A Warning about Stolen eGift Cards from Email

I've tried to find out whether this has happened to anyone else but it doesn't seem like many have posted about it. It seems that someone managed to get into my emails and went to spend all of the egiftcards in another state. Interestingly, on one egiftcard, they used a small amount in one state and most of it in one store in another state, suggesting that this could be a criminal network? Has anyone had this happen to them? Tried to report this to police but they directed me to report it at cyber.gov.au. Haven't heard much from them since.

Comments

  • Should also add that Woolworths didn't want to talk to me about it. They said that they will only deal with the police. This is just a warning not to leave egiftcards in your emails. Having said all this, we've saved $$ more than we lost in this raid so it's not all bad. Just have to remember that sometimes the threat online is greater than the threat in the world (hence why many of us switched from buying physical giftcards to egiftcards)

    • +3

      If you're email is accessed, there is lot more to worry about than giftcards. If this is Gmail for example, one would check if your Google Pay account is compromised. Then if you use same email as Payal, I would check that too.

      • Paypal has 2FA. It was an ISP email address. But yeah.. trying to think what else doesn't have 2FA that they could have tampered with.

  • I need some groceries. What is your email password?

    • too late

    • +2

      Oopsie, I think it is in your username :)

  • +2

    At least you didn't lost your $100,000 housing deposit.

    • yeah I keep it in perspective. Having said that.. 5% of $100,000 would have been a $5000 saving on groceries..

  • +3

    If they had access to your email, I'd be changing passwords for other sites as well

    Not hard to submit a "forgotten password", click through the email then delete the email, and you'd be none the wiser

    Guessing you hadn't setup 2FA?

    • +1

      for email? was using my ISP's email which nowadays is less secure than those provided by Google. Who would have thought?

  • Ask your ISP for access to logs?

    • apparently can't provide it because of privacy??

      • They are trying to protect privacy of the account holder who's asking about themselves?

        Seems like they're hoping that you go away. I guess an employee at ISP may have accessed your emails.

  • … someone managed to get into my emails and went to spend all of the egiftcards in another state.

    Are these egiftcards of various different stores, or one particular store only?

    • various stores

  • ';—have you been pwned?
    https://haveibeenpwned.com/

  • Did you buy all your e-gift cards from the one provider? Have you checked to see if you can still login there? Seems odd that they’d access your email and go searching through.

    I’d change your passwords on EVERYTHING, use a password tool like bit warden to change them. (https://bitwarden.com).

    Stick your email and password into https://haveibeenpwned.com/ and also their list of passwords that have been compromised recently. https://haveibeenpwned.com/Passwords

    I also agree on pushing your ISP for details if anyone has accessed your account from outside Australia.

    • there were some giftcards from WISH (woolworths) and one was from Coles which was purchased while I didn't know I had been hacked and it was spent the following day. Yeah I've checked the haveibeenpwned website, thanks for the link about the password but no my password was not in that.

Login or Join to leave a comment