How cybercriminals are using 'gift card trap' to get your personal data

While legitimate apps like Tokenfire and Swagbucks buy card codes from vendors, to then give them to clients as a reward for certain activities, CyberCriminals have apparently recognised the popularity of such websites and have decided to deceive users using a simple algorithm.

"The success of these new fraud schemes is based on criminals exploiting the drive of users to get something for free," Lyubov Nikolenko of Kaspersky Lab said in a statement this week.

"However, at best they will spend hours of personal time doing worthless tasks, and at worst lose money without receiving anything in return. So, if you want to get your hands on a free gift card, try to earn it on legal and trustworthy sites," Nikolenko added.

When on the fake site, the user is asked to select the gift card he/she wants in order to receive the code.

After that, the fraudulent mechanism is set in motion. To get the generated code, however, the user needs to prove that he/she is not a robot.

To do this, the user has to follow the suggested link and complete various tasks, the number and type of which are determined by the partner network to which the user is redirected.