Common Rewards App Scams and How to Avoid Them
Rewards apps are convenient, but scams are on the rise. Fraudsters exploit these apps to steal points, personal data, and even money. Here's what you need to know:
- Scam Tactics: Account takeovers, phishing schemes, fake apps, and identity theft.
- Why It Happens: Rewards apps often lack the security of banking platforms, making them easy targets.
- Impact: Loss of points, identity theft, and financial damage - costing businesses over $1 billion annually.
- Prevention Tips:
- Use strong passwords and enable two-factor authentication.
- Avoid public Wi-Fi for sensitive transactions.
- Verify app legitimacy through reviews and official sources.
- If Scammed:
- Report to your bank and authorities.
- Change passwords and monitor accounts.
- File reports with agencies like the FTC or IdentityTheft.gov.
Stay vigilant by researching apps, securing your accounts, and monitoring activity to protect your rewards and personal data.
Major Rewards App Scam Methods
False Payment Schemes
Scammers often use deceptive payment schemes to target rewards app users. For instance, many so-called "freemium" apps lure users with free rewards but later introduce unexpected charges or hidden fees . These apps may seem harmless at first but can quickly turn costly.
"Where people are at, the scammers will meet you there, and they will use them to their advantage." - Amy Nofziger, director of victim support for the AARP Fraud Watch Network
Here are some common false payment schemes:
| Scheme Type | Warning Signs | Common Tactics |
|---|---|---|
| Fake Premium Offers | Promises of free premium features | Demands for payment info under false pretenses |
| Hidden Subscriptions | Confusing or unclear billing terms | Automatic charges after "free" trials |
| Peer-to-peer Scams | Requests to move conversations off the platform | Push for "test" transactions |
In addition to these schemes, scammers often use identity theft to exploit personal information.
Identity Theft Tricks
Identity theft tactics in rewards apps are becoming more sophisticated. A notable example is the 2022 breach of The North Face, where hackers accessed 200,000 customer accounts, exposing personal details, purchase history, and rewards program data .
Spoofing is another common trick. Scammers create fake versions of popular rewards programs and send fraudulent security alerts. These alerts claim that accounts have been compromised, directing users to fake websites designed to steal login credentials . The scale of this problem is alarming: in 2021, over 24 million U.S. households fell victim to loyalty-related Account Takeover (ATO) attacks .
"There's no problem with the app per se. What's happening here is you've been duped or coerced into using that app as your conduit to facilitate the transfer of money to the fraudsters." - Christopher Budd, former senior global threat communications manager at Avast
These stolen credentials often lead to further misuse of personal data.
Personal Data Misuse
The misuse of personal data from rewards apps extends far beyond identity theft. One of the most notable incidents was the 2020 Marriott International breach, where hackers accessed 5.2 million guest accounts, exposing contact details and loyalty account information. This breach resulted in an £18.4M fine .
Criminals use stolen data in several ways, including:
- Selling login credentials on dark web marketplaces
- Creating fake identities for fraudulent activities
- Converting reward points into cash or other benefits without permission
- Using compromised accounts to launder money
The financial toll is immense, with loyalty fraud costing businesses over $1 billion annually . To counter these threats, many platforms now use multi-factor authentication, which is highly effective at stopping phishing attempts - blocking 99% of them .
Learn how to Spot a Scam: Safety Tips
sbb-itb-128bb4e
Scam Prevention Steps
To protect yourself from scams, it's important to verify the legitimacy of apps and take steps to safeguard your personal information.
Check App Trustworthiness
Before downloading any rewards app, make sure it's legitimate. Apps like Fetch, which has a 4.6/5 rating on Trustpilot , stand out for consistent user feedback and transparent practices.
| Verification Area | What to Check | Red Flags |
|---|---|---|
| App Store Presence | Official listing with developer details | Redirects to external downloads |
| User Reviews | Recent, detailed feedback | Generic or repetitive praise |
| Business Model | Clear earning structure | Registration fees or unclear rewards |
| Professional Design | Polished interface and error-free content | Spelling errors or poor grammar |
| Company Background | Verifiable business details | No physical address or hidden ownership |
Once you've confirmed an app's legitimacy, focus on protecting your personal data.
