able to see any difference from the legitimate site. The fraudsters have gone as far as to register the domain targetgiftscard[.]com, which makes even looking at the domain difficult. The research from Bolster shows that an entity in New Delhi, India registered the fraudulent site and that its IP address (used in the past in phishing campaigns) is shared with other businesses in India. In another gift card scam, fraudsters use the promise of gift cards for filling out surveys. The scammers are using popular brands like Amazon, Google, Pizza Hut, and Walmart to entice people. Although filling out the survey doesn’t seem dangerous, scammers use this to collect personal data to create phishing scams.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is