Stolen Woolworths Reward Dollars from Account

Ocker on 14/09/2021 - 19:36
Last edited 26/10/2021 - 09:36 by 1 other user

Happened to notice, just by accident, that the Reward Dollars on my Woolworths Reward Dollars account was almost zero, whereas it should be $60 plus.

Logged into my account and saw that someone in WA (I am in Victoria) had redeemed $60.00 from my account balance a few weeks ago

Weird part is that on checking the transaction the person bought $61.50 of groceries, redeemed $60.00 of my points and charged $1.50 to a Mastercard debit card.
Anomalies are (a) why would someone commit fraud and then charge to a debit card that can be traced (b) how did the person seemingly know the balance of my reward dollars so as to buy just enough goods to use them up and (c) to redeem points one needs a membership card to scan at the checkout.

Smacks of an inside job to me!

Contacted Woolworths by an online chat session, which took 35 minutes to be connected, which was better than a quoted 59 minutes for a person-on-person chat. Response was basically "OK we will look into the matter" - that was two weeks ago and heard nothing since.

Those with Woolies Reward accounts may be wise to keep tab on their account.

Mod Note: Thread was accidentally merged into the wrong thread, leading to comments being in the wrong order.

Food & Grocery Reward Points

Related Stores

Everyday Rewards

Marketplace

Comments

- - BlueSkyHarvest on 10/01/2022 - 15:42
    
    Here is what the Top Ryde thief bought:
    
    1339 Top Ryde PH: 02 9308 7343
    Cnr Devlin Street and Blaxland Road
    TAX INVOICE - ABN 88 000 014 675
    
    Description $
    The Cooks Cuts Beef Cheek $9.30
    Tomato Gourmet 1.197 kg NET @ $9.90/kg $11.85
    Peach White Flesh 1.162 kg NET @ $4.50/kg $5.23
    Cucumber Lebanese 0.727 kg NET @ $3.90/kg $2.84
    Grape Red Seedless 1.030 kg NET @ $9.90/kg $10.20
    Woolworths Free Range Eggs 700G 12Pk Qty 3 @ $4.50 each $13.50
    ^#Blackmores Fish oil 1000mg 200 Amb $14.80
    ^Appletiser Juice Sparklng Apple 750ml $3.15
    D/F Thick & Creamy Vanilla 4 X 110g Qty 2 @ $4.00 each $8.00
    ^#Coca Cola Cans 30x375ml 24.15
    Potato Brushed 2Kg $5.50
    ^Promotional Price
    14 SUBTOTAL $108.52
    ROUNDING -$0.02
    TOTAL $108.50
    REWARDS SAVINGS $100.00
    Cash $20.00
    Change $11.50
    
    Taxable Items
    
    TOTAL includes GST $3.54
    
    You saved $121.05 􀀀
    
    YOU JUST SAVED $100 THANKS TO EVERYDAY REWARDS!
    
    Thank you for shopping with us
    POS 087 TRANS 225 17:44 26/12/2021
    WOOLWORTHS GROUP LIMITED
    - danyool on 26/01/2022 - 21:12
      
      You saved $121.05
      
      Sucks to lose your EDR - but look at the savings!!
    - gstfree on 13/07/2022 - 00:29
      
      My $50 was stolen @ Top Ryde as well for A2 baby formula.
  - BlueSkyHarvest on 21/01/2022 - 20:30
    
    Got my $100 back 18Jan22 from theft 26Dec21 17:44, reported next day.
    Rang 10-Jan-22 to remind EDR staff - told "being escalated".
  - angelique008 on 22/03/2022 - 20:08
    
    My $60 was spent in February 2022 on baby formula and a flat sheet :(
Mr_P on 05/01/2022 - 10:34

+2

I had $40 stolen from my account last night, at Blackburn North (VIC) woolies (I am in TAS). I got a message at about 5:20 with a login code (which I didn't see at the time) and at 5:41 they went through the checkout (They just purchased fruit and Yakult Fermented Milk Drink)

I've raised a ticket with the online team who will investigate.

