Attention Rewe customers! Cybercriminals are targeting the credit of Rewe bonus participants. Anyone who receives Rewe email should react quickly.
At the beginning of the year, Rewe started his own bonus program. Since then, Rewe customers have been able to purchase a bonus in euros when buying certain items. There are ten or 20 cents for some items, one euro or more for others. Several hundred changing articles are said to be linked to coupons.
The collected credit can be redeemed when shopping. Fraudsters now take advantage of the “collecting together” function of the app, which is actually intended for shared apartments and families to collect points together.
The online portal “Heise.de” first reported on the case. FOCUS Online are already known at least ten cases.
The process is always the same: hackers gain unauthorized access, transfer the credit to their own account and resolve it in Rewe branches in voucher cards or Paysafecards. There is considerable financial damage for those affected.
This is how the stitch runs – and so you can protect yourself
The attack is usually done at lightning speed.
With stolen access data, the fraudsters log into their victim's account and link their own account through the “collecting together” function. Shortly afterwards, the victim receives an email with the information that another person has been added and the points account is now brought together.
Within five to ten minutes, the perpetrators have the collected points out in a REWE branch – often in the form of difficult to follow voucher cards.
In most cases, the victims only noticed the fraud when their entire point has already disappeared. At that time, many of them did not even stay in the city where the payment took place.
FOCUS online: Change your passwords immediately and select safe, difficult -to -use combinations. In addition, two-factor authentication should use. A code is sent, only you can then log into the REWE bonus world.
That says Rewe about the attack
The problem? The fraudsters do not use security gaps, but use data from those affected that are traded in the Darkweb, also explains Rewe's corporate communication.
It is possible that e-mail addresses and passwords of those affected are already circulating on the Darknet. With these hijacked data, the perpetrators invite themselves to the affected accounts, thus gain access to the bonus points and steal the credit.
The following pages help to see whether your email is circulating on the Darknet:
