The ACCC has issued an urgent warning to customers of some of Australia’s largest loyalty reward programs, including Qantas frequent flyer, after detecting a new scam that targets valuable points.
The National Anti-Scam Centre has received 209 reports to Scamwatch in the past four months, of the scam targeting Qantas frequent flyer, Telstra and Coles loyalty programs customers.
It comes as new research from Choice shows the majority of Australians think banks should reimburse scam victims, as the consumer association joins calls for financial institutions to provide some form of compensation.
Australians lost a record amount of more than $3.1bn to scams in 2022, up from the $2bn lost in 2021, according to ACCC figures.
New data from Commbank released on Tuesday showed Australians are becoming more cautious of answering the phone because of the increase, with three in four (76%) people only picking up if they recognise the number.
With the new scam, consumers receive a text message or email stating their loyalty points are expiring. It includes a link to a fake website, which prompts customers to log in. Customers may also be prompted to provide credit card details to use loyalty points.
Scammers then steal customers’ points, their login details and personal information to use on other platforms and commit identity fraud.
The vast majority of reports to Scamwatch received so far are in relation to Qantas frequent flyer, Telstra and Coles loyalty programs, but Australians should be aware that any loyalty program could be targeted, ACCC deputy chair Catriona Lowe said.
“The National Anti-Scam Centre has contacted the companies that have been impersonated by scammers and is working with web host providers to have the fake websites taken down, to minimise harm to the community,” Lowe said.
“We are very concerned that Australians experiencing cost-of-living pressures may be more susceptible to these scams. Scammers are deliberately panicking consumers by claiming their points are expiring soon. We urge people to immediately delete or ignore any message regarding a loyalty program that contains a link.”
Last month, the UK’s Payment Systems Regulator mandated that banks will have to reimburse victims of push payment fraud, where scammers impersonate financial institutions or the police, within five days – beginning next year.
Financial services minister, Stephen Jones has indicated the government could possibly follow suit, saying it intends to introduce a new industry code that will require banks to “provide appropriate compensation”.
Choice CEO, Alan Kirkland, said at the moment companies like banks, digital platforms and telcos are simply not doing enough to safeguard the community.
“Consumers should not have to bear the entire cost of scam losses. Banks should be required to compensate customers when they fail to take reasonable steps to stop money being stolen through a scam,” Kirkland said.
“A mandatory code that requires banks to reimburse their customers for scam losses would significantly reduce distress for customers affected by scams, and create the right incentives for banks to invest in scam prevention.”