Gift Card Scams: How They Work & How To Avoid Them

April 07, 2022

Cybercriminals are always looking for ways to make quick, easy money and gift card scams offer them a golden opportunity to use social engineering and sophisticated phishing techniques to score a payday. 

What are gift card scams?

Gift card scams are a kind of phishing attack. In the past, these frauds took place using wire transfers or other traditional means of transferring funds, but today’s scammers have turned to gift cards to defraud people and businesses of money.  

Learn the secret to ransomware defense in Cracking the RANSOMWARE Code. GET BOOK>>

Do people actually fall for gift card scams?

Unfortunately, many people fall for gift card scams every year. The U.S. Federal Trade Commission (FTC) says that about one in four people who report losing money to fraud says it happened through a gift card scam. In the first nine months of 2021, nearly 40,000 people reported $148 million stolen using gift cards. 

How do gift card scams work?

Gift card scams generally start with the scammer contacting their victim through an email, telephone call or text/SMS/app message. In this scam, crooks contact potential victims and instruct them to purchase or use a gift card to pay a bill or transfer funds.  The scammers often try to create a sense of urgency that compels the victim, saying things like their electricity will be cut off for non-payment unless they pay their bill by gift card immediately. Sometimes scammers prey on people’s fears of getting in trouble at work by pretending to be an executive at the victim’s company who needs money immediately.  

Why do scams ask for gift cards?

Scammers choose to use gift cards because they can get quick cash in a way that’s largely irreversible while remaining anonymous to easily cover their tracks. Gift cards are easy for people to find and buy, with fewer legal protections for buyers who are scammed than other payment options. 

See how to avoid cybercriminal sharks in Phishing 101. DOWNLOAD IT>>

How do gift card email scams work?

Gift card scams go down in a few common ways. In one scenario, a scammer contacts the victim by phone, claiming to be the representative of a commonly used brand of service provider like Apple, Amazon or a utility company. The scammer then informs the victim that there is a problem with the victim’s account and the victim must make payment immediately to avoid a negative consequence. The bad actor instructs the victim to send codes and photos on the back of the cards to complete the transaction.  

In another common scenario, a scammer claiming to be the victim’s boss contacts the victim with an urgent need, like paying a contractor, and requests the victim to go buy a gift card to fulfill it. The bad actor heavily implies that the victim is being asked to do a personal favor for the boss and may be in trouble if they refuse. This type of scam is generally conducted through an email, text or messaging app

Scammers often request the purchase of a specific type of money card, like Apple, Green Dot or Google Play. The bad actor may also request that the victim make the gift card purchases at several different stores.  

What are some gift card email scams?

The FTC provides several examples of gift card scams that they’ve encountered. Gift card email scams can include these scenarios: 

  • The victim gets an email from a bad actor masquerading as a government agency, like a tax authority, telling the victim that they owe taxes or fines that must be paid right away.  
  • A scammer claims via email or messaging app that they’re from Apple or Microsoft tech support, saying there’s something wrong with the victim’s computer or account and the victim must transfer money via gift card to fix it. 
  • An email arrives from a scammer claiming to represent a service provider like a utility company or a supplier that the victim uses regularly like Amazon, threatening to freeze the victim’s account if the victim doesn’t pay a balance immediately. 
  • The scammer emails or messages the victim, pretending to be a colleague or superior at the victim’s company. The bad actor then tells the victim there’s an urgent need for the victim to send the scammer money through a gift card. 

Learn how incident response planning boosts cyber resilience & security. GET THE EBOOK>>

How do I report an email gift card scam?

Any employee that spots a gift card scam being perpetrated should report it to their superior or administrator immediately. The FTC also advises that in the US, anyone who encounters a gift card scam should report it at, even if they didn’t pay the scammers, and local law enforcement if they did pay the scammers.  

How do you avoid gift card scams? 

Avoiding gift card scams requires awareness and caution, but it is generally safe to assume that if anyone calls, emails or messages a potential target asking for gift cards, they’re a scammer. No US local, state or federal government agency will ever ask for payment via gift card, nor will most legitimate businesses including service providers and utilities. If someone receives an unexpected message from a person claiming to be their boss or a colleague requesting a gift card, contact that person directly via telephone or video chat to ensure that they’re really who they say they are. When in doubt, trust your gut and don’t pay with a gift card. 

Protect Against Email Scams with Graphus

Graphus stops email phishing messages like gift card scams automatically using three powerful shields powered by AI. The smart algorithm harnesses machine learning to recognize a company’s traffic patterns and detect and quarantine suspicious messages without delaying communications.  

Plus, Graphus doesn’t just compare a message to a safe sender list. Instead, AI analyzes more than 50 points of comparison in the actual content of the message to spot sophisticated phishing messages – like the kind that carry ransomware, business email compromise threats and other costly cyberattacks.  

Best of all, Graphus is affordable for organizations of any size. Book a demo to see why Graphus is the perfect solution for your organization. 

Stay safe from even the most sophisticated cyberattacks and social engineering scams

Put the powerful TrustGraph® AI of Graphus to work for your business, and in minutes you’ll get a powerful, easy-to-use, and customizable EmployeeShield® against phishing attacks.
Get a Demo of Graphus