What I find interesting is that the password I use(d) for EDR is only used for that site. They guy on the phone was adament they would have accessed my emails to get in but I have 2FA on with Google and didn't get any login attemps, there are also no unknown devices/IP's in my login history.
- kickling on 05/01/2022 - 16:54
  
  +1
  
  Does your receipt say self serve or cashier?
  
  I do wonder if you can get by any security by going through a cashier service lane, as the operator asks you if you want to redeem your dollars. This is what happens at WW petrol.
- jv on 10/01/2022 - 15:47
  
  they would have accessed my emails to get in but I have 2FA
  
  Best to setup 3FA.
slowcoach on 10/01/2022 - 20:47

+2

Argh, I’ve been done as well.

Got a verification code unsolicited. Logged into account and $110 gone. They’ve bought baby formula and used a gift card for remaining $1.50. Interstate. Done after hours so can’t contact them til tmrw.

What’s the point of 2FA?

Is there an email address to contact? Don’t have time to sit in chat or on phone for ages tomorrow. Can’t find one on website.
- DoctorCalculon on 11/01/2022 - 00:50
  
  What’s the point of 2FA?
  
  I have set my redemption preference to Bank for Xmas as a workaround.
  If these bastards can bypass EDR's dodgy 2FA implementation, I guess there is no point anymore.
  
  In any case, it does smell like an inside job.
  - Grale on 11/01/2022 - 12:51
    
    +1
    
    just a note of caution, my setting was set to "Bank for Xmas" and they managed to switch it even with 2FA enabled.
    - DoctorCalculon on 11/01/2022 - 14:32
      
      Were you compensated the amount that was stolen from your EDR card?
      - Grale on 28/02/2022 - 14:00
        
        @DoctorCalculon: oops! missed this.
        I eventually got it back but it was pretty stressful and I had to keep following up to get any traction.
- jv on 11/01/2022 - 01:06
  
  They’ve bought baby formula
  
  I wonder who would be buying that ???
  - gstfree on 13/07/2022 - 21:50
    
    Now I know why Daigou shop sells baby formula much cheaper than supermarket or pharmacy.
- bamzero on 11/01/2022 - 12:48
  
  I don't think they are bypassing the 2FA. From what I've gathered if you've banked your reward $ they aren't spending it, and they would need to bypass the 2FA to access the setting to change it. However they always seem to be spending the right amount to use it up so they must be able to see the balance.
  
  I reckon it's a loophole in another of their brands app/website, BWS or Big W maybe, that is showing the balance without needing to complete the login process.
  - kickling on 11/01/2022 - 13:29
    
    If you mean they are not bypassing 2FA in the sense that the 2FA doesn't work properly therefore there is no 2FA to actually bypass, then I'd say that's correct.
    - bamzero on 11/01/2022 - 13:46
      
      Yeh, it's a half assed 2FA.
- RobotWizard on 18/01/2022 - 21:35
  
  Did you guys have any outcome of that? I just got done for $160 and they also purchased baby formulas and baby wipes.
  - RobotWizard on 18/01/2022 - 21:38
    
    Also I live in Canberra and shopping was done at Kellyville NSW
    - BlueSkyHarvest on 21/01/2022 - 20:25
      
      Kellyville, Baulkham Hills, and Top Ryde
      - these three are all in the same vicinity of Sydney
      - nice to match up the three self checkout face recordings
      - and look for number plate recognition matches on car park exit in the hour after the 3 checkouts
      - kerfuffle on 21/01/2022 - 20:26
        
        @BlueSkyHarvest: Also near Woolies head office in Bella Vista in the case of Kellyville and Baulkham Hills
DoctorCalculon on 11/01/2022 - 14:52

Here are news articles from last year with similar stories to folks here:

https://au.news.yahoo.com/disturbing-warning-for-woolworths-…
https://au.news.yahoo.com/woolworths-shoppers-lose-hundreds-…

Response from Woolworths:

"We’ve found no evidence to suggest our IT systems have been breached or compromised in any way,” the spokesperson continued.

"This indicates fraudsters have likely obtained these members’ login credentials and account details from online scams or other sources.

I am just finding that hard to believe.
- King Tightarse on 11/01/2022 - 19:33
  
  +1
  
  They are too confident in their system. I doubt very much that fraudsters have obtained passwords etc.
  They have some or other technique to discover the balance, get in and change to 'money off shop' and then generate the Woolies card and spend it.
  So many people are reporting the same thing: receiving an unsolicited notification that there settings were changed
  There is some kind of loophole or technique and Woolies IT staff are missing it
  - DoctorCalculon on 11/01/2022 - 21:05
    
    +3
    
    There is some kind of loophole or technique and Woolies IT staff are missing it
    
    Possibly a former Woolies IT staff member who would know about such things.
  - RobotWizard on 18/01/2022 - 22:03
    
    +1
    
    Yeah my card happen only got hacked after I recently purchased apple gift cards and had $210 something on it, card always has $10-$20 dollars on it and never got hacked. So something is definitely not right. I feel like it’s inside job with someone who has access to card numbers and balance.
    - DoctorCalculon on 19/01/2022 - 19:21
      
      +4
      
      I feel like it’s inside job with someone who has access to card numbers and balance.
      
      Woolies is claiming complete ignorance, and blaming users for having their accounts hacked.
      
      Furthermore, there are no preventative measures that you can take other than to spend your dollars as fast as you can before you get hacked.
      - RobotWizard on 21/01/2022 - 02:26
        
        +1
        
        @DoctorCalculon: Did anyone actually ended up getting their money back on card? As long as I get mine back I really wouldn’t care too much and just spend it as soon as I can.
        Reading above posts looks like they can bypass christmas spending option or other forms of 2FA as well so system is definitely compromised.
        
        BlueSkyHarvest on 21/01/2022 - 20:02
        
        +3
        
        @RobotWizard: Got my $100 back. Took 3 weeks (included early January holidays). I also did a reminder phone call after a couple of weeks.
BlueSkyHarvest on 21/01/2022 - 20:42

+1

They can use a bar code generator on their phone to scan your number at the checkout.
They know how much to spend.
They can over ride the 2FA but it generates an SMS to your phone, then promptly an email comes advising that you have unlocked your "Bank for Xmas"
Numbers with their balance are likely sold on the dark web with the 2FA over ride method included
Maybe there is a dark web hackers collective who share the EDR vulnerability
A common purchase is baby formula - ?orphans in the making?
- DoctorCalculon on 26/01/2022 - 18:48
  
  +1
  
  A common purchase is baby formula - ?orphans in the making?
  
  That is the pattern I am seeing in almost all of the comments here.
  Most likely a daigou syndicate operating in cahoots with an EDR employee.
snowbeauty on 22/01/2022 - 16:39

My wife just realised that someone cleared out over $1000 from her EDR and bought some Chinese Baijju.

Hate to think that some Dude is enjoying the Baijiu during the Lunar new year while reading the post and laughing at us.
- Craze on 25/01/2022 - 15:20
  
  +1
  
  Wow why would you keep $1000 worth of points in EDR? I'd be redeeming it as part of my normal grocery shopping as they're not doing anything sitting in your account (unless you were banking points for a big redemption).
  - Neoika on 26/01/2022 - 20:06
    
    From a savvy person's perspective, it is not wise to bank EDRs. However, some people have to do it like this because they will be tempted to spend the $1000 cash in their bank for something unnecessary. It takes me a few years to understand this behavior.
    - kickling on 26/01/2022 - 20:08
      
      +1
      
      My wife and I run two EDR accounts. Her account had a high amount in there for a while because our flybuys was being hammered with better deals, so we never got a chance to actually go shop at WW. That's one reason why someone might have a high balance at any point in time.
visions on 24/01/2022 - 22:52

+1

I also got done at Kellyville like Robotwizard. All $170 taken from my account with the few dollars balance being paid by cash. Receipt was mostly nappies, baby food, formula. Nothing on it would match any of my receipts with my regular shopping. Plus I live in Vic.

Contacted EDR today via the online chat - entered "account compromised" to the digital assistant, then as soon as I was connected with a real person, they said "May I kindly ask are you referring to the following transaction? 14/01/2022 Kellyville 172.05"

So I didn't even have to say anything…the support rep had clearly seen it straight away in my account and knew that's why I was contacting them…..interesting eh….I wonder if it's the same people who got Robotwizard (and possibly others?). The support rep then issued me a new EDR card no and said "an investigation will be raised to have the $170 credited back".

One thing that I never noticed before until this mess is just how stupid their 2FA implementation is. I never regularly log in to my EDR account as I use the app but when I logged in to reset my password after discovering the dollars were gone, I realised you don't need the 2FA to log in at all. Just user/pw. 2FA is for changing stuff once you're in. By contrast, for Woolworths itself, the 2FA is needed to actually log in. On another note - why don't they make WW and EDR all one system with one set of accounts, using the same auth methods etc?
- DoctorCalculon on 30/01/2022 - 00:30
  
  +1
  
  I realised you don't need the 2FA to log in at all
  
  It is genuinely hilarious how inconsistent their login system is.
  On the web, they just give you the option to login either via a SMS code or password. So, no 2FA there.
  
  On another note - why don't they make WW and EDR all one system with one set of accounts
  
  The former is a merchant / partner (who just happens to own EDR), and the latter is a rewards platform.
[Deactivated] on 30/01/2022 - 19:38

It's not the first time "thread merging" has led to utterly confusing flow of comments. STOP DOING IT!
2esc on 01/02/2022 - 11:33

+1

I've never even thought about letting my rewards go over $10 when the cashier asks me I want to redeem I redeem straight away. If I want to save up for something I put extra on my house loan redraw so it works for me.
Samsungnote10 on 05/02/2022 - 14:47

Just received the usual "here is the verification code for your login" on your phone when you login when I wasnt accessing it

followed by a "thanks for changing your shopping to dollars off preference" email

I already had mine set to dollars off preference anyway, so I logged in, changed it to bank for christmas so they wouldnt be able to use it

called up woolworths, theyre going to raise an incident report, and send me a new card

scary thing is, the fact that the verifcation code was sent means that someone had successfully entered my password in correctly
- DoctorCalculon on 05/02/2022 - 19:32
  
  But nothing stolen because you acted quickly?
  
  Imagine this happening on a weekend when you cannot call customer support to lock your account, or on hold for over an hour.
  - Samsungnote10 on 05/02/2022 - 22:48
    
    Well, that's the idea!
    
    Waiting to hear back from IT to see what they can tell me
    - DoctorCalculon on 05/02/2022 - 23:10
      
      Well, that's the idea!
      
      Just to confirm you were able to thwart the attempt by acting quickly and switching to Bank For Xmas, right?
      - Samsungnote10 on 06/02/2022 - 00:17
        
        +2
        
        @DoctorCalculon: They said they couldn't see any attempts in my account .
        But I was able to change it to Back to Bank for Xmas while I was on hold to them
        
        I imagined that the thieves were probably at a woolworths, logged in, changed it to cash off, and were planning to use it straight away.
        The time from receiving the original msg to me changing was probably 3 mins
georgev on 08/02/2022 - 18:05

My $85 gone. Chatswood NSW shooping location
RobotWizard on 22/02/2022 - 21:32

+1

Just got my money back yesterday(no notification or email whatsoever) randomly just went to rewards app and it’s already gone AGAIN, this time its being used in Hilton SA and paid remainder $1 from card.

Go Woolworths Security
- jv on 22/02/2022 - 21:38
  
  and it’s already gone AGAIN
  
  😲
- Loopholio on 23/02/2022 - 08:59
  
  +1
  
  Jebus christ! How has this nonsense not been picked up by the news..
  
  EDIT ahh it has, but no updates I could see during my seconds of thorough research.
  - RobotWizard on 23/02/2022 - 11:27
    
    +1
    
    Sad thing is they’re still convinced that it’s my email address that’s hacked and nothing from their end. My email has 2FA and even if it got hacked I would have alot bigger problems to worry about then my ER rewards smh
    I ended up changing my email address let’s see what happens now, As soon as I get money refunded this time I am going to spend it straight away.
    
