Security News > 2024 > May > FBI warns of gift card fraud ring targeting retail companies
The FBI warned retail companies in the United States that a financially motivated hacking group has been targeting employees in their gift card departments in phishing attacks since at least January 2024.
Should the hackers succeed in breaching the victim's corporate gift card department, they use compromised employee accounts to generate fraudulent gift cards.
"In one instance, a corporation detected STORM-0539's fraudulent gift card activity in their system, and instituted changes to prevent the creation of fraudulent gift cards," the FBI said in a Private Industry Notification [PDF] issued this week.
"STORM-0539 actors continued their smishing attacks and regained access to corporate systems. Then, the actors pivoted tactics to locating unredeemed gift cards, and changed the associated email addresses to ones controlled by STORM-0539 actors in order to redeem the gift cards."
The FBI's PIN follows a mid-December warning from Microsoft, which cautioned of a surge in Storm-0539 gift card fraud and theft attacks during the holiday season.
"With each successful compromise, Storm-0539 escalates privileges, moves laterally, and accesses cloud resources to collect specific information. Storm-0539 enumerates internal resources and identifies gift card-related services that can be used for gift card fraud."