Woolworths tightens security after rewards scam targets hundreds of customers
Matthew Elmas / Thursday, September 13, 2018
Supermarket giant Woolworths says it has implemented multiple changes to its Woolworths Rewards loyalty program after 130 customers fell prey to online scams targeting their rewards points.
Rewards accounts were accessed with “valid login and password details”, which Woolworths says indicates third-party websites are involved.
“Woolworths has investigated and found no evidence to suggest its systems have been breached or compromised,” a spokesperson said in a statement provided to SmartCompany.
“Fraudsters have obtained login credentials from online scams or other sources.”
Woolies has locked down hundreds of additional accounts with suspicious point redemption in a precautionary step and will reimburse customers with any missing points.
The supermarket giant says it’s made a slew of changes to its policies in response to the scam, including enhancing password security and implementing notifications for customers when their details are changed.
Woolworths also now requires passwords to contain at least eight characters, a number, and upper and lower case characters.
It’s not the first time the company’s customers have been targeted by online scammers. There’s has an entire section on Woolworths’ e-commerce website dedicated to digital fraudsters.
Examples include phishing websites claiming to offer chances to win gift cards, or opportunities to fill out feedback surveys.
In one case, customers are invited to take a “1-minute survey” for a $550 Woolies gift card, on a website created to mimic the supermarket’s own branding.
The supermarket is also not the only large retailer to be targeted by such scams; competitor Coles is also regularly targeted with fake text message and email scams.
Woolworths’ director of loyalty, Ingrid Maes, said the online scams are becoming more sophisticated.
“It’s clear fraudsters are becoming more sophisticated in the ways they target users online and our members are unfortunately not immune to these threats,” she said in a statement.
Woolworths said it is continuing to investigate and will advise relevant state and territory law enforcement agencies as appropriate.
Be honest about your situation: How vulnerability helps businesses thrive Sue Parker DARE Group founder
Own it: The 10 things you need to do to manage your personal brand Lisa Stephenson Who Am I Projects founder
Six invaluable lessons: What 20 years in aged care taught me about being an entrepreneur Natasha Chadwick NewDirection Care founder
An entrepreneurial superpower: Eight tips to help develop resilience Adala Bolto ZADI Training co-founder
Going through a lull? Five areas you should invest in when sales drop Tamara Alaveras and Sonia Majkic 3 Phase Marketing co-founders
Stop telling us how busy you are, it's boring and charmless Ian Whitworth Scene Change co-founder
Blandification™ and the state of modern branding Jeffrey Oley The Offices co-founder
Why you should find the right role for the right person — not the other way around Bruce Stronge Outfit founder