    Edit: copied from reddit, except I have opted for digital receipts so not sure how they got their hands on my card number
    
    I used to work as a supervisor for a woolies store, on quieter evenings we would key the rewards applications into the computer which had the temporary card number on it. From memory they were sequential or at least all our leaflets definitely started with the same 7 digits. And they print the last 4 digits along with your points balance on the reciept, so wouldn’t be too hard to fill in the blanks if someone got their hands on your receipt
    - Grale on 23/02/2022 - 12:09
      
      +1
      
      From what I can see, if you attempt to log into ED using your email and password, it bypasses the need for 2FA.
      I got done once a few weeks ago, had the card replaced and my account got locked 3 days ago for multiple attempts to log in.
      
      It looks like you have 3 ways to login via a combination of your email and:
      - code emailed to you
      - code SMS-ed to you
      - just your password
popsiee on 23/02/2022 - 11:30

+1

`^ I'm disappointed I though this would be a Pam thread .
- DoctorCalculon on 23/02/2022 - 21:54
  
  +1
  
  Here you go, bud: https://www.ozbargain.com.au/node/683873
Samsungnote10 on 26/02/2022 - 01:18

Well, I got done today

Qv big w

$40 gone

They bought cosmetics

Will be contacting ww tomorrow

Only realised when I got a notification of e-reciept
- Samsungnote10 on 27/02/2022 - 00:55
  
  Called today
  They said will start investigation
  
  Checked this evening, $$$ back in the account and Transaction gone!
  - hero88 on 02/03/2022 - 06:36
    
    +1
    
    That's good! Maybe because you caught on quickly. I'm still waiting for mine. Best to spend the $40 ASAP.
    - Samsungnote10 on 12/03/2022 - 19:32
      
      +1
      
      Well just checked my account
      
      The $40 original stolen transaction has popped back on, so my balance is back to $0
      
      Looks like I'll have to call them again
      - DoctorCalculon on 12/03/2022 - 20:25
        
        +1
        
        @Samsungnote10: Damn! If you had spent the $40 RD when you got it back, I wonder if they would put your balance into negative.
        
        Samsungnote10 on 15/03/2022 - 16:08
        
        @DoctorCalculon: man im not having a good day
        
        i called yesterday and they said its still ongoing and no updates…..
        
        just then I got a transcation notifcation of withdrawal of $200 BIGW
        
        so im on the phone to them again to hopefully sort it out
        
        DoctorCalculon on 15/03/2022 - 16:17
        
        +1
        
        @Samsungnote10:
        
        just then I got a transcation notifcation of withdrawal of $200 BIGW
        
        Now this is getting outrageous! EDR should rebrand as Steal My Rewards (SMR).
        
        Was the transaction in a completely different state to where you live?
        
        Samsungnote10 on 15/03/2022 - 16:31
        
        +1
        
        @DoctorCalculon: the first transaction was the same state, but ive never been there
        
        todays one its one I have been to before but ive never used the card there
        
        so much hassle. ive lodged another incident
hero88 on 26/02/2022 - 17:53

+1

I got done last week at Springvale, live nowhere close to it. Only noticed this week when I went to use the rewards. Purchase was mostly paid for by the rewards, then a gift card and cash. Called the team and they're launching an investigation that will take 3-6 weeks. Fun times.
- hero88 on 15/03/2022 - 05:07
  
  Update, I've received the money back but there's already been 3 attempts to login to my account: Once on the day of the top up so much so my account was temporarily locked, two attempts yesterday to change my password. I'm not sure what else I can do.
  - Grale on 15/03/2022 - 13:00
    
    +1
    
    i used mine up as soon as I got it returned.
  - Neoika on 19/03/2022 - 18:31
    
    Shop, cancel, convert
    
    How can I be refunded?
    Purchase refunds are often received via Credit Card, Woolworths Gift Card, or a Store Credit. Each refund type will depend on the payment method of the item.
    Credit Card purchases are either refunded back to the same Credit Card that made the purchase, or a Woolworths Gift Card is generated for the refund amount.
    Store credits are refunded back as a store credit. In some circumstances, store credits may be refunded as a Woolworths Gift card for purchases over $5.00.
Ocker on 27/02/2022 - 07:40