Protect Your Information
"Cash App Support will never ask you to provide your sign-in code or PIN, and will never require you to send a payment, make a purchase, download any application for 'remote access,' or complete a 'test' transaction of any kind" .
Strengthen your security using these steps:
- Strong Authentication: Create passwords with at least 15 characters, including upper/lowercase letters, numbers, and symbols. Enable two-factor authentication (2FA) for added protection .
- Network Security: Avoid using public Wi-Fi for sensitive transactions. If necessary, use a VPN to secure your connection .
- Account Monitoring: Regularly check your accounts and set up alerts for unusual activity .
Identify Fake Offers
"Whether love or an investment, a sure thing doesn't exist. If it's too good to be true, it's probably a scam" .
Here are common scam tactics to watch for:
| Warning Sign | Example | Action Required |
|---|---|---|
| Urgency Tactics | "Limited time offer - act now!" | Take time to research the claim |
| Payment Requirements | Requests for specific payment methods | Avoid using gift cards or wire transfers |
| Contact Methods | Unsolicited messages about rewards | Verify through official sources |
| Earning Claims | Promises of unrealistic returns | Research average earning rates |
Steps After Being Scammed
If you fall victim to a scam despite taking precautions, take these steps immediately to minimize the damage and secure your accounts.
First Response Steps
Stop communicating with the scammer.
"Don't engage any further with the scammer. There's nothing good that would come out of that." - Michael Bruemmer, head of Global Data Breach Resolution at Experian
Take immediate action:
- Contact your bank or credit card companies.
- Gather and save all evidence, like receipts and communications.
- Update passwords for financial accounts and major online platforms.
- Download and review your credit report.
- Set up alerts on your financial accounts.
"You're better off just going and changing those kind of major passwords, even if it's a major online retailer or your personal email account. I would recommend that you lock those down by changing them very quickly." - Darius Kingsley, JPMorgan Chase & Co
How to Report Scams
"You want to make sure that you have all of your receipts and all of the documentation in one place. Whatever information you're able to gather will be a help to investigators, and may even improve your chances of recovering money that you've lost." - Josh Planos, BBB
Once your accounts are secure, report the scam as soon as possible.
File a report with:
- The Federal Trade Commission at ReportFraud.ftc.gov
- Your state attorney general's office
- Your local consumer protection office
- The U.S. Postal Inspection Service (if mail-related)
- IdentityTheft.gov (if personal information was stolen)
Fix Compromised Accounts
To recover and protect yourself from further harm, strengthen your account security with these steps:
1. Enhance Security Measures
- Contact your mobile provider to enable SIM swapping protection .
- Turn on two-factor authentication for your accounts .
2. Monitor Your Credit
- Place fraud alerts with credit bureaus.
- Consider freezing your credit reports for added protection .
3. Strengthen Account Monitoring
- Set up account alerts and regularly review credit reports for suspicious activity .
- Look into personal cyber insurance for extra security .
"Remember that scams are crimes. Many are perpetrated by organized crime rings. They can and do happen to anyone regardless of age, race, gender or socioeconomic status. So don't blame yourself." - Lisa Schifferle, CFPB
Stay Safe from Rewards App Scams
Rewards app scams are constantly changing, so it’s important to stay alert. Recent findings from Dr. Web have revealed that apps like WalkingJoy and Lucky Step - downloaded over 15 million times - are tied to a single fraud network .
How to Protect Yourself
Here are some practical steps to help you stay safe:
- Check the App's Background: Research the app developer and read reviews from reliable sources. Avoid apps with vague or overly positive reviews.
- Secure Your Information: Use two-factor authentication, set unique passwords for every account, and keep your device’s security software updated.
- Monitor Your Accounts: Regularly check your transactions, set up alerts for unusual activity, and document anything suspicious.
Smart Habits for Using Rewards Apps
Adopting smart usage habits can go a long way in protecting your rewards.
- Share only the minimum personal information required.
- Never send money to claim rewards or government payments.
- Stick to official customer service channels within the app.
- Keep your operating system and security software up to date.
- Back up your data regularly.
- Report suspicious activity to the app’s official support team immediately.
Legitimate rewards apps won’t ask for sensitive information like your Social Security number or demand payments to access rewards. If you encounter such requests, treat them as warning signs and proceed carefully . By following these steps, you can protect both your rewards and your financial security.