Stolen Woolworths Reward Dollars from Account

Ocker on 14/09/2021 - 19:36
Last edited 26/10/2021 - 09:36 by 1 other user

Happened to notice, just by accident, that the Reward Dollars on my Woolworths Reward Dollars account was almost zero, whereas it should be $60 plus.

Logged into my account and saw that someone in WA (I am in Victoria) had redeemed $60.00 from my account balance a few weeks ago

Weird part is that on checking the transaction the person bought $61.50 of groceries, redeemed $60.00 of my points and charged $1.50 to a Mastercard debit card.
Anomalies are (a) why would someone commit fraud and then charge to a debit card that can be traced (b) how did the person seemingly know the balance of my reward dollars so as to buy just enough goods to use them up and (c) to redeem points one needs a membership card to scan at the checkout.

Smacks of an inside job to me!

Contacted Woolworths by an online chat session, which took 35 minutes to be connected, which was better than a quoted 59 minutes for a person-on-person chat. Response was basically "OK we will look into the matter" - that was two weeks ago and heard nothing since.

Those with Woolies Reward accounts may be wise to keep tab on their account.

Mod Note: Thread was accidentally merged into the wrong thread, leading to comments being in the wrong order.

Food & Grocery Reward Points

Related Stores

Everyday Rewards
Everyday Rewards
Marketplace

Comments

    • King Tightarse on 01/08/2022 - 18:27

      Surely this time the cops and/or bank can actually do something. This is straight up theft and fraud. Real money, not 'points'. The bastards should at least be on camera. BTW what did they buy?

  • SR129 on 01/08/2022 - 18:34
    +2

    Yep I'm hoping they're on camera! The thing is, Everyday Pay never works at the Woolies I go to because you can't get decent phone reception in there but I thought I'd give it a go because they have a promotion where you get 5x points if you use Everyday Pay. But it didn't work this time either so didn't think much of it. I feel as though there must have been some kind of scanner on the eftpos machine or something that they were then able to use to pull my details? Similar to what they do on ATMs.

    It looked like a regular grocery haul. Cleaning products, fruit, soft drinks, ready made meals etc

  • interlocal on 11/08/2022 - 15:21
    +2

    My understanding that the way ED Pay is implemented - scanning QR code on the terminal with an app in your phone - there should be no data transfer from phone to terminal directly, only via servers. So there should be no way any scanner/skimmer attached to POS would be able to steal any info. Also I don't think there are any Everyday Pay info in the ED website account that could be useful?

    Possible vectors of the attack then, I think, are:
    1. Malware in your phone. If it's not rooted android, chances are pretty low, though
    2. Credentials to ED account stolen, and app installed on another phone uses those credentials. Looks like there are 3 ways to login in ED - SMS, email confirmation, password - so additional vectors would be:
    2.1. Reused password
    2.2. Compromised email account
    2.3. Cloned SIM card (however I'm not sure that's possible in 2022 for low-level actors)
    3. Data stolen from ED data storage
    4. Internal unauthorised access by rogue employee

    If we are talking not about ED Pay, but ED rewards in general, then additionally
    5. Insufficient security controls allow some kind of automated brute-forcing. I remember several years ago either ED or Flybuys sent me and email with link, which led to the page saying "Hello, <my first name>!…" and had card number in the URL. I tried to change the number, and yes, every 10-20 consequential numbers I got someone's first name. Chances are there is somewhere same kind of API endpoint that returns some data, maybe indirectly telling you the points balance, without authorisation and proper rate-limiting, and some smart students created a script to get data and then sell it for 10% of the balance in WeChat groups to some other students that either buy stupid shit or baby formula to send to China.

    If we do not take in account that last report about ED Pay card used, then it's most probably 5, maybe 4.

    Issue here is it's probably very low volume scam, so Woolies are better off by compensating stolen money and brushing off any allegations, as they are very easy to brush off.
    What you can do:
    1. Take care of your phone, do not install banking/money apps on rooted android if you not 200% sure what you do
    2.1. Check your ED and email credentials on haveibeenpwned.com
    2.2. Use the regular credentials hygiene - do not reuse passwords, use password manager etc
    3. Close ED account and open new one
    Not that it would help if it's 4 or 5.

