top of page
Search

Scam Alert: Rewards Points Expiring Ruse

  • TrainMyParent.com
  • Jan 15
  • 4 min read

A hand holding a credit card.
Accumulate those rewards points!

Scammers keep getting sneakier and more creative every day. Here is a rewards points expiring twist on a scam that gets you to give the scammers your credit card information…baby needs new shoes!


How it works: This twist is a scam telling you that your <insert company name here> rewards points are about to expire. Often, the company name is actually one you do business with, like your cable company or mobile telephone provider. For example, if you have a comcast.net email address, it’s an extremely high probability that you are a Comcast subscriber. so you are more likely to believe that you somehow earned rewards points for a nonexistent or real program. Scammers also target mobile phone providers (your phone number prefix highly correlates to your provider, especially if you never kept your number when switching providers.


The scammers also create a fake but cloned website that looks like the actual one, and even shows your point balance (everyone seems to have the same point balance lol) to make it seem legitimate. To redeem your rewards points as cash or a credit to your debit or credit card account, you need to enter your card details and address. Of course, they say the card details didn’t go through, or they don’t take that card, or your bank’s debit card is not in their network, so you then enter a second card’s information. That fails too…maybe you try a third card, or maybe your spider sense starts tingling that this might be a scam. Sure enough, you just gave the scammers at least one card’s information, and it’s time for them to go shopping, or worse.


Why it works: This scam follows the typical scammers’ playbook. First, there is a sense of urgency. If you do not act soon, you will lose your points. That urgency creates a slight panic in you that starts tearing down your defenses.


Second, the scammers build credibility by looking like a company with which you do business. If everything looks real, and you do not look very close at the URL, you might believe that the website does belong to Comcast, T-Mobile, or other large company. After all, other than T-Mobile, who would put all that effort into creating a magenta website?


Third, there is transaction is a nominal one. You are asked to pay a nominal fee of a few dollars, or none at all, so the transaction appears to have little risk and high reward. Unfortunately the reality is nothing but.


What you can do to protect yourself: Think before you click! Is there a rewards program? Why are you receiving this alert only one day before your points expire? Legitimate rewards programs typically give you a month’s notice before your points expire.


Instead of clicking on the link the scammers provide, go directly to the company’s website and navigate from there. If you have expiring points, you will be able to verify that the points are real, or not.


You could also verify the domain name. If the URL looks like it might be legitimate (tmobile-rewards-redemption.com happens to be available at the time of this post’s creation, and can be purchased for the tiny sum of around $10-15), you can go to whois.com and perform a Whois Lookup to see when the domain was purchased. Scam websites often are very young, purchased recently.


If you can avoid it, don’t used a debit card. Ever. The banks probably won’t like this recommendation, but debit cards carry too much risk if they become compromised. Too often we read about victims whose bank account was cleaned out via a stolen debit card, creating a cascade of bounced payments to their real accounts, resulting in even more bounces and fees that take months or years to clean up. On the other hand, by law credit cards offer protection against fraud and theft. If your credit card number is compromised, the fraudulent transactions will be removed, without fees or penalties.


If available, you should use virtual credit card numbers for transactions with unknown our online transactions. Some banks offer these alias numbers that are tied to your account, but have a one-time-use CVV code, rendering them unusable if they become compromised info is captured by scammers.


Man ordering on his phone wiyh a credit card.
Stay safe when shopping online.

Prepare yourself: There are many ways you can minimize the impact of accidental malware infections. These include performing regular backups of your data, keeping your applications and operating systems up-to-date with the latest patches, and surfing safely. You can learn more about how you can protect yourself or your family by enrolling in the Complete Internet Security Basics and Phishing Awareness Course for Parents on TrainMyParent.com


As we say on TrainMyParent.com, scammers keep getting trickier, and usually target those who aren't paying attention. Scams come in many forms, including phishing emails, smishing texts, quishing packages, tech support phone calls....the list keeps growing.


Interested in these posts? Sign up and subscribe to our newsletter!


© 2026, TrainMyParent.com. All Rights Reserved


bottom of page