Scammers Use “Membership Rewards Cards” to Store Stolen Credit Card Information

Image source: iOS Gadget Hacks
Image source: iOS Gadget Hacks

Fraud is on an all time rise as we advance in 2020. Recent reports have indicated that credit card fraud has taken a new shape, rewards cards are at risk as well.

Fraudsters have found new ways of accessing rewards cards through stolen credit card information. These “fake” rewards cards are designed to make the cashier believe that it is a legitimate way of making a purchase.

However, the barcode on the rewards card is actually linked to a random credit card and the transaction gets recorded as “Card not present”, allowing the culprit to get away with the purchase.

The barcode on the rewards card is the new way of storing the stolen credit card data and allows scammers to conduct an incognito breach – Information disclosed by United States Secret Services.

According to a recent case in Texas – law enforcement agencies were notified via an alert involving a fake club membership card that displayed a barcode on the back of it, along with a valid expiration date and a CVV code. Allegedly, the membership card was used to purchase merchandise.

“They instruct the cashier to select card payment, scan the barcode, then enter the expiration date and CVV. In this instance, the barcode was encoded with a VISA credit card number,” reads the alert from U.S Secret Service, KrebsonSecurity reported.

Stores like Walmart, Target, Sam’s Club etc., offer member benefit rewards cards, making it easy for scammers to use that as a new way of storing stolen customer credit card information to make purchases at the store locations.

Our recommended way of preventing this issue:

We suggest the authorities to secure the rewards payment methods via sending a one-time secure pin to the phone number of the “real” card member’s phone number of record to authorize the transaction. This will alert the “real” card member about the fraud and the transaction will not be authorized.