Search This Blog

Sunday, May 8, 2016

My AMEX Membership Rewards account got hacked!

So I woke up this morning and was checking my email when I noticed that I received an email from American Express Membership Rewards with a receipt for a $50 iTunes gift card. At first I thought this must be some sort of phishing scam although the email did look rather legit and was also actually from americanexpress@membershiprewards.americanexpress.com so that had me a little worried.


A copy of the email I received this morning from American Express
I clicked on "view your order status" link and logged into my American Express account and sure enough I had 2 eGift cards for iTunes sitting in my account that were purchased sometime this morning using my Membership Rewards points.

Screenshot of my recent Membership Rewards activity
As I've mentioned before, gift cards and really any type of shopping with points usually represent a horrible way to redeem points since you are getting around 1 cent per point in value or less and this is something I would never do. Not to mention I don't even make charges with my iTunes account so if I were to waste points on a gift card it would have definitely been for something else. I immediately called AMEX customer service who told me that I was not alone and that several people had called with similar complaints this weekend and they were looking into the situation. Luckily they were able to replace my credit card, change all my security questions/passwords, and most importantly refund my points to my account so in the end everything worked out but it did waste a lot of my afternoon.

Bottom Line


I'm not sure how or even why someone would purchase eGift cards with my Membership Rewards points and how they were planning to access them unless they somehow had my password. Luckily, American Express was able to rectify the situation quickly and efficiently which is one reason I love their customer service. This just goes to show that you should be regularly checking your accounts for unusual activity and report is as soon as possible. Most companies have a policy in place that will not hold you liable for any fraudulent charges.

No comments:

Post a Comment