Fraudsters have discovered a loophole in the Starbucks card program. U.S. and Canadian customers who utilize the Starbucks card have had hundreds of dollars drained from their accounts. Why? To some extent, it is due to users not choosing strong passwords to lock their accounts and using the auto-refill feature to link one’s credit card to their Starbucks account.
Security experts are reporting that criminals are easily guessing everyone’s password, leading them to transfer funds from the credit card account into another fraudulent account. As soon as these fraudsters access the accounts, they are able to change the email addresses and passwords. Since there is a verification code emailed to the user’s email address associated with the Starbucks account, fraudsters simply have to alter the email addresses in order to forward the verification into an email account that they have access to. So, attackers can transfer funds and authorize these transfers by simply changing the email addresses.
The Starbucks accounts, especially gift cards, are sold for a fraction of the original value on a black market forum.
Encrypt your data today! Check out our digital certificate technology at our ESignIT website!