Loyalty Fraud: What it is, how it happens and what you can do about it

Alina BÎZGĂ

April 20, 2023

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Loyalty Fraud: What it is, how it happens and what you can do about it

Loyalty programs in the retail, travel and hospitality industry offer monetary rewards, discounts, special incentives and many other benefits for consumers.

Globally, loyalty programs are a billion-dollar business, making them highly attractive to cybercriminals; studies show loyalty fraud accounted for more than 1 in 4 fraud attempts on online marketplaces in 2021.

What is Loyalty Fraud

Loyalty Program Fraud, also known as rewards fraud, happens when a malicious individual abuses a merchant reward program for financial gain. Specifically, an estimated $48 billion of unspent loyalty points are up for grabs, making this type of fraud a potentially risk-free and highly-rewarding criminal opportunity for scammers.

How loyalty fraud happens

Rewards program fraud can take many forms, but the most popular exploits include:

· Account takeover attacks – when fraudsters take control of customer loyalty accounts to steal their balances and redeem their rewards. This can happen due to poor password management (password reuse/recycling), social engineering schemes (phishing) or vulnerabilities in retailers’ systems.

· Phony loyalty programs – scammers can spawn fake rewards programs and use social media platforms to trick consumers into sharing personal and financial data that can be used to conduct identity theft crimes.

· Internal fraud – this type of crime is committed by an insider working in the company

· Data breaches – another risk for loyalty account owners are data breaches. Your accounts hold a variety of data and sensitive information that can be used to compromise you financially.

Loyalty accounts are worth a lot of money. How to protect your digital assets and identity.

Loyalty program fraud inflicts over $1 billion in losses every year. Once cybercrooks tunnel through a rewards account, they can redeem points for money, transfer them to another account, auction benefits on the dark web, and use any related information to conduct additional crimes.

Here’s what you can do about it:

  • Mitigate account takeover attacks by ensuring your loyalty accounts are secure with unique passwords and two-factor authentication (wherever possible)

Pro tip: use a password manager to mitigate password management oversights and ensure that you don’t accidentally land on a copycat website that will steal your credentials and info.

  • Check your point balance frequently. Around 57% of loyalty program members don’t check their reward balance. Review your rewards’ account balances as you would your financial accounts to ensure that no fraudulent transaction has occurred. Report suspicious activity directly to the organization.
  • Delete any inactive/old accounts you no longer use to prevent fraudsters from taking over your accounts and stealing your data. Loyalty accounts are often overlooked by customers who falsely believe they’re not attractive targets for cybercrooks. They couldn’t be more wrong – any affiliated data can be collected and sold online.
  • Educate yourself about the latest phishing trends and install a security solution to protect against phishing, malicious software and fraudulent websites masquerading as legitimate businesses.
  • Never provide passwords or other financial/sensitive information via unsolicited correspondence or messages

Digital Identity Protection to help you prevent loyalty fraud

Have you forgotten about all the rewards accounts you’ve created over the years, or you’re not sure if your info was exposed in a data breach? Use Bitdefender’s Digital Identity Protection to:

  • Learn the extent of your digital footprint and find old accounts linked to up to 5 email addresses
  • Instantly check if your data was leaked in a recent or older data breach and learn about your individual risks
  • Stay on top of data breaches with 24/7 alerts
  • Prevent financial loss and social media impersonation

Check out our security and Identity protection plans here.

tags


Author


Alina BÎZGĂ

Alina is a history buff passionate about cybersecurity and anything sci-fi, advocating Bitdefender technologies and solutions. She spends most of her time between her two feline friends and traveling.

View all posts

You might also like

Bookmarks


loader