Gift cards are under attack by hackers, and consumers are being advised to check their balances.
Luxury retailers, supermarkets, and major coffee distributors with gift card processing capabilities are all the target of a new widespread cybersecurity attack, according to Distil Networks, which has tracked activity on nearly 1,000 customer websites.
Hackers are using a bot dubbed GiftGhostBot, to test a rolling list of potential gift card account numbers at a rate of 1.7 million gift card numbers per hour. It is believed that once they correctly identify gift card numbers with this brute force-like approach, they can resell the account number on the Dark Web or use them to purchase goods.
“Like most sophisticated bot attacks, GiftGhostBot operators are moving quickly to evade detection, and any retailer that offers gift cards could be under attack at this very moment,” said Rami Essaid, CEO of Distil Networks. “While it is important to understand that retailers are not exposing consumers’ personal information, consumers should remain vigilant. Check gift card balances, contact retailers and ask for more information. In order to prevent resources from being drained, individuals and companies must work together to prevent further damage.”