+2

Since I first started this thread about 5 months ago the number of posts of theft is staggering.
The cases outlined on OZB are likely on the tip of the iceberg so it is strange how the issue seems to be flying under the radar of the public at large.
Moreover, not a peep from Woollies on the matter
- kickling on 27/02/2022 - 12:49
  
  Nothing has changed since I got my points stolen 3 years ago
  - DoctorCalculon on 28/02/2022 - 17:10
    
    Nothing will change until Woolies IT get their sh*t together, and take a page of out of FlyBuys security model.
    - kickling on 28/02/2022 - 18:21
      
      There's things I like about WW Rewards and things I like about Flybuys… but this is a pretty serious security issue. Surely there are enough cases now to warrant some remedial action.
puffinfresh on 07/03/2022 - 14:31

I just had a random transaction come up in my app. $4.45 cash spent on bread, L&P and a WW bag in NSW. I'm in WA.

I can only imagine the person has entered their number incorrectly into an app like Stocard. I've had $30 credit sitting on it for ages, until just this morning, a few hours before this random transaction.

It's pretty poor that if they had spent more than $10, and I still had credit on it, they would have been able to redeem it.
- Choc83 on 07/03/2022 - 15:07
  
  Unless you've opted in for digital receipts, they could get a receipt which has your Woolworth dollar balance on it. I'd switch to 'Bank for xmas' asap
  - DoctorCalculon on 07/03/2022 - 19:32
    
    they could get a receipt which has your Woolworth dollar balance on it
    
    Neither receipts show the dollar balance.
    
    I'd switch to 'Bank for xmas' asap
    
    Please read the comments above. Bank for Xmas offers zero protection.
    
    The entire issue is how piss poor EDR's 2FA implementation is, and how easily it is being bypassed by these scammers / hackers.
  - puffinfresh on 07/03/2022 - 20:06
    
    I have digital receipts enabled; that's how I knew it happened. I imagine if they were dodgy, they would have spent more than $10, or tried another card number when they saw mine had no credit. How does that work in store btw, can you just scan another card to override a previously scanned one, call an attendant, or would you need to move to a different register and hope the attendant doesn't notice?
Smallman on 11/03/2022 - 20:09

I am on board now, with $30 rewards toasted. I have been with this card for 9 years, thousands of rewards dollars redeemed, never had an issue. Only happened after a gift card purchase yesterday, the Eftpos deal - x10 points. Highly doubt it was taken from internal.
twister292 on 13/03/2022 - 14:44

Lost $220 to some transaction in Victoria Harbour, Melbourne…transaction for 267 carried out and the rest paid with a master card. Never been to that store.
frostydog on 20/03/2022 - 15:10

Just lost $30 used in a WW in NZ!! . Needless to say I haven't been to NZ.
- kerfuffle on 20/03/2022 - 15:10
  
  +1
  
  Didn't even know you could use Woolworths Rewards dollars in New Zealand
  - frostydog on 20/03/2022 - 20:18
    
    My bad. It is in WA. I Google the wrong suburb.
Samsungnote10 on 20/03/2022 - 19:12

wow, im not having much luck with this at all!

https://www.ozbargain.com.au/comment/11881735/redir

I just got another notification that the credit that was applied on friday for the original missing $$ has now been stolen, at a wooloworths in my state but ive never been to

so in 3 weeks its my 3rd stolen case, ive had the card replaced 3 times, the last time's replacement card hasnt even arrived yet!
ive changed my password, and even email password at their request, todays transaction is the stealing of the previous replaced $$$!

surely its some sort of hacking and not someone walking around with forged cards
- kickling on 20/03/2022 - 20:59
  
  This must be an inside job.
  
  Have you changed your email?
  
