Fraudsters are targeting Groupon users stolen thousands of pounds from their bank accounts. Many customers reported a massive theft after crooks placed orders in their name by using victims’ credentials likely retrieved elsewhere.
Hackers take over the Groupon users’ accounts and place expensive orders, in one case the theft reached over £2,420.
Cyber criminals targeted customers of the online voucher service paying for holiday, gaming consoles (i.e. PlayStation 4) and iPhone with the hacked accounts. Below some of the messages posted on twitter by the victims:
Of course, Groupon users are blaming the company for failing to detect the fraudulent activities, in many cases customers that have reported the suspicious transactions did not receive a response for several days.
Groupon clarified that its users are not at risk because its systems had been hacked, it confirms that fraudulent transactions were carried with account credentials stolen elsewhere, for example in one of the numerous massive data breaches recently occurred.
“What we are seeing is a very small number of customers who have had their account taken over by fraudsters,” said a spokesman for the company cited by the Telegraph. “As with any major online retailer, we take fraud extremely seriously and have a dedicated team to investigate customer issues as soon as they are reported.
“If someone believes they’ve been a victim of a fraudulent attack, we investigate it and if confirmed – block the account immediately and refund the customer’s money back to them.”
(Security Affairs – Groupon account hacked, cybercrime)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.