A guide to gift card scams | The Daily Nexus

A guide to gift card scams

October 30, 2025 at 11:34 am by Rebecca Raymond

You feel your phone vibrate as you hurry to the office, already running a few minutes late. It’s an email from your boss:

Hello,

One of our clients is visiting us in the office today; we need a gift card to give them as a “thank you.” It’s urgent as they’ll be leaving soon. Could you pick up a few $100 Apple gift cards and send me the codes? I’ll reimburse you later.”

From anyone else, you would hesitate and procrastinate until you come up with an alternative that doesn’t demand you to spend hundreds of dollars out of pocket. But all you can think about is how your boss will see you – diligent, dependable, responsive – if you carry out their instructions to the letter.

Unfortunately, that message was not actually from your boss. Once you send the codes, the cyber attacker instantly redeems the gift cards and all your hard-earned money is gone. When you arrive at work and realize your boss never actually required you to get a gift card, you attribute it to some misunderstanding. No harm done, right? That is, until you check the card’s balance and discover that it’s empty.

This may seem like a rare mishap, but gift card scams are becoming increasingly common. In 2023: $217 million dollars were lost to gift card scams, and this figure continues to rise. Gift card scams come in various forms: Some involve the attacker pre-recording the pin number of gift cards already in stores so that they can immediately obtain the money as soon as the buyer activates it. Other attack methods may involve a request for payment via gift cards from someone impersonating a boss who needs a favor, or a government official demanding payment.

To evoke urgency, attackers often exploit human instinct to help and please superiors. Consequently, a young intern eager to prove themselves and to make a good impression is the perfect victim — and this pattern has been seen in scams affecting students at UC Santa Barbara.

Audra Hanlon, a recent graduate of mathematics and statistics at UCSB, had been working in a large retail company for two summers, having recently gotten a promotion. She received an email from a scammer who first tried to gain her trust by impersonating her CEO and congratulating Hanlon for her hard work and for getting her promotion. “From the initial email, you couldn’t see anything weird at all,” Hanlon related. “The company was not so big that getting an email like that would be unusual.”

When Hanlon replied back, expressing her gratitude, the email was immediately followed up with a request urging Hanlon to purchase gift cards from the company. This seemed suspicious and she clicked on the domain of the address to reveal one with random numbers and letters, which immediately alerted Hanlon to the scam.

“It can feel very exciting and rewarding to get an email from someone higher up,” Hanlon said. “But it’s always important to check the domain of the email and be cautious about that, because your excitement at being acknowledged can overpower your awareness about checking for possible scams.”

Isabel Stice, a fourth-year environmental studies and economics double major, experienced a similar scam attempt while working for an environmental nonprofit. The company would often give small, sponsored gifts to people that contributed generous donations. It was a small group —five workers and four interns — so when Stice received a text from her boss asking her to pick a few things up at the shops, she didn’t think twice.

When the sender specified that she needed to get gift cards from high-end retailers like Sephora, Stice grew suspicious, as these brands did not fit with the company’s mission of supporting local, small-scale businesses. Following her suspicions, Stice looked up her boss’s phone number in a group chat and found that it was completely different. Stice blocked the number and immediately called her boss who confirmed the message was fake.

“I was so overwhelmed,” Stice said as she describes how easy it was to initially believe the scam. “As an intern, all you want to do is impress your boss and show them you have a good work ethic.” The scammer had mimicked her boss’s tone perfectly. “It included ‘please’ and ‘thank you,’” Stice recalled. “It wasn’t super direct or intimidating, it was very kind, which is in line with who my boss is.”

Resisting this scam demands more than noticing grammatical errors or ignoring unknown senders — it requires presence of mind, questioning whether requests from someone you know seem reasonable and proactively verifying them when concern arises.

Guidance extends to all purchases of gift cards: it’s advised to inspect gift cards before buying them, ensuring that the protective stickers are intact and that the pin number at the back is not already showing. Buying gift cards from online auction sites carries higher risk of fraud, so it’s advisable to buy gift cards directly from trusted stores.

College campuses provide a prime target for gift card scams involving requests from a supervisor or professor. Students are advised to examine the sender’s information and check that it matches previous records. When receiving an unusual request, it is vital that you contact the sender directly to confirm before proceeding with the request.

“Vigilance is your best defense,” Jackson Muhirwe, Chief Information Security Officer and Director of Information Assurance at UCSB, said. “Always pause and verify any unexpected request for money or personal data, regardless of the sender. Treat every unsolicited email as suspicious, remembering the simple rule: if the offer seems too good to be true, it is likely a scam. By committing to this principle of ‘verify, then click,’ we can collectively defeat these scams.”

A version of this article appeared on p.12 of the October 23, 2025 edition of the Daily Nexus.