$14 Million Gift Card Cloning Scam Uncovered in Texas, Three Arrested

Dec 24, 2025

Key Takeaways

  • Three suspects were arrested in Texas for operating a gift card cloning scam that law enforcement estimates netted around $14 million in fraud.

  • Investigators say they stole unactivated gift cards, copied the data, resealed them, and then drained funds once victims loaded money onto them.

  • Hundreds of tampered cards were seized, and authorities warn consumers to inspect gift cards before purchase.

What Happened?

Texas authorities, including the Texas Financial Crimes Intelligence Center (TFCIC), arrested Kristians Petrovskis, Romualds Cubrevics and Normunds Ulevicus in connection with a wide-ranging gift card cloning scheme that investigators estimate involved roughly $14,000,000 in fraudulent activity.

The arrests came as part of a coordinated effort in Dallas County, where officers found over 400 gift cards in the suspects’ possession at the time of their arrest.

How the Scam Worked

According to investigators:

  1. Targeting Gift Cards on Shelves: The suspects allegedly stole unactivated gift cards from retail kiosks and store displays.

  2. Removing and Copying Data: They would carefully open the packaging, record the card number and activation code, and then reseal the packaging to mask tampering.

  3. Waiting for Activation: Once a consumer unknowingly purchased and loaded funds onto a compromised card, the criminals could immediately transfer the value off the card before the buyer could use it.

  4. Repeat and Scale: The suspects told investigators they typically hit around 10 stores per day, seven days a week, operating this scