Requests for gift cards now make up 65 percent of fraud attacks on business emails. Loss prevention specialist Chargebacks911 urges employers to educate employees and use strong email security procedures, especially as the holiday season approaches.
(Tampa Bay, FL) September 24, 2019— A fast-growing tactic known as business email compromise (BEC) ties into another major concern leading into the holidays: gift card fraud. The Cyber Intelligence Division of email security firm Agari recently issued a report stating that 65 percent of BEC attacks include gift card fraud.1 Chargebacks911, a leading dispute mitigation and loss prevention firm, warns businesses to combat this type of fraud by educating employees and using strong email security procedures.
With the holidays approaching, getting emails at work about parties and gifts won’t be out of the norm—meaning employers and employees need to be aware of BEC and gift card fraud risk, said Monica Eaton-Cardone, co-founder and chief operating officer (COO) of Chargebacks911.
In this type of fraud, the fraudster gains access to the business email system and impersonates an employee, often a high-ranking executive, sending requests to lower-level employees requesting that recipients purchase gift cards—which are difficult to track, easy to buy and hold value just like cash, said Eaton-Cardone.
“The people generating BEC gift card requests are skilled at hiding them in the normal flow of an email, sending them to arrive at the beginning of the business day and bearing subject messages such as ‘important’ or ‘urgent,’” Eaton-Cardone said. “Some fraudsters employ artificial intelligence tools to mimic the style and vocabulary of people in the organization. To combat this problem, employees need to be explicitly authorized to confirm any request for an unusual expenditure by contacting the putative sender. This will be particularly important during the coming holiday season, when unusual requests and deviations from normal procedure may more easily pass unnoticed.”
Among the most common requests are physical or electronic Apple iTunes gift cards and Amazon gift cards.2
BEC is a massive threat. The U.S. Department of Justice arrested 281 people in early September in an international sting operation.3 The Federal Bureau of Investigation reports that between June 2016 and July 2019 there have been more than 166,000 domestic and international reports of email fraud resulting in more than $26 billion in losses.
Eaton-Cardone said that businesses can prevent BEC attacks by:
- Abiding by PCI compliance standards, including requiring employees to lock all computers when away even momentarily.
- Educating employees about this fraud threat and what to watch for.
- Monitoring authentication requests for all internal email addresses. Flag and block unfamiliar devices or suspicious IP addresses.
- Watching for gift card purchases with a suspicious transaction value, making them subject to manual review.
Both consumers and merchants can end up paying the price for BEC-enabled gift card fraud, said Eaton-Cardone. For example, a customer might insist that a transaction was fraudulent and try to recover the money spent by using a chargeback. This is an example of deliberate chargeback abuse–even though it was at the behest of a criminal, the customer did knowingly authorize the purchase, she said.
Chargebacks911 is dedicated to educating and supporting eCommerce merchants with services designed to boost revenue, shrink chargebacks and defeat fraud. To that end, Monica Eaton-Cardone and her team will be participating in the IATA World Financial Symposium in Miami on September 23. For details on Chargebacks911’s comprehensive risk management solutions, informative articles and other merchant resources, visit https://chargebacks911.com
About Chargebacks911/The Chargebacks Company
Chargebacks911 empowers businesses to combat constantly evolving fraud tactics and mounting customer disputes that directly threaten profitability. Operating as The Chargeback Company in Europe, Chargebacks911 has pioneered effective, industry-leading solutions designed to reduce chargeback fraud, alleviate processing costs, mitigate risk and recover revenues.
The company’s unparalleled expertise and proprietary technology have earned three consecutive CNP Customer Choice Awards for Best Chargeback Management Solution, three successive AI Lions’ Den Awards for Best Airline Industry Solution, and Gold and Silver Stevie Awards from the American Business Awards (ABA). With innovative and highly scalable services ranging from Intelligence Source Detection™ (ISD) to Tactical Representment, Chargebacks911 uncovers the true source of chargebacks, battles unjustified disputes, rescues lost revenue, safeguards reputations, and defends against relentless, ever-changing cyberthreats.
“Q3 2019 Email Fraud and Identity Deception Trends,” Agari Cyber Intelligence Division, July 2019.
Whitney, Lance, “How organizations and employees can protect themselves against financial email scams,” Tech Republic, July 23, 2019.
S. Department of Justice, Sept. 10, 2019.
# # #
Karla Jo Helms