Skip to main content

How gift card scammers target companies — and what you can do




Gift cards offer businesses a convenient way to reward employees and thank customers. However, as the FBI recently warned, gift card scams specifically targeting companies are on the rise. Since January 2017, losses from such fraud schemes have surpassed $1 million. Here’s what you need to know to avoid being cheated.

Anatomy of a scam

Fraudsters use classic “spoofing” strategies to execute what law enforcement terms Business Internet Compromise (BIC) scams. They email or text an employee, claiming to be someone who can authorize gift card expenditures, such as the company’s CEO or HR director.

Messages typically instruct the employee to purchase gift cards for the executive to give as gifts or to use for office expenses, such as holiday party supplies. The employee is told to send the gift card information, including card numbers and PINs, back to the “executive” (in reality, the scammer) who then cashes out the cards’ value. By the time the business catches on, it’s already too late to recover the stolen funds.

All companies are vulnerable to this type of fraud. But certain sectors seem to be at increased risk, including real estate, legal, medical, and distribution and supply businesses, as well as nonprofit organizations.

Simple steps

Prevention starts with education. Inform employees about the scam and ask them to be on the lookout for emails or texts that ask them to buy multiple gift cards on someone else’s behalf. They should be particularly suspicious if the email urges them to act quickly or to reply with the gift card numbers and PINs.

To be on the safe side, require employees to follow up on any electronically delivered purchasing request with a phone call to the requesting party. And to reduce the chance that employees will receive spoofed emails, ensure that your network security is robust and up to date.
Report and control

The FBI asks businesses to report BIC gift card incidents to its Internet Crime Complaint Center at www.ic3.gov. Also, contact us. We can help you implement strong internal controls to prevent fraudsters from taking advantage of unsuspecting employees.

Please contact us for additional information © 2018

Popular posts from this blog

IRS Announces New Pilot “Pre-Audit” Compliance Program for Retirement Plans

  On June 3, 2022, the IRS announced a new pilot pre-examination compliance program for retirement plans beginning in June 2022.   Under the new program, the IRS will send letters to plans advising them that they have been selected for an examination and will have a 90-day window to self-review the plan’s documentation and operation to determine if they meet current tax law requirements. If the plan does not respond within 90-days, the IRS will audit the plan. If self-review reveals non-compliance, the plans will be able to self-correct the mistakes using the correction principles in the IRS voluntary compliance program (EPCRS).    EPCRS’s self-correction program will be available. If a mistake cannot be self-corrected, an IRS closing agreement under EPCRS will be available based on the voluntary compliance program (VCP) fees rather than the normal closing agreement fees. If the plan does respond within 90 days, the IRS will review the submitted documentation, determine whether it
Read more

CARES and Family First Acts provide potential relief for Unions

The Coronavirus Aid, Relief, and Economic Security (CARES) Act and the Families First Coronavirus Response Act both provide potential relief for nonprofit associations. We are still awaiting important details on the many provisions of the Acts, but we wanted to provide a summary of some of the programs which will be of interest to our Union clients. We will update this bulletin as additional information becomes available. Update for Union Clients
Read more