Subscribe

Starbucks scam targets coffee chain consumers: How to protect yourself (+video)

The auto-reload function on Starbucks gift cards has opened the door for criminals to steal up to thousands of dollars from victims' bank accounts. 

Starbucks card users beware: A scam has hackers using Starbucks loyalty cards and mobile payments to steal hundreds, and even thousands, of dollars from victims' credit cards in a scheme one consumer advocate calls "so ingenious they don’t even need to know the account number of the card they are hacking."

While it's unclear how much criminals have stolen so far, the problem is widespread and the potential for scammers is significant: Starbucks said it processed $2 billion in mobile payment transactions last year, according to reports.

The key to the Starbucks scam is the auto-reload function, which allows Starbucks gift card or mobile payment users to automatically reload their Starbucks card from a linked credit or debit card once the Starbucks card dips below $10.

As such, criminals are able to steal money from bank accounts – without knowing a consumer's account number, username, or password – by using Starbucks cards linked to those accounts.

In the case of one victim, who wrote about her experience in an article for the now-defunct blog Gigaom titled, "How scammers drained $1,700 from my bank account using Starbucks cards," scammers repeatedly transferred her automatically-reloaded Starbucks card balance onto a card of their own in $30 and $60 increments until they had depleted $1,700 from her account. 

In a statement, Starbucks said, "We have safeguards in place to constantly monitor for fraudulent activity and work closely with financial institutions to make sure our customers are protected."

But consumer advocates like Bob Sullivan are suggesting Starbucks card users immediately disable the auto-reload function on their Starbucks cards and mobile payments.

The  scam is representative of a recent shift in consumer hacking. Criminals have begun focusing less on banks and financial institutions, which now have more protections in place and are therefore harder to hack, and more on third-party retailers.

“Fraud is moving away from banks into big ecommerce companies,” Avivah Litan, a fraud analyst at consultancy Gartner, told Mr. Sullivan. “Criminals are learning how to turn rewards programs, points, and prepaid cards into cash.”

Cardholders can control their security, however. Consumer advocates are advising those who use merchant cards to use strong passwords, change passwords often, monitor their accounts closely, and turn off auto reload options on their accounts.

Meanwhile, Starbucks has assured consumers that it is aware of the problem, and that card users won't be on the hook for unauthorized charges.

"[C]ustomers are not responsible for charges or transfers they didn’t make. If a customer registers their Starbucks Card, their account balance is protected by Starbucks," spokeswoman Maggie Jantzen said in a statement. "As soon as we were contacted by the customer of this activity, we worked quickly to resolve her concerns."

About these ads
Sponsored Content by LockerDome
 
 
Make a Difference
Inspired? Here are some ways to make a difference on this issue.
FREE Newsletters
Get the Monitor stories you care about delivered to your inbox.
 

We want to hear, did we miss an angle we should have covered? Should we come back to this topic? Or just give us a rating for this story. We want to hear from you.

Loading...

Loading...

Loading...

Save for later

Save
Cancel

Saved ( of items)

This item has been saved to read later from any device.
Access saved items through your user name at the top of the page.

View Saved Items

OK

Failed to save

You reached the limit of 20 saved items.
Please visit following link to manage you saved items.

View Saved Items

OK

Failed to save

You have already saved this item.

View Saved Items

OK