  That may tell you something new…
  - Samsungnote10 on 20/03/2022 - 21:55
    
    ill have to change that too!
    - kickling on 20/03/2022 - 23:26
      
      Give it a shot. It might be the key they are using to access your new member number each time.
      - Samsungnote10 on 11/04/2022 - 12:56
        
        @kickling: Well after changing my email 3 times Inc new email
        
        I got another password request today.
        But no credit applied today.
        
        My redeem method is still bank for Christmas so let's see what happens now,
        
        Will they try and change it to redeem off shopping
- jv on 20/03/2022 - 23:28
  
  +1
  
  It sounds like an 'inside job' to me…
puffinfresh on 24/03/2022 - 22:20

+1

How long does it take for points to automatically convert to dollars (I have that option set)? I want to spend mine before they're stolen, but I've already been waiting half an hour and the all still says "Hang tight. Your points are being processed."

Edit: found the answer
- Neoika on 25/03/2022 - 09:25
  
  Good finding!
Samsungnote10 on 31/03/2022 - 18:11

+1

https://www.ozbargain.com.au/comment/11903853/redir

Another update

I got a password reset request on this account just then

Logged in checked , to find that the missing 2nd missing $300 has been credited today.
So it's as though someone knows when there are credits being applied and checking.
I'm also still missing the first stolen credits , that were restolen after being credited

Getting quite comical
- DoctorCalculon on 02/04/2022 - 20:21
  
  I got a password reset request on this account just then
  
  Did this happen even after you changed your EDR account email address?
  
  Or, you haven't gotten around to it?
  - Samsungnote10 on 03/04/2022 - 14:42
    
    +1
    
    yes this is the new email address i created just for this account a few weeks ago just for EDR account!
    - kickling on 06/04/2022 - 08:42
      
      Are you sure no one is accessing your emails? Or accessing your computer?
      
      I notice that changing rewards claiming (eg change to/from Christmas banking) requires a code be sent to you by email.
      - Samsungnote10 on 06/04/2022 - 12:42
        
        @kickling: No one is accessing my laptop physically. If it's some gun hacker then maybe
        
        Email is a new one and also changed passwords a few weeks ago
        
        I also have another account with $$ on it which so far has had no security issues
        
        kickling on 06/04/2022 - 12:49
        
        @Samsungnote10: Does your new email have similarity to your old?
        
        Samsungnote10 on 06/04/2022 - 12:54
        
        @kickling: Yes it actually is semi similar!
        
        kickling on 06/04/2022 - 12:55
        
        @Samsungnote10: See i wonder if they are guessing your email again.
        
        Not sure about how they are getting around passwords, but somehow they are getting your member number/ barcode by using your email..
        
        Samsungnote10 on 06/04/2022 - 12:57
        
        @kickling: Might change it to completely new and different one for kicks
        
        kickling on 06/04/2022 - 13:00
        
        +1
        
        @Samsungnote10: Yup - make it totally different, then wait and see…
        
        DoctorCalculon on 07/04/2022 - 19:34
        
        +1
        
        @Samsungnote10: Don't forget to configure 2FA on your new email account.
        
        Samsungnote10 on 11/04/2022 - 19:18
        
        @DoctorCalculon: Well got 2 password requests today spread a few hours apart.
        
        However there was no credits applied today.
        
        I've still got my settings to "save until Christmas "
        
        kickling on 11/04/2022 - 19:23
        
        @Samsungnote10: So it looks like login needs email or member number to try.
        
        They issued you with new member number right?
        
        Samsungnote10 on 11/04/2022 - 19:35
        
        @kickling: Yes, a few times now.
        The latest card hasn't even arrived in the mail yet.
        
        Obviously it's some kind of secuirty issue and not someone swiping/skimming my card
        
        Is there a solution?
        
        kickling on 11/04/2022 - 20:00
        
        +1
        
        @Samsungnote10: What they need to do is booby trap your card so that the POS stops the transaction and calls for the attendant haha.
        
        Either someone is intercepting your emails or it is an inside job.

Stolen Woolworths Reward Dollars from Account

Related Stores

Comments

Taxable Items

You saved $121.05 􀀀

YOU JUST SAVED $100 THANKS TO EVERYDAY REWARDS!

New Forum Topics