Home Money Nectar customers continue to lose thousands of points to scammers – why hasn’t this been fixed? ANGARAD CARRICK

Nectar customers continue to lose thousands of points to scammers – why hasn’t this been fixed? ANGARAD CARRICK

0 comments
Scammers have targeted Nectar cardholders - what is Sainsbury's doing about it?

Supermarkets have increasingly introduced loyalty or membership pricing for essential items, meaning there is now two-tier pricing in most high street stores.

That unfairness aside, we’ve reached a point where most Brits have a loyalty card from at least one major supermarket in their wallet.

As with our debit and credit cards, we expect a certain level of security when we hand over our data.

But sadly some Sainsbury’s customers can’t say the same.

Scammers have targeted Nectar cardholders – what is Sainsbury’s doing about it?

We’ve heard from readers who have had thousands of points stolen by scammers and used at stores across the country.

Unfortunately, this scam is not a new phenomenon.

This Is Money editor Lee Boyce wrote about someone who lost £700 in Nectar points in 2017 and a cursory look at social media suggests the scam dates back to 2011.

Sainsbury’s bought Nectar in 2018, so you can’t put all the blame at their door, but hopefully since the deal they have beefed up security on such a well-known scam.

Unfortunately, that doesn’t seem to be the case.

A reader recently got in touch to tell us she lost over £230 worth of Nectar points at a store miles away from her home.

While the points were initially refunded, Suki was later told that Sainsbury’s investigation team had decided there was no fraudulent activity on the card. She had her refunded points taken away and taken to the police.

Another reader, James, who was defrauded out of almost £400 in Nectar points, tried to do exactly that and was told by Action Fraud that it was “not a police recordable offence”.

Sainsbury’s is pointing its customers in the direction of a police force that does not have the time or, frankly, the interest to investigate and is shirking its responsibility entirely.

So Sainsbury’s is pointing its customers in the direction of a police force that does not have the time or, frankly, the interest to investigate and is shirking its responsibility entirely.

Statistics show that there is not enough time to investigate crimes in physical stores.

According to the British Retail Consortium, only 36 per cent of incidents of violence and abuse were reported to the police by retailers. The main reason cited for not reporting was a lack of expectation that it would make any difference, along with a lack of staff time.

Only 8 percent of reported incidents were prosecuted.

For under-resourced police to spend time on Nectar points fraud is downright ridiculous.

On the other hand, the ins and outs of this fraud are difficult to decipher. There are no instant alerts, no stolen cards or questionable phone calls.

There are several theories online about how scammers manage to replicate barcodes and generate numbers for a card, but it remains a mystery.

When I presented the most recent case to Sainsbury’s, I asked how points were being used without a physical card and what measures had been put in place to protect customers.

Sainsbury’s declined to explain how the fraud was occurring, but said it has measures in place to detect and, in many cases, prevent fraud.

It’s understandable that you don’t want to draw attention to the complexities of this fraud, but your preventative measures don’t seem to be working as effectively as they should.

It said points fraud affected only a “small proportion” of its 18 million customers. But even 0.1 percent of the 18 million Nectar holders are 18,000 people.

If fraud is not so widespread, then it should have better systems in place to protect its millions of customers.

For example, an option to only use it with a physical card or on a device could be useful.

Since the scam has been going on for years, there is a possibility that you don’t know how to stop it. In this case, it is a serious security breach that will mean that its 18 million customers will be at risk.

Sainsbury’s declined to explain how the fraud was occurring, but said it has measures in place to detect and, in many cases, prevent fraud. It’s understandable that you don’t want to draw attention to the complexities of this fraud, but your preventative measures don’t seem to be working as effectively as they should.

I struggle to understand how this could be the case, if not for your clients but for your bottom line.

It looks like Nectar has changed their policy a bit.

When we wrote about the scam in 2017, points reimbursement was slow before we intervened.

Now it seems that when a customer points it out and there are signs of fraudulent activity, they get it wrong much faster.

If this is happening on a large scale, Sainsbury’s must be losing. However, the cost of a security system overhaul could significantly exceed this, so perhaps it is understandable.

Retail experts often refer to something called “shrinkage,” which is the amount they expect to lose through clerical errors or theft. Generally, this represents on average about 2 percent of total sales.

It may be that Nectar card fraud is now being treated as part of this contraction and therefore an integral part of running a large supermarket.

For customers, however, it is not about the points, which are now usually refunded, but about the security of their data.

Ultimately, customers value trust. If other loyalty programs don’t have security issues on such a large scale, why is Nectar so vulnerable?

If Nectar doesn’t increase its security, it could lose the loyal customers it tries to reward, especially in an era where we are forced to use loyalty programs or face higher prices.

How the hell are points spent?

I’ve been covering Nectar points fraud for almost a decade, writes This is Money editor Lee Boyce.

Last week, I logged into my Nectar account for the first time in a long time.

I realized I had been deducted from 4,000 points, spent at Sainsbury’s West Ealing last July.

You can only go back one year on the statement, so I have no idea if any more points have been stolen.

What I can’t understand is: I have the physical card and presumably whoever redeems points would need my details to log into the app and spend them at the checkout.

Surely it’s time Nectar had a switch in its app to say: points can only be spent with the physical card or with a device registered with the correct mobile number.

Perhaps the cost of implementing 2FA or additional security measures is not justifiable.

But, considering we’ve been covering this scam for years, and never heard from readers about points being stolen through other major retailer loyalty programs like Tesco or Boots, it seems incredibly strange that it still persists.

All it does is damage the Sainsbury’s and Nectar’s brand – it doesn’t look good.

PS: There have been times over the past few months when I haven’t had my Nectar in the store. Instead of paying higher prices, I simply take one of the customer service cards, use it to get the discount, and never use it again…

Some links in this article may be affiliate links. If you click on them, we may earn a small commission. That helps us fund This Is Money and keep it free to use. We do not write articles to promote products. We do not allow any commercial relationship to affect our editorial independence.

You may also like