  • DoctorCalculon on 11/08/2022 - 23:17

    every 10-20 consequential numbers I got someone's first name. Chances are there is somewhere same kind of API endpoint that returns some data, maybe indirectly telling you the points balance, without authorisation and proper rate-limiting

    How do you explain the fact these so called WeChat hackers are able to login to the account, and switch off Bank For Xmas? Refer to some of the earlier comments in this thread.

  • shaneb on 18/08/2022 - 22:28
    +1

    I've just realised that I've been bitten and I'd never heard of the issue, despite how long it appears this has been an issues. I'm in Melbourne and someone in Adelaide bought $20 worth of salad ingredients. I take it there is no point contacting Woolies? I was wondering why the $20 I had "earned" the week before was no longer available when I shopped on Saturday. I've changed my password to be safe.

    • Yola on 19/08/2022 - 04:04
      +2

      Yes there is a point. People have been getting their points back eg.

      A short chat with the Woolworths online customer service team fixed the issue and I was emailed a $30 voucher to spend on a future order.

      Got the $50 back today. Pretty timely.

      Reported it on the 28th and they returned the dollars on Friday 6th May

      after some hassle and a change of card number Woolies rewards reimbursed that

      My wife had $80 taken too. Lucky Woolworths credited her account with the missing money

      These are just a few from the previous page.

      • shaneb on 19/08/2022 - 08:16

        Okay, excellent. Thanks very much. I will give it a go. It is pretty clear from my buying habits that it wasn't me that used them with the purchase location.

      • shaneb on 19/08/2022 - 10:27

        Just following up that I chatted online with Woolworths and it sounds like I'll get the credits restored eventually. A new card number has been issued.

        • Yola on 19/08/2022 - 11:36
          +1

          If you do not ask you will not receive.

          • shaneb on 19/08/2022 - 11:53

            @Yola: Very true. Thanks

            • shaneb on 20/08/2022 - 17:12
              +1

              @shaneb: I shopped this morning and my stolen credits were available already, so I used them before they get pinched again.

  • lzaonne on 20/08/2022 - 16:40

    Mine reward dollar was stolen as well!!! I signed up a insurance policy with $100 cashback. The reward dollar landed on 07/08/2022, but it was used the next day from what it showed in transaction history.

    • shaneb on 20/08/2022 - 17:13

      Bugger. Try and chat online to a real person on the woolworths site. I managed to get my credits returned quite quickly.

      • lzaonne on 20/08/2022 - 17:55
        +1

        Thanks Mate. I will contact them tomorrow/

  • fishandchips on 21/08/2022 - 18:30

    Today I tried to use my ED rewards dollars shopping at the supermarket, WA, it's gone, $250, I checked the activity in the app, I used my reward dollars at Caltex, WA for the first time $50 on Tuesday 16/08, then next day, Wednesday, 17/08, 3 transactions were redeem in NSW(1 BigW and 1 return +1buy Woolies). Tried to contact ED reward support but they have already close. I will call ED rewards team tomorrow.

    Return Good receipt

    1364 Beecroft PH: 02 9450 6727
    Cnr Hannah St and Beecroft Rd
    TAX INVOICE - ABN 88 000 014 675
    Description $
    Return Reason: Unwanted Goods
    Deli Leg Ham Shaved -5.25
    Return Reason: Unwanted Goods
    Kraft Singles Original 432g -6.30
    ^Kraft Singles Original 432g 7.00
    Deli Leg Ham Shaved 5.83
    2 Returned Item(s)
    ^Promotional Price
    2 SUBTOTAL $1.28

    TOTAL $1.28

    WOOLWORTHS 1364
    BEECROFT NSW
    MERCH ID:611000602001364
    Mastercard
    AID A0000000041010
    TVR 0000000001
    ARQC F5BA49D6B225DB33
    17/08/22 20:01 002477
    TERM ID: W1364010
    CARD:………….4949 T

    PURCHASE $1.28

    TOTAL $1.28

    APPROVED 00

    X-4949 $1.28
    Change $0.00

    Taxable Items

    TOTAL includes GST
    You saved $2.00 􀀀
    62913640102477170822

    Thank

    Redeemed at Woolies

    1364 Beecroft PH: 02 9450 6727
    Cnr Hannah St and Beecroft Rd
    TAX INVOICE - ABN 88 000 014 675
    Description $
    ^Kraft Singles Original 432g 7.00
    Deli Leg Ham Shaved 5.83
    ^Promotional Price
    2 SUBTOTAL $12.83
    TOTAL $12.83

    REWARDS SAVINGS $10.00

    WOOLWORTHS 1364
    BEECROFT NSW
    MERCH ID:611000602001364
    Mastercard
    AID A0000000041010
    TVR 0000000001
    ARQC BA818F095C12605C
    17/08/22 20:09 001642
    TERM ID: W1364061
    CARD:………….4949 T

    PURCHASE $2.83

    TOTAL $2.83

    APPROVED 00

    X-4949 $2.83
    Change $0.00

    Taxable Items

    TOTAL includes GST

    You saved $12.00 􀀀

    YOU JUST SAVED $10 THANKS TO EVERYDAY

    REWARDS!

    62913640611642170822
    Thank you for shopping with us
    POS 061 TRANS 1642 20:09 17/08/2022

    WOOLWORTHS GROUP LIMITED

    Redeemed at BigW

    www.bigw.com
    LIKE US ON FACEBOOK
    www.facebook.com/BIGW australia
    FOLLOW US ON INSTAGRAM
    @bigwaustralia
    101 BIG W Town Hall
    TAX INVOICE - ABN 88 000 014 675
    TAX INVOICE -
    Description $
    ^#182334 Apple AirPods Pro 329.00
    Serial/IMEI No: H1FHR5CL1059
    ^Promotional Price
    1 SUBTOTAL $329.00
    TOTAL $329.00

    REWARDS SAVINGS $240.00

    BIG W 0101
    SYDNEY NSW
    MERCH ID:611000602000101
    DEBIT MASTERCARD
    AID A0000000041010
    TVR 0000000001
    ARQC A2C2DDDDA717046B
    17/08/22 16:24 002916
    TERM ID: W0101004
    CARD:………….3656 T

    PURCHASE $89.00

    TOTAL $89.00

    APPROVED 00

    X-3656 $89.00
    Change $0.00

    Taxable Items

    TOTAL includes GST $29.91

    You saved $310.00 􀀀

    Recycle your old toys today for a joyful future
    Every small change can make a big difference
    To find out more visit

    https://www.bigw.com.au/toys-for-joy

    YOU JUST SAVED $240 THANKS TO EVERYDAY

    REWARDS!

    Thank you for shopping at BIG W.
    If you change your mind, simply return the product
    within 90 days with a receipt
    and in its original condition.
    Exclusions apply.

    See bigw.com.au/returns for more details

    62901010042916170822
    POS 004 TRANS 2916 16:24 17/08/2022

    • shaneb on 21/08/2022 - 18:46
      +1

      Gee that is crap. Sorry to hear that. Hope it gets resolved for you quickly. They need to fix the issue urgently.

    • fishandchips on 22/08/2022 - 09:13

      I have just called Everyday Reward, she is very helpful. First thing she mentioned, my account is compromised, may be my login credential and my password, and she also mention their IT backend is functioning well and not compromised.

      But she will cancel the compromised card and will issue me a new card and she will get their back end to issue me the $250 credit to the new card, the credit will be back into my new account within 7 business working days.

      • Yola on 22/08/2022 - 10:32
        +4

        This is the BS they have been telling for years. If you read this thread you will see many people proving that the problem is not with their account and often when all details are change money is stolen again. If it's all your fault how come they are giving you the funds back?

        • shaneb on 22/08/2022 - 12:17
          +2

          Yes, agreed. From what I read it's possible to query barcodes to find accounts with available credit and then they just generate a barcode which they just scan at the checkout in store.

          • Bad Wolf on 22/08/2022 - 20:46
            +2

            @shaneb: Yeah standard bs, at least at coles you need the physical flybuys card

            Just had $20 taken from Woolworths
            Woolworths is a pain, everytime i want to log in need to enter code from mobile or email.


            At Everyday Rewards, we care
            about your privacy.
            We provide robust security
            measures to safeguard your
            information, and while we have no
            evidence to suggest that
            Woolworths' systems have been
            compromised or breached, it looks
            like your login details may have
            been compromised or stolen from
            another source by a fraudster. This
            fraudster appears to
            have then used those valid login
            details to access your Everyday
            Rewards account or benefits.

  • moneypenny23 on 03/09/2022 - 00:17
    +2

    Okay something funny is going on here. I noticed my points had been stolen too, a couple of months ago.

    Originally completed a 4 week spend offer for 7000 points. Had to chase it up with Woolworths as it wasn't credited automatically, but they did it manually, all good. A few days later, got an Everyday Rewards notification on my phone for a purchase in a different state, points gone.
    Hadn't got around to contacting WW about my stolen points as I haven't been shopping there much lately and didn't want to fuss around with everything only to have them stolen again.
    So i'm now going through my transaction history and points activity on Everyday Rewards, and the transaction from interstate and the stolen points spent are nowhere to be found. Not only that, the credit of the 7000 bonus points as well as the original transactions I made to qualify for those points have also disappeared, although they still show up in my order history in WW account???
    Is it just me or does it look like they're trying to be shady and hope I wouldn't notice that anything was missing?

  • franco cozzo on 03/09/2022 - 08:40
    -1

    geez….loyalty cards are even getting hacked/defrauded and they want to move us to a cashless society? secure my arse….

  • shaneb on 04/09/2022 - 22:49

    Anybody had e-mails saying that your account had been temporarily locked out due to too many incorrect logins? Haven't had this before. Not long after my credits were pinched and a new card re-issued.

    • capslock on 06/09/2022 - 19:59
      +1

      Yes. Has happened to me a couple of times after my account was hacked.

      • shaneb on 06/09/2022 - 20:06

        Thanks. I'll keep an eye on it.

  • Makaveli99 on 18/09/2022 - 22:34
    +2

    Same thing happened to me, pisses me right off, I got refund but not 100%, I will have to ring them again

  • PChinna on 25/09/2022 - 13:01
    Merged from [Scam Alert] Woolworths Rewards Scam

    Hi All,

    Almost a month back some one redeemed my Woolworths rewards dollars ($40 and $30) at two different Woolworths (Sunshine and Burwood in VIC). I called the service centre and they refunded my money and reissued a new card for the same account.

    I changed my rewards as Christmas bank so that no one can use them. But very recently I changed back to "immediate shopping option". But someone spent $80 and $50 at two different Woolworths stores in Tasmania. This time they used my new card number. I never shared my rewards number (both old and new one) with anybody. Customer service people forwarded my case to their IT team and they have not refunded this time (probably they will do in the future). I changed back to Christmas bank and they issued a new card number again.

    I changed my password both times, still this happened.

    Does anyone faced the same problem recently?

    • bdl on 25/09/2022 - 13:06
      +1

      No.

      But I use Christmas bank and only switch back to "redeem" prior to making purchases, then switch it back to Christmas bank straight after

      • Ocker on 25/09/2022 - 13:13
        +2

        This scam has featured on the boards of OZB for over a year now

        • bdl on 25/09/2022 - 14:08

          Yes - exactly why I use the Christmas banking toggle since I heard about it on ozb forums

    • Sweet3st on 25/09/2022 - 13:16
      +3

      Yes. I had $30 stolen and refunded. New card etc issued and adopted new difficult password. I have had my account temporarily suspended at least 5 times since due to multiple failed logins. Your ER details don’t seem at all secure, they’ll fob you off but definitely a weakness there.

    • Gervais fanboy on 25/09/2022 - 13:18

      Same thing happened to me just last week..
      Had $20 on mine and someone used it to buy something worth $20.80 (paid .80 by cash) in Queensland.

      I called ww a couple of days ago. They explained to me that the scammers generate rewards card numbers using an algorithm and target the ones that have some credit banked up on them.

      Anyways, they haven’t reimbursed my $20 but have since wiped that transaction of my transactions log. My boosters are gone, all existing promotions are gone…

    • freefall101 on 25/09/2022 - 13:23
      +2

      Well known scam and far too easy to do, all they need is a card number and they can use the points.

      Woolworths would have to make using the card more difficult to prevent it (proof of identity or a PIN) so they seem to have no interest in doing so.

      Personally I've left my points going to qantas points until they fix it up. I know it's not the best reward but at least it's secure. This Christmas it's going to be a free-for-all on the credit on these cards.

    • AndyC1 on 25/09/2022 - 13:24

      Been happening for a few years now.

      Points being redeemed by other parties have been posted before on OZbargain.

