Your gift card might not be worth anything It’s the gift that keeps on giving for cybercriminals. The accounts connected to gift cards are being wiped out as quickly as a teenager with cash at a shopping mall.Luxury retailers, supermarkets, and major coffee distributors with gift card processing capabilities are all the target of a new widespread cybersecurity attack.Hackers are using a bot, dubbed GiftGhostBot, to test a list of potential gift card account numbers at a rate of 1.7 million gift card numbers per hour. It is believed that once they correctly identify gift card numbers, they are draining balances for resale on the dark web. On one retail customer site, there have been peaks of over 4 million requests per hour, nearly 10 times their normal level of traffic. The company that identified the attack, Distil Networks, has tracked activity on nearly 1,000 customer websites. In several instances, over half of the traffic on the website was on the gift card page alone, indicating a very targeted attack. Fraudsters are using automation to test a list of potential account numbers and requesting each balance. If successful in obtaining the balance, fraudsters can resell the account number on the dark web or use them to purchase goods. Distil wrote on its site: “If the balance is provided, the bot operator knows that the account number exists and contains funds. For a cyber thief, the beauty of stealing money from gift cards is that it is typically anonymous and untraceable once stolen.”GiftGhostBots are being distributed across worldwide hosting providers, mobile ISPs, and data centers, executing JavaScript to avoid detection. “Like most sophisticated bot attacks, GiftGhostBot operators are moving quickly to evade detection, and any retailer that offers gift cards could be under attack at this very moment,” said Rami Essaid, CEO of Distil Networks. “While it is important to understand that retailers are not exposing consumers’ personal information, consumers should remain vigilant. Check gift card balances, contact retailers and ask for more information. In order to prevent resources from being drained, individuals and companies must work together to prevent further damage.”According to Distil: If you have tried to check your balance on a gift card recently, you may have noticed that many retailers could not provide you with that information online. Instead, you received a message to contact customer service by phone. This is done because gift card payment processes on websites are under sustained attack from sophisticated bad bots trying to defraud people from the money loaded onto a card.Distil said consumers’ personal identifiable information is not at risk in this scam. The research company recommends consumers check their gift card balances regularly, and use the gift cards frequently and if they see this kind of activity to contact authorities.Have you had this same experience? Head to Facebook to add your comment. Related content news Buying fraud right off the virtual rack Report states online attacks continue to rise, especially for retail sites By Ryan Francis Apr 26, 2017 7 mins Fraud Security news analysis The 7 worst automation failures A list of the moments when technology monumentally backfired, putting security at risk. By Ryan Francis Apr 14, 2017 7 mins IT Strategy Network Security Security news Report says smart people do dumb things online People from the religious and legal fields were considered lazy for not following security standards. By Ryan Francis Mar 21, 2017 3 mins Identity Management Solutions IT Skills Data and Information Security news Report finds the security of confidential documents is a significant problem 60 percent of survey respondents say sensitive documents have accidentally been sent to the wrong person. By Ryan Francis Mar 14, 2017 4 mins Data and Information Security Privacy Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe