Other ways to search: Events Calendar | UTHSC

SPAR – Cybersecurity Scam of the Week – $148 Million Lost to Gift Card Scams in 2021 (So Far)


Gift card scams. GIFT CARD SCAMS! We’ve seen them on campus. We’ve seen many Dean’s names spoofed asking for a “favor”. The US Federal Trade Commission (FTC) has reported that people in the U.S. lost $148 million to gift card-related scams in the first nine months of 2021. The report also found that median reported losses from these scams increased from $700 to $1,000 throughout the same period.

“According to reports received by the FTC, scams demanding gift cards most often start with a phone call from someone impersonating a well-known business or government authority,” the report says. “Many people report that a scammer posing as Amazon or Apple told them to send pictures of the numbers on gift cards to fix a supposed security problem with their account. Sometimes they call those numbers ‘security codes.’ But the only thing the numbers are good for is taking the money on the card. Other people report that a scammer claiming to be the Social Security Administration said their bank accounts would be frozen as part of an investigation. They’re told to buy gift cards to avoid arrest or to secure access to their money. Reports also show that scammers asking for gift cards pretend to be a love interest, employer, sweepstakes or lottery company, or family member in trouble.”

The FTC also notes that scammers appear to favor Target gift cards.

“In the first nine months of 2021, over twice as much money was reported lost on Target gift cards than any other brand,” the FTC says. “Google Play gift cards were next, followed by Apple, eBay, and Walmart cards. Scammers also tell people where to buy the gift cards. In the first nine months of 2021, people who reported losing money buying gift cards mentioned Target stores more than other retailers. Reports suggest that Walmart, Best Buy, CVS, and Walgreens stores are also popular with scammers.”

The FTC has the story.

What else has been reported to abuse@uthsc.edu this past week?

  • [Ext] Order:Number:#4KM15L41_66 – wanting the recipient to click on an attachment
  • [Ext] Order:ID:55HN52S78_22 – the same recipient got this one too. Scammers were on a role. Thanks to the training of the recipient, both got reported and stopped.
  • [Ext] Order:ID:256TG788-66 – seeing a pattern here? This one was delivered to someone else, but still go reported!
  • [Ext] Receipt:ID:#154SX323-11 – and another one!  “Order” didn’t seem to work, so they tried “Receipt”.
  • [Ext] Transit:Number:634GB658-77 – another one!  Maybe “Transit” will work.
  • [Ext] Your Plan Auto-Reactivation has been Processed | Product Id. D102G19SE24873 – a variant of the Norton scam, this one spoofed the Geek Squad
  • [Ext] INVOICE NOR20211216FZM – the week wouldn’t be complete without a Norton auto-renewal scam.
  • [Ext] Just Checking In – an attempt to start a conversation leading to a gift card scam
  • [Ext] **NedID** Payroll Statement December 16, 2021 – many red flags on this one. The subject line said Payroll statement, but the attachment was titled “Invoice”. The Sender was “Uthsc Service fax” but the email address was external.
  • [Ext] Uthsc Message Audio – a voicemail from the UTHSC system will not come from an external email address.

Have a wonderful holiday season! Keep reporting suspicious emails to abuse@uthsc.edu for examination and any other inquiries for the Office of Cybersecurity should be directed to itsecurity@uthsc.edu.