    • Iluvfreebies-freeDel on 25/09/2022 - 13:35
      +4

      Rewards should also implement pin like flybuys do.

      • kerfuffle on 25/09/2022 - 14:31

        But then people will complain they have to bring their physical card as it currently is with flybuys

        • kyle on 26/09/2022 - 06:21

          Can't they do barcode and pin?

          • kerfuffle on 26/09/2022 - 18:59
            +3

            @kyle: Apparently not, otherwise they would have done it ages ago and this thread would be closed.

      • ozwolf on 25/09/2022 - 16:58
        +1

        Agreed. Flybuys seems more secure and also convenient on some other fronts.
        Physical card needed - so security while shopping, for flybuy dollars on card
        Pin needed for shop - Card is literally like an EFTPOS

        Also other benefits like we don't necessarily have to use $10 in one go, can redeem partial amounts, can decide how much to leave as flybuy points / transfer to flybuy dollars, etc.

    • Neoika on 25/09/2022 - 14:00
      +6

      Always REDEEM them ASAP.

      • Craze on 02/10/2022 - 14:04
        +3

        For those unaware, you can also redeem at WW branded Caltex if they are priced competitively in your area.

    • bobbified on 25/09/2022 - 14:37

      ..>Almost a month back some one redeemed my Woolworths rewards dollars ($40 and $30)

      and

      ….someone spent $80 and $50

      Slightly off topic, but how do you accrue $50 in reward points in "almost a month"? I'm by myself and spend about $200 each week at Woolies. Even with the boosters, etc, I'm lucky to even get $10/month in rewards! haha! It's barely worth the amount of time it takes to pull out my phone and navigate to the app each time!

      • PChinna on 25/09/2022 - 15:19
        +2

        I purchased $1900 ultimate gift cards recently to but iPhone. This added to my existing reward dollars..

        • bobbified on 25/09/2022 - 15:30
          +1

          ah, that makes sense!

    • flagger on 25/09/2022 - 14:45

      Does this problem apply to gift cards stored in everyday pay too?

      • fishandchips on 02/10/2022 - 10:59
        +1

        The platform might be compromised better do not use the everyday pay app. You can imagine if so many people everyday rewards dollars have been hack or stolen, do you think they will take responsible for your gift cards get stolen. I am saying that because they will not admit the problem we are facing they are blaming our account are compromised but not their platform. If they do not fix this loophole soon their entire system will be compromised. My suggestion do not use they Everyday app and do not add any credit card, gift card and any payment method into their Everyday app.

    • capslock on 25/09/2022 - 16:32

      As soon as I earn a $10 reward, I now make sure to spend it within a day or two.

      The scammers must be living the high life. Unlimited free groceries and petrol.

      • kickling on 02/10/2022 - 12:02

        From concensus it is unlimited baby formula, not petrol

        • shaneb on 02/10/2022 - 13:13

          My scammer bought salad ingredients…

          • Gervais fanboy on 02/10/2022 - 13:19
            +2

            @shaneb: Hey, Atleast he’s being healthy and doing something good with your money.

            That’s some indirect good karma for you 👍🏻

    • pinchies on 25/09/2022 - 20:12
      +1

      Personally, I closed my everyday rewards account a few weeks ago, because there has been enough evidence floating around that I believe that they are actively being hacked and not award of it.

      • King Tightarse on 05/10/2022 - 08:53
        +1

        I think they are afraid of the negative publicity. Look at Optus: the hack might eventually make them fail with all the payouts and lost customers

        • Yola on 05/10/2022 - 12:27
          +1

          They must be aware of it, as there have been hundreds of people hacked on here alone and choose to compensate people than fix the system, which seems unbelievable. How much would it cost?

          • capslock on 05/10/2022 - 12:53

            @Yola: If they copy Flybuys thn they'll have to send every member in Australia a new swipe card. There's bound to be heaps of problems as people adjust to the new system.

  • Yola on 05/10/2022 - 12:31

    Just saw a post from WookieMonster about not receiving a fuel voucher after spending over $30 at Woolies. Another issue they are not bothering to fix.

    I also only actually contacted Everyday Rewards to see whether they knew about the issue. They said they knew about the issue and credited me with a fuel voucher anyway.

  • King Tightarse on 08/10/2022 - 10:12

    I have noticed that they seem to have stopped including the points and saved dollars in the spammy emails. This is mildly annoying as it was the easiest way to keep am eye on the balance but I guess it means they are trying something.

    • Yola on 08/10/2022 - 11:11

      Yes, I have noticed that as well.

    • Gervais fanboy on 08/10/2022 - 12:40

      But is not worth just downloading the app and keeping an eye on your savings through that ?

      • King Tightarse on 08/10/2022 - 13:17
        +1

        Yes that would work but I generally avoid shopping apps for privscy reasons

        • DoctorCalculon on 08/10/2022 - 20:35
          +1

          privacy reasons

          You are still being tracked (via analytics) when you interact with their eDMs spam.

    • Neoika on 06/11/2022 - 10:14

      Card number should be partially masked too.

  • Neoika on 06/11/2022 - 10:08

    The App shows "Money off Purchase" when "Save for Xmas" is selected as today. And the rewards can be used from 16 Nov instead of 1 Dec as shown in the App.

    • King Tightarse on 06/11/2022 - 10:32
      +1

      So they have brought forward the Christmas spend to Nov 16th. Lets see what kind of results happen this season

  • Samsungnote10 on 06/11/2022 - 13:19

    https://www.ozbargain.com.au/comment/11903853/redir

    soooooo. this account hasnt been hacked since for a while, my $10 remaining has been safe, I still get fortnighly on average password reset requests

    However, last week, my other account for the first timewas hacked and the $$$ stolen at a VIC woolworths,

    Called up EDR, they went through the usual, "its your fault, change your password" "its your fault change your email"
    they offered to send out a new card with new numbers, I told them that I was waiting for a few promo bonus points to manually credit

    and they said "oh wait until those points have been credited and call us back, then we can transfer the transactions/credits etc to the new car"

    given that the promo was a month ago, and its taking for ever, going to be funny how long the time elapsed since the hack is going to be

    I think it will be put in the "too hard basket" and credit refunded

  • CurlCurl on 12/11/2022 - 22:15
    Merged from Woolworths customers have Everyday Rewards points vanish

    Looks like this type of thing are growing. What next?

    https://www.9news.com.au/national/woolworths-everyday-reward…

    • SnoozeAndLose on 12/11/2022 - 22:18
      +1

      Nothing new, unless a PIN is required to redeem your points and they don't post the points and your full rewards number in your email.

    • macfudd on 12/11/2022 - 22:20
      +1

      Hopefully whats next is a much more secure system for using rewards points.

      • WoodYouLikeSomeCash on 12/11/2022 - 22:25

        Don’t they already have SMS verification for login?

        • macfudd on 12/11/2022 - 22:27

          They don't need to log in. They just generate a valid barcode electronically, scan it at the register and the machine will ask if they want to use the rewards points.

          • wallet72 on 12/11/2022 - 22:40
            -1

            @macfudd: so essentially using self checkout I could try 10 - 15 generated barcodes and no one would stop me and nothing would pop up telling staff I was trying to scam some freebies?

            • macfudd on 12/11/2022 - 22:48
              +1

              @wallet72: That's a brute force way but I suspect they either have a way into the woolworths rewards system that allows them to check balances without going into the store. Or back before 2FA was introduced a bunch of accounts were logged into and they made a list of people who let their balances accumulate.

      • avoidfullprice on 12/11/2022 - 23:00
        +1

        Their Everyday Pay app actually provides an extra layer of authentication, where having just the reward barcodes won’t be enough to access the wallet. It will be nice if they use this in future to access the balance.

    • randomusername2017 on 12/11/2022 - 22:27

      First time I've seen reports of anyone losing bank for Christmas balances…

      • SnoozeAndLose on 12/11/2022 - 22:30

        they can first change it back to normal reward then can be spent.

        • randomusername2017 on 12/11/2022 - 22:36

          2fa required to change redemption…
          Maybe bank for Christmas is not a safe place to stockpile any more…

          • DoctorCalculon on 13/11/2022 - 19:06

            @randomusername2017:

            Maybe bank for Christmas is not a safe place to stockpile any more

            No, it never was. It has been mentioned many times in similar threads. Case in point.
            Whoever is doing this, they know the exact EDR balance, and change to normal spend without 2FA getting in the way.

      • sheebies on 12/11/2022 - 22:45

        It happened to my mum a few years back.

