Loyalty points programs are a popular way for businesses to reward their loyal customers, offering them various incentives and benefits. However, cybercriminals have identified these programs as a new avenue to exploit innocent consumers. Loyalty points scams have been on the rise, with criminals sending deceptive messages to unsuspecting individuals, aiming to steal both their valuable rewards and personal information.
Step 1: Deceptive Communication
The first step in a loyalty points scam involves the scammers sending fraudulent text messages or emails to targeted consumers. These messages often claim that the recipient’s loyalty points are on the verge of expiration, creating a sense of urgency and concern. To add credibility, scammers may use logos and graphics resembling legitimate companies, making it challenging for individuals to distinguish between authentic and fraudulent communication.
Step 2: Fake Website Link
Within the deceptive message, scammers include a link that directs recipients to a counterfeit website designed to mimic the legitimate loyalty program’s platform. Unsuspecting consumers, assuming the message to be genuine, click on the link without hesitation, unknowingly exposing themselves to fraud.
Step 3: Luring Customers to Provide Personal Information.
Once on the fake website, victims are prompted to log in using their loyalty program credentials. Alternatively, scammers may ask customers to enter their credit card details under the guise of redeeming loyalty points. Unbeknownst to the consumers, the information entered is captured by the criminals.
Step 4: Theft of Loyalty Points and Identity
With access to victims’ login credentials and credit card details, scammers proceed to steal their loyalty points. Additionally, they now possess the individuals’ personal information, leaving them vulnerable to identity theft and further fraudulent activities on other platforms.
What to Do: Protecting Yourself from Loyalty Points Scams
Be Skeptical of Unsolicited Messages: Never trust unsolicited text messages or emails claiming your loyalty points are expiring. Legitimate companies typically communicate through official channels, such as their mobile app or official website.
Access Loyalty Program Independently: Instead of clicking on links in messages, access your loyalty program’s app or website independently by typing the URL directly into your browser or using a bookmark you’ve saved.
Don’t Click on Suspicious Links: Avoid clicking on links included in text messages or emails, especially if you are unsure of their origin. Hover over the link to inspect the URL before clicking, and if in doubt, contact the company directly through their official contact information.
Enable Two-Factor Authentication: If your loyalty program offers two-factor authentication, enable it. This adds an extra layer of security, making it harder for scammers to access your account.