📜 ⬆️ ⬇️

Starbucks can't handle scammers stealing their customers' money

The Starbucks Coffee company, which owns the largest chain of coffee shops in the world, cannot defeat the scammers who devastate their bank cards. The fraudsters, hacking into the network’s client account, withdraw money from a bank card through gift certificates, which they then sell.

The victims of the scam were those of Starbucks customers who, having registered an account on the company's website, tied their paypal wallet or bank card information to it. This combination allows you to buy electronic gift cards and even send them to an arbitrary e-mail. Then these cards can be paid in the network of coffee shops.

Apparently, hackers exploit natural laziness and lack of basic skills of Internet security in people who very often use the same usernames and passwords. Taking advantage of a database of passwords that periodically flow into the network from different sources, it is easy to get access to online accounts of Starbucks clients.


Mobile app
')
After that, the hacker gets full control over the account of the victim. In the account itself, you can buy a new gift card using the attached means of payment and send it electronically to the desired email. Confirmation of the purchase is sent to the email account attached to the account - but it can be easily changed. The account owner will receive on the old email only a notification about the change of email. To prevent the victim from noticing the alarming emails, some ingenious fraudsters simultaneously send spam mountains to her address, in which an important letter can be easily lost.

The functions of automatic replenishment of gift cards, on which funds are exhausted, combining several cards into one and transferring funds between the cards allows emptying a bank card in a few minutes. Cards obtained in this way are sold by robbers on the forums for a small part of their value. There is even a real example of an ad in which the seller promises to send the card data worth $ 100 for only $ 35, and even promises a guarantee if the card is invalid.

One of the first complaints of this kind of fraud appeared in the group of the company on Facebook in January 2014 . The woman complained that the hackers spent $ 400 from her account to purchase four gift cards. It would seem that quite a lot of time has passed since that moment in order to understand the existing holes in the system and cover them. But it seems that the company does not take seriously the problems of its customers. For example, last year it became clear that a mobile application that allows you to make purchases in coffee shops using smartphones, stored the username and password in the clear .

Starbucks Coffee owns a network of more than 20,000 coffee houses in 64 countries. The network first came to Russia in 2007.

Source: https://habr.com/ru/post/356746/


All Articles