Crooks will use familiar tricks such as a SysKey scam or infect the target computer with a virus, claiming the effects were due to an expired Microsoft security license. They will then request a payment to renew this license. This must be done specifically through gift cards; usually iTunes or Google Play.
This led them to adopt the gift card strategy. A wire transfer is difficult to complete because the transaction logs create a "breadcrumb trail" leading directly to the scammer. A gift card, however, is much harder to track. If the scammer asks the victim to buy a gift card and transmit the code on the back over the phone, the transfer is not recorded at all. This makes it nearly impossible for anyone to track the scam.
The trick is to trick the user into handing over a gift card code. While scammers have shifted from cash payments to gift cards, their methods of scaring users into paying haven't changed much. The scammer poses as a Microsoft technician, who informs the user that their security has expired. They may ask to establish a direct connection to access the victim's computer, where they then invent their own problem. Once inside, they can infect the target with a virus, or lock it behind a SysKey and pretend it's malware. They then pretend that they can solve the problem; for one price, all in gift cards.
Once the victim purchases gift cards and donates the codes, the scammer has two choices. They could cash in the code themselves and use it to buy goods, but it could create a small bond between the scammer and the victim. As such, codes are more likely to be sold online at a slight discount to make them more appealing to customers. For example, a $100 gift card could be sold online for $90. The buyer gets $10 "free", and the scammer gets paid for their work.
So how much do users lose on average? The answer may be a little higher than you first think. The BBC reports that gift card scams in the UK average a loss of £1,150; it's around $1,500 at the time of writing. These attacks don't just attack stupid change; they extract huge sums of money from unsuspecting victims.
Fortunately, these types of scams are easy to spot. Never, ever obey someone who asks for gift cards for payments. No institute or company will ever request payment for services through gift cards. These are only redeemable on their respective stores, and they cannot derive any monetary value from them.
It is essential to also inform other people who may be exposed to this type of attack. The BBC report on gift card scams says the majority of victims were aged 65 and over, so be sure to tell any family or friends you think might be susceptible.
With cash-based transfers becoming risky for scammers, they turned to the much more discreet gift card method. Luckily, this opens up an easy way to protect yourself. Never use a gift card for payment outside of the service for which the card was intended. No official company will ask for gift card codes.
What do you think of this scam method? Let us know below.