Cyber Security Today, April 7, 2021 – Hundreds of thousands of stolen gift cards on the market, and beware of WeTransfer and LinkedIn scams

Hundreds of thousands of stolen gift cards on the market, and beware of these WeTransfer and LinkedIn scams.

Welcome to Cyber Security Today. It’s Wednesday, April 7th. I’m Howard Solomon, contributing reporter on cybersecurity for


Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts


Online retailers are being warned to be careful of gift cards being used to pay for online purchases. The cards may be stolen. This comes after the cybersecurity firm Gemini Advisory this week reported that in February a threat actor auctioned off 895,000 stolen gift card numbers. They allegedly had a total balance of $38 million. They were apparently stolen from a now-defunct online marketplace that bought and sold unwanted gift cards from big firms like AirBnB, Amazon, Target, Walmart, Marriott, Nike and others. The same person was selling 330,000 credit and debit cards, also apparently from the same defunct website. The Gemini researchers think the gift and payment card information was stolen during a 2019 hack of the marketplace.

What can crooks do with those stolen gift cards? Try to purchase valuable goods and resell them, or sell the cards for cash to another gift card marketplace. As for the credit cards, they went for a relatively low price, probably because they were stolen two years ago. By now banks would have been warned and cancelled the cards.

Subscribers to the large file transfer service called We Transfer should be careful handling unexpected messages. A security firm called Avanan reported this week that crooks are sending email messages to potential victims pretending to be from We Transfer and claiming files are ready to be sent to them. All they have to do is click on a link and then enter their We Transfer username and password. The goal of the crooks is to copy those credentials. One tip this is a scam is it’s addressed to “Dear Sir/Madam.” Another is if you click on the link to download the files the internet address the site it goes to is not We Transfer.

Another phishing scam going around takes advantage of the information you put on LinkedIn. This one is very targeted. According to Canadian managed security services firm eSentire, it works like this: Victims get an email message that looks like a tailor-made job offer. That’s because the crooks have taken the wording of the current job position the victim holds as listed on LinkedIn. So if the victim’s job is “senior account executive international freight,” the job offer is for that position. To be even more convincing the file name of the attached application form is the same as the job position. However, anyone who clicks on the file gets infected with malware that leads to their computer being compromised. The attacker can then steal any data, including passwords. Note this scam is very targeted at individuals.

Sophisticated criminal groups are adopting a new strategy to hack into banks and retailers: They’re hiring people. You see, cyber crooks use a lot of automated attacks. But these are increasingly being detected by security software and defensive tactics. One you’re familiar with is what’s called a Captcha. It’s a technique for verifying a person and not a machine is trying to log in by asking them to click on any of a group of pictures that has a car, or type in a scrambled group of digits and numbers shown on screen. According to a new report by the NuData division of Mastercard, it detected signs last year that cooks are increasingly hiring more people to complete these forms to fool defenders. Companies are advised to look for solutions that can detect this kind of trickery.

That’s it for today. Links to details about these stories are in the text version of this podcast at That’s where you’ll also find my news stories aimed at cybersecurity professionals.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Sponsored By:

Cyber Security Today Podcast