Maximise your Avios, air miles and hotel points

Forums Frequent flyer programs Other frequent flyer schemes Just had 96,000 Nectar points stolen

  • Rich_A 112 posts

    Had an email just now from Nectar, saying that I’d redeemed 96,000 points in Argos in Northampton (I’ve never been to Northampton, I’m a couple of hundred miles away).

    Sure enough, upon logging into my Nectar account, 96,000 are missing and it shows a redemption today.

    Nectar phone line is closed until Monday, but I’ve changed my password and de-linked it from BA Executive Club.

    What would be the fraud mechanism here? Could have found an old key fob somewhere? Award Wallet? No orders appear in my Argos account.

    Rich_A 112 posts

    Well, that was the shortest panic ever!

    I DM’d them on Twitter. They’ve set up a new account/ card number, and reinstated the stolen points. All within an hour of my discovering it.

    Peter K 655 posts

    It seems from previous accounts on here it’s likely it’s an inside job the number of times and the way it happens.

    Rich_A 112 posts

    Yes, a bit of Googling brings up rather a lot of cases. Must be costing them a fortune if they’re not catching it.

    cin3 231 posts

    Same thing happened to me a few days ago with 84,000 points all redeemed in the same day and no warning by app, email or phone.

    Thankfully it seems they are refunding them…

    Skywalker 819 posts

    Same thing happened to P2 – Nectar points redeemed in a store about an hour away.

    Nectar replaced the points very quickly as well.

    Pointsamateur 85 posts

    I’ve just discovered this has happened to my substantial balance. I have 2 factor auth setup for the login, which I thought was enough to prevent unauthorised access. Seems there was a spend to earn points, in Finchley Road, to test their access; I didn’t see that until this morning. And then a huge single transaction to spend all my active balance in Hendon, dated yesterday.
    Have DM’d via Twitter so waiting to see how helpful they are.

    JDB 5,454 posts

    I’ve just discovered this has happened to my substantial balance. I have 2 factor auth setup for the login, which I thought was enough to prevent unauthorised access. Seems there was a spend to earn points, in Finchley Road, to test their access; I didn’t see that until this morning. And then a huge single transaction to spend all my active balance in Hendon, dated yesterday.
    Have DM’d via Twitter so waiting to see how helpful they are.

    It’s been reported here before that Nectar has a fatal flaw as you don’t need to log in to remove all your points; that can conveniently be done by the thief in store without the card owner’s intervention/presence! You may have put 2FA in place, but Nectar has left the gate and the back door open while you just locked the front door. It seems to be a regular occurrence, so they should restore your points.

    Pointsamateur 85 posts

    I’ve just discovered this has happened to my substantial balance. I have 2 factor auth setup for the login, which I thought was enough to prevent unauthorised access. Seems there was a spend to earn points, in Finchley Road, to test their access; I didn’t see that until this morning. And then a huge single transaction to spend all my active balance in Hendon, dated yesterday.
    Have DM’d via Twitter so waiting to see how helpful they are.

    It’s been reported here before that Nectar has a fatal flaw as you don’t need to log in to remove all your points; that can conveniently be done by the thief in store without the card owner’s intervention/presence! You may have put 2FA in place, but Nectar has left the gate and the back door open while you just locked the front door. It seems to be a regular occurrence, so they should restore your points.

    I’ve discovered a number of posts now, about the security issue. Have done the obvious things like change password, and unlink Avios transfer for now. They are replying via Twitter DM so I am hopeful, given the initial posts on this thread. Ironically, I was (stupidly) keeping the points in Nectar in case of any Avios devaluation, having moved 50000 Avios to Nectar ages ago, before the transfer rate changed.

    Pointsamateur 85 posts

    Nectar agent has been very helpful; new card no the way, and once registered, I should see points balance restored, with an additional 2000 for the hassle. So very grateful and relieved. Unlike Rich A, I didn’t get any email to warn me about the redemption.

    Skywalker 819 posts

    https://www.latestdeals.co.uk/chat/warning-nectar-hit-massive-fraud-again

    Your password is not required for the fraud, so bypasses 2FA

    Carlos 758 posts

    Nectar should really up their security all the bad actor needs is a barcode

    NorthernLass 9,118 posts

    Sadly there are always employees who are willing to share these details with friends and family who then have a free splurge. Some Iceland customers have also recently reported that their Bonus Card balances have been mysteriously spent miles away from where they shop, although in that case it’s real money which is being misappropriated.

    Pointsamateur 85 posts

    This issue, combined with the recent poor customer service I have had from Sainsburys energy regarding DD value and manual top up just means I have very little reason to continue shopping regularly at Sainsburys. Will keep my eyes peeled for easy bonus offers like their recent Christmas one, but from now on it’s back to the closer local Asda, with their Asda starts scheme, and only 3% off preloaded card from Perksatwork, rather than 5% sainsburys card.

    Skywalker 819 posts

    I don’t use Nectar in any meaningful way, so my personal preference is to close my account.

    Nectar didn’t send an email or a 2FA to verify, or even an email to acknowledge that I had closed my account.

    Pointsamateur 85 posts

    Having discussed this with friends, trying to explain how it happens, a thought occurs. Naive no doubt, but thought I would ask. For the fraudster to test that it was working, they spent their own money, using my nectar card, so points were added to the account. Once they knew it was working, they hit the big spend.
    Surely they would not be stupid enough to use their own debit / credit card details for the purchase test, otherwise there is a clear trail. So has to be cash purchase, or a stolen card ?
    I saw a few posts which mentioned Hendon sainsburys, where my points were spent; I wonder if it’s a hot-spot ?

    NorthernLass 9,118 posts

    Plenty of people are that stupid! It would be interesting to know how Sainsbury’s is pursuing this in terms of stock they are losing via these “purchases”.

    BBbetter 982 posts

    It would take an article in a major newspaper before they take any action.

    alig4th 322 posts

    When we had this happen to us, the Nectar rep we eventually got through to (after the first three useless ones) seemed completely unfazed by the whole thing, like it’s something they dealt with regularly.

    We also reported to to the police as a case of fraud. But before doing so, we also phoned the Argos and Sainsbury’s branch where the points were used. Both confirmed they had CCTV directly at the tills/counters; I gave them my Nectar card number, they gave me exact timestamps of the transactions, and they said they would burn copies of the video ready to hand over if requested by the police. I told the police this, and even called the shops back and gave them the crime number.

    Needless to say, nothing ever came of it that I’m aware of.

    Tracey 238 posts

    When my points were stolen, they spent £5 cash the day before, no doubt to see the nectar balance, before stealing the total the next day. By buying on the card one day it validates the card to be used for redemptions in that particular store. It was a store I’ve never visited.

    TooPoorToBeHere 293 posts

    We also reported to to the police as a case of fraud. But before doing so, we also phoned the Argos and Sainsbury’s branch where the points were used. Both confirmed they had CCTV directly at the tills/counters; I gave them my Nectar card number, they gave me exact timestamps of the transactions, and they said they would burn copies of the video ready to hand over if requested by the police. I told the police this, and even called the shops back and gave them the crime number.

    Needless to say, nothing ever came of it that I’m aware of.

    Police don’t “do” Fraud. It’s de-facto decriminalised, like smoking weed.

    Carlos 758 posts

    When we had this happen to us, the Nectar rep we eventually got through to (after the first three useless ones) seemed completely unfazed by the whole thing, like it’s something they dealt with regularly.

    We also reported to to the police as a case of fraud. But before doing so, we also phoned the Argos and Sainsbury’s branch where the points were used. Both confirmed they had CCTV directly at the tills/counters; I gave them my Nectar card number, they gave me exact timestamps of the transactions, and they said they would burn copies of the video ready to hand over if requested by the police. I told the police this, and even called the shops back and gave them the crime number.

    Needless to say, nothing ever came of it that I’m aware of.

    Can you not download / request the footage yourself under FOI ?

    NorthernLass 9,118 posts

    @alig4th, @TooPoorToBeHere, the fraud would have been committed against Sainsbury’s, so you wouldn’t necessarily be made aware of any action taken by the police or courts unless you were required as a witness.

    Skywalker 819 posts

    Amateur hour at Nectar:

    I contacted Nectar to enquire as to whether or not my account had actually been closed, since I had received no email confirmation.

    They confirmed it had indeed been closed.

    I asked why I hadn’t received an email or text confirming this. They said no such process exists, and that only Nectar can deactivate accounts after customer verification on the telephone << not true.

    Nectar really couldn’t see the issue here.

    Easy account deactivation + no customer notification = scammer paradise

    points_worrier 334 posts

    Having discussed this with friends, trying to explain how it happens, a thought occurs. Naive no doubt, but thought I would ask. For the fraudster to test that it was working, they spent their own money, using my nectar card, so points were added to the account. Once they knew it was working, they hit the big spend.
    Surely they would not be stupid enough to use their own debit / credit card details for the purchase test, otherwise there is a clear trail. So has to be cash purchase, or a stolen card ?
    I saw a few posts which mentioned Hendon sainsburys, where my points were spent; I wonder if it’s a hot-spot ?

    They weren’t testing it was working. Presumably as security, you are only able to spend nectar points at any Sainsbury’s/Argos where you have recently earned points on spend. They were therefore making a transaction to make sure the store was added to the accounts ‘earning’ stores, so they could spend all your points. The CCTV is only on the self-checkouts. To spend >£25 in points, you need to go to a manned till, which will not capture your face like the self-checkouts do. A baseball cap would probably stop their face being on camera. They knew exactly what they were doing.

  • You must be logged in to reply to this topic.

The UK's biggest frequent flyer website uses cookies, which you can block via your browser settings. Continuing implies your consent to this policy. Our privacy policy is here.