Many Groupon customers reported massive theft after crooks have placed orders in their name by using victims’ credentials likely retrieved elsewhere.
Fraudsters are targeting Groupon users stolen thousands of pounds from their bank accounts. Many customers reported a massive theft after crooks placed orders in their name by using victims’ credentials likely retrieved elsewhere.
Hackers take over the Groupon users’ accounts and place expensive orders, in one case the theft reached over £2,420.
Cyber criminals targeted customers of the online voucher service paying for holiday, gaming consoles (i.e. PlayStation 4) and iPhone with the hacked accounts. Below some of the messages posted on twitter by the victims:
Of course, Groupon users are blaming the company for failing to detect the fraudulent activities, in many cases customers that have reported the suspicious transactions did not receive a response for several days.
Groupon clarified that its users are not at risk because its systems had been hacked, it confirms that fraudulent transactions were carried with account credentials stolen elsewhere, for example in one of the numerous massive data breaches recently occurred.
“What we are seeing is a very small number of customers who have had their account taken over by fraudsters,” said a spokesman for the company cited by the Telegraph. “As with any major online retailer, we take fraud extremely seriously and have a dedicated team to investigate customer issues as soon as they are reported.
“If someone believes they’ve been a victim of a fraudulent attack, we investigate it and if confirmed – block the account immediately and refund the customer’s money back to them.”
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.