• Gift card/work scam

    Posted by ANUYAN on April 6, 2021 at 3:47 pm

    Please read for a bit of a warning if you work as a cashier and/or to inform other older people! It’s a bit long, so there’s a TL;DR at the end, as well.

    So today at my work, this older lady (lets call her V) came in to open a store credit card. She had done it through customer service and it was normal so no one thought anything of it. She then asked for help on how to use her camera because she wanted to send a receipt of the credit card purchase (first red flag). My manager (call her M1), thinking she was just trying to keep it as proof, showed her how to take a photo on her new phone. V then proceeded to send the picture to the scammer “boss.” Then, about 10 min later she came back and wanted to buy a $100 gift card and stated that it was for her boss. M1 called security to come because she thought that it sounded scammy. Security actually spoke on the phone with the scammer and informed V that it was likely a scam. V states that it was actually her boss and proceeds with the purchase.

    One hour later, V enters the store again and this time she speaks to a cashier (calling them C1). I overheard the conversation and this time she wanted to purchase one $100 gift card and one $200 gift card. I walk over to C1 and inform her that V is likely being scammed. V insists that it is her boss and C1 checks her out.

    About 20 minutes later, V comes back and wants to buy a $500 gift card. Another manager (M2) is working customer service. I had already told M2 about the scam. M2 tells V that it is a scam and that if she wants to proceed with the purchase, she has to go to self checkout because we can’t keep allowing it by checking her out. She is helped at self checkout to purchase with her new store credit card and then leaves.

    Should the managers and the cashier have let her purchase the gift cards? We had told her several times that she was being scammed, but she didn’t want to listen. I’m pretty sure it’s a mix of a job and gift card scam, and the “boss” probably told her that he would reimburse her (with most likely a fake check that will bounce).

    Thanks for any advice in advance!

    TL;DR Old lady being scammed comes in repeatedly to buy gift cards for a “boss” that probably doesn’t exist and is convinced that he is her boss. Managers and cashiers let her purchase the gift cards for scam after informing her multiple times.

    Kenneth replied 3 years, 1 month ago 3 Members · 2 Replies
  • 2 Replies
  • Dawn

    Member
    October 9, 2021 at 6:34 am
    Newbie

    Thank you about the gift cards. Didn’t know much about this or other scams. Really thanks for this website Scamblox.io keep up the good work.

  • Kenneth

    Member
    October 18, 2021 at 6:02 am
    Newbie

    I lost big on this, I can’t lie

Log in to reply.

Trustscore

Domain: dropbox.com

Established: 1995-06-28

Server IP Address: 205.251.193.59

Domain Blacklisted: No

In computing, a blacklist, disallowlist, blocklist, or denylist is a basic access control mechanism that blocks all malicious elements (email addresses, websites users, …)

Suspended Site: No

When your website account is suspended, it means the hosting provider has temporarily taken it offline. Website hosts often suspend websites for a myriad of reasons ranging from malware to spam.

Email (MX) Configured: Yes

Verification that the website has its entity’s proper IMAP (Inbox) and SMTP (Outbox) mailbox servers configured correctly.

DMARC Configured: Yes

DMARC is an open email authentication protocol that provides domain-level protection of the email channel. DMARC authentication detects and prevents email spoofing techniques used in phishing, business email compromise (BEC), and other email-based attacks.

SSL Cert Blacklisted: No

Hackers have discovered ways to circumvent, alter, or abuse SSL certificates. An SSL certificate blacklist is a list of untrustworthy SSL certificates that have been created and can potentially harm users.

Website Popular: No

Risky TLD: No

The TLD (Top Level Domain) are the last characters of an entity’s website name, such as .com, .org, etc. Cyber-criminals and threat actors prefer a small set of 25 out of the thousands of available extensions, which accounts for 90% of all malicious sites. A Risky TLD is verification that the domain name is not to be trusted.

Heuristic Pattern: No

If a website uses Heuristics, then it is a scanning method that looks for malware-like behavior patterns. It is commonly used to detect new or not-yet-known malware.

Risky Geolocation: No

Verification to an entity’s geolocation status being labeled as ‘Risky’.

Suspicious Domain: No

Verification the entity’s domain is not listed as being “Suspicious”.