• Welcome to the FREE TUGBBS forums! The absolute best place for owners to get help and advice about their timeshares for more than 32 years!

    Join Tens of Thousands of other owners just like you here to get any and all Timeshare questions answered 24 hours a day!
  • TUG started 32 years ago in October 1993 as a group of regular Timeshare owners just like you!

    Read about our 32nd anniversary: Happy 32nd Birthday TUG!
  • TUG has a YouTube Channel to produce weekly short informative videos on popular Timeshare topics!

    All subscribers auto-entered to win all free TUG membership giveaways!

    Visit TUG on Youtube!
  • TUG has now saved timeshare owners more than $24,000,000 dollars just by finding us in time to rescind a new Timeshare purchase! A truly incredible milestone!

    Read more here: TUG saves owners more than $24 Million dollars
  • Wish you could meet up with other TUG members? Well look no further as this annual event has been going on for years in Orlando! How to Attend the TUG January Get-Together!
  • Now through the end of the year you can join or renew your TUG membership at the lowest price ever offered! Learn More!
  • Sign up to get the TUG Newsletter for free!

    Tens of thousands of subscribing owners! A weekly recap of the best Timeshare resort reviews and the most popular topics discussed by owners!
  • Our official "end my sales presentation early" T-shirts are available again! Also come with the option for a free membership extension with purchase to offset the cost!

    All T-shirt options here!
  • A few of the most common links here on the forums for newbies and guests!

Bonvoy 20% Gift Card Promo (targeted)

okwiater said:
I would HIGHLY, HIGHLY discourage you from purchasing these gift cards unless you have a specific, IMMEDIATE need and ability to spend them. Marriott's gift card vendor employs terrible security practices and will allow third parties to brute-force guess the PINs on these cards, at which point the thieves sell your gift card and it can be redeemed by someone else with no recourse for you. I got suckered in during a similar promo Marriott offered at the beginning of COVID and had $2K worth of funds stolen, even though I "treated the gift card like cash" and shared the info with no one except their own website, per their instructions. They opened a case but otherwise did nothing else to help me.
Click to expand...

Yuck. Did you discuss with your bank and attempt to dispute the charge? I’m really not sure what they would say in this scenario.


Sent from my iPad using Tapatalk
 
Ken555 said:
Yuck. Did you discuss with your bank and attempt to dispute the charge? I’m really not sure what they would say in this scenario.


Sent from my iPad using Tapatalk
Click to expand...
I found this related story from earlier this year. Still slim on details about how the perpetrators obtained the gift card numbers in order to brute force obtain the PINs. I notice that the balance inquiry page also uses reCAPTCHA, but there are flaws in that too.
www.wmar2news.com

Thousands in Marriott gift certificates used before traveler could redeem them

A Marriott customer recently discovered her $2,500 in Marriott gift certificates had already been used by someone else.
www.wmar2news.com www.wmar2news.com

This has me rather concerned about buying some. We wouldn't be using them until fal 2024. The article suggests checking and rechecking the balance regularly, but how does that help if someone steals the information?
 
dioxide45 said:
I found this related story from earlier this year. Still slim on details about how the perpetrators obtained the gift card numbers in order to brute force obtain the PINs. I notice that the balance inquiry page also uses reCAPTCHA, but there are flaws in that too.
www.wmar2news.com

Thousands in Marriott gift certificates used before traveler could redeem them

A Marriott customer recently discovered her $2,500 in Marriott gift certificates had already been used by someone else.
www.wmar2news.com www.wmar2news.com

This has me rather concerned about buying some. We wouldn't be using them until fal 2024. The article suggests checking and rechecking the balance regularly, but how does that help if someone steals the information?
Click to expand...
It doesn’t help. I discovered my balances drained within weeks of it happening and it didn’t matter.
 
okwiater said:
It doesn’t help. I discovered my balances drained within weeks of it happening and it didn’t matter.
Click to expand...
Yeah, we've decided to not buy the not buy the gift cards. We have 10 months till we will use them. Checking them regularity won't stop someone from draining them, it will just mean you find the problem sooner.
 
dioxide45 said:
Yeah, we've decided to not buy the not buy the gift cards. We have 10 months till we will use them. Checking them regularity won't stop someone from draining them, it will just mean you find the problem sooner.
Click to expand...
Just as a counterpoint, I bought $2000 worth of Marriott gift card during the pandemic (I think it was 25% or 30% discounted) and still have something like $600 left, three years later, and nobody has stolen it. I think they would need both the card number and PIN, and I wonder if the theft victims somehow lost control of that information.
 
daviator said:
Just as a counterpoint, I bought $2000 worth of Marriott gift card during the pandemic (I think it was 25% or 30% discounted) and still have something like $600 left, three years later, and nobody has stolen it. I think they would need both the card number and PIN, and I wonder if the theft victims somehow lost control of that information.
Click to expand...
I didn’t lose control of them. The thieves use a brute force attack against the gift card balance checking system to guess the PIN. Unluckiness certainly has something to do with it, but just because the thieves don’t steal every gift card doesn’t mean they don’t steal many of them. Read the article posted earlier in the thread, it’s a well documented issue.
 
okwiater said:
I didn’t lose control of them. The thieves use a brute force attack against the gift card balance checking system to guess the PIN. Unluckiness certainly has something to do with it, but just because the thieves don’t steal every gift card doesn’t mean they don’t steal many of them. Read the article posted earlier in the thread, it’s a well documented issue.
Click to expand...
The question I have is, how did they obtain the gift card number? You need that before you can attempt to brute force the PIN.
 
@okwiater I am sorry to hear your story. This is one of my biggest fears with all gift cards. I would be very upset.

I do not have a need until mid 2025 so based on your story and the article decided to hold off and only try a nominal amount if the promotion returns. Besides, with interest rates at 5% it doesn't make sense to lock up cash unless you have an immediate need.
 
Last edited:
I bought $1000 of the gift cards during the COVID pandemic 20% discount offer and I still have $400 of them. I had used $600 of them without having issues. I doubt I will buy anymore even if I receive the discount offer now. We are definitely using them slower than anticipated. We also just got another $200 in gift card from an owners update at WKV a couple of weeks ago.
 
dioxide45 said:
The question I have is, how did they obtain the gift card number? You need that before you can attempt to brute force the PIN.
Click to expand...
I assume the gift card numbers are fairly predictable. It doesn’t take long to brute force a 4-digit PIN against thousands of potential gift card numbers. I suppose it’s also possible Marriott’s GC vendor got hacked. But given the deplorable state of Marriott’s IT—whether for booking my timeshare or just simply getting my Bonvoy points credited properly for unremarkable hotel stays—nothing would surprise me.
 
You must log in or register to reply here.
Top