At least 60 percent of Americans had gift cards on their Christmas wish list this year – continuing the decade-long dominance of these convenient and versatile pieces of plastic as the most popular holiday present, according to the National Retail Federation.
Many recipients likely are heading to stores or logging on to websites to redeem the cards and take advantage of after-Christmas clearance sales. But some may find that an enterprising criminal already drained the money from their card before they had a chance to unwrap it.
Consumer Reports has noted schemes scammers use to tap into a gift card recipient’s account and steal the money loaded on the card.
A thief may slip gift cards off a store display rack, copy the serial numbers and security codes, or PINs, off the back – after scratching off the strip covering each card’s code – and carefully replace them on the rack.
A consumer then unwittingly purchases one of the cards, which may have been doctored with a replacement strip. The thief, who is monitoring the card’s status online, learns when it is activated and loaded with money that he can steal before the legitimate recipient has a chance to spend it.
A more tech-savvy thief may not need to tamper with physical cards. Instead, he might use a botnet – a network of hijacked personal computers – to hack into activated card accounts, by entering a series of gift card numbers on the retailer webpage that allows card owners to check their account balances.
Giant Eagle was the target of a gift card scheme in 2015, led by Alexander Rodriguez of Pittsburgh. According to court documents, Rodriguez, now 29, created an algorithm that generated a random number combination consistent with Giant Eagle gift card serial numbers. A second person would contact Giant Eagle to check if there was any money balance associated with the numbers. For those that had a balance, Rodriguez printed barcodes and taped them to the back of used gift cards, which were used to purchase pre-paid Visa debit cards in the grocery chain’s self-service checkout lanes.
While Rodriguez and his accomplices used the ill-gotten debit cards to pay for rental cars, hotel rooms and money orders for buying drugs, authorities said, customers who legitimately purchased gift cards with codes stolen in the scam were unable to spend them.
Rodriguez pleaded guilty to theft by deception and other charges and was sentenced to pay fees and restitution of $6,115 and to serve six to 12 months in prison followed by two years of probation.
Accomplices Craig Coppaway, now 49, and David Brown, now 27, both of Pittsburgh, entered guilty pleas and each was ordered to pay more than $3,000 in fees and restitution. Coppaway was sentenced to three years of probation, the same term Brown faced after serving three to six months in prison.
All three men were ordered to have no contact with Giant Eagle stores.
Spokesman Dick Roberts said Giant Eagle goes to “great lengths to eliminate theft, fraud and other occurrences across all of our locations and via our website by implementing a variety of store-level security measures and urging our retail team members to remain vigilant and work with customers who may be victims of attempted fraudulent activity.”