        It’s nothing new, it’s just happening a lot more now.

    • resubaehtgnolhcs on 12/11/2022 - 22:28

      All this hacking is just getting out of hand!

      • jv on 12/11/2022 - 22:52
        -2

        It is how Putin is funding the war in the Ukraine.

    • cnrmlj on 12/11/2022 - 22:42
      +3

      Happened to my wife around this time last year. Someone used her christmas banked points (about $200 worth) to spend at a Woolworths about 20KMs away from us in another part of Sydney that we've never been to. After a bit of argy bargy on the chat she got a new card and the dollars back. 12 months on they haven't fixed their security.

    • uwuwu on 12/11/2022 - 23:34

      Yes this has been happening for a while now

    • Ricky Jones on 13/11/2022 - 02:33
      +4

      Hackers will probably start stealing 10٪ off Monthly shop from those who have it. Have to do my 10% off Monthly shop on the 1st of the Month to stop them.

    • roguescholar on 13/11/2022 - 06:11
      +5

      Happened to me 2 years ago, the hackers actually stole the money when I was on the phone with Woolies support.

      Coles has a better system where you need the physical card swiped at the checkout.

      • Yola on 13/11/2022 - 06:46

        Did Woolies support see that? Did they still say it's your fault?

        • roguescholar on 13/11/2022 - 18:47

          When I was on the phone Support asked me if I just did a transaction in Box Hill in Victoria… I live in NSW.

          They cancelled the card, set up me with a new one and then credited all the points.
          I had been saving for Christmas so I had about $150.

          Nowadays, as soon as $10 appears I use it pretty much immediately.

          • Yola on 13/11/2022 - 19:16

            @roguescholar: Surely, they know people are not doing this, yet the standard line is
            telling them to have strong passwords, including numbers, capital letters, and special characters etc. Basically gaslighting.

      • SBOB on 13/11/2022 - 08:05
        -2

        Coles has a better system where you need the physical card swiped at the checkout.

        ?
        Flybuys points are redeemed with just a barcode scan. Doesn't need a physical card.

        • Neoika on 13/11/2022 - 08:10
          +1

          You only have one membership with an additional financial service. People having multiples know it better than you.

          • SBOB on 13/11/2022 - 08:41

            @Neoika: Feel free to elaborate with more words , as I'm unsure what I'm missing in your response.

            Exactly what card is requiring to be swiped, as flybuys is purely barcode based

        • zonra on 13/11/2022 - 08:57
          +4

          You only need a barcode to earn points.
          But you need a physical card and a pin to use points.

          • kerfuffle on 13/11/2022 - 09:08
            +2

            @zonra: Unless you have a Coles Financial Services product like @SBOB

            • SBOB on 13/11/2022 - 09:18
              +2

              @kerfuffle: Got ya.
              Perhaps when I had Coles home insurance or something

              I just scan the bar code on my phone and I'm sure I've redeemed the 2000pt offer multiple times, but perhaps not since we changed insurance.

              Wife's flybuys but I don't think she even knows the card has a pin number :/
              (Not a professional flybuys points accumulator :) )

              • Jake17 on 13/11/2022 - 14:35
                +1

                @SBOB: whenever i redeem points in store i need to swipe it like a card and use a pin, I don't have the card linked to anything else, only used for points, no credit cards, the only points that can be redeemed from scanning is for promos like the kitchen shit

              • kerfuffle on 13/11/2022 - 19:24

                @SBOB: You set the PIN every time you redeem your points for dollars i.e. you can change it every time you redeem if you want

    • BargainBenno on 13/11/2022 - 07:54

      We lost all our points. What’s more the person paid using a combination of points redemption and their Mastercard. The fact that the Mastercard number is linked to the crime you would think woolies would pass on to the law enforcement but no they have not.

      • capslock on 13/11/2022 - 14:30
        +1

        I wouldn't be surprised if they were using prepaid Mastercards.

        Also there should be CCTV of the thief using the checkouts.

        • Neoika on 13/11/2022 - 14:33
          +2

          Nothing will be done even if the thief redeemed the $EDR at a Woolies serve and had number plate captured.

    • thatonethere on 13/11/2022 - 08:14

      I just use the $10 as they come up - however they could have a week or two to grab it if they were actively scanning for them.

Login or Join to leave a comment
Login Join