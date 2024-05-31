BENGALURU : Of late, gift cards have become one of the attractive targets for scammers. Be it sending a message, mail or requesting you to check the balance on gift cards, scammers go after them all.

McAfee says some scammers go to greater lengths by setting up phony online stores that only accept payment with gift cards. It says there are many gift card balance-checking sites that are actually phishing sites.

In its recent report, Microsoft warns against gift card frauds that are performed by Moroccan cybercriminals. In the report titled ‘Cyber Signals: Inside the growing risk of gift card fraud’, Microsoft reveals significant findings on the activities of Storm-0539, a cybercriminal group exploiting cloud and identity services to compromise gift card issuers.

Between March and May 2024, ahead of the summer holiday season, Microsoft observed a 30% increase in intrusion activity by Storm-0539. Between September and December 2023, it observed a 60% increase in attack activity, coinciding with fall and winter holiday.

The attack chain includes:

Using employee directories and schedules, contact lists, and email inboxes, Storm-0539 targets employees' personal and work mobile phones with smishing texts.

Once an employee account at a targeted organisation is infiltrated, the attackers move laterally through the network, trying to identify the gift card business process, pivoting toward compromised accounts linked to this specific portfolio.

They also gather information on virtual machines, VPN connections, SharePoint and OneDrive resources, as well as Salesforce, Citrix, and other remote environments.

After gaining access, the group creates new gift cards using compromised employee accounts.

They then redeem the value associated with those cards, sell the gift cards to other threat actors on black markets, or use money mules to cash out the gift cards.

Microsoft says that historically, payment and gift card fraud is associated with sophisticated malware and phishing campaigns. However, this group leverages their deep knowledge of the cloud to conduct reconnaissance on an organisation's gift card issuance processes, gift card portals, and employees with access to gift cards.

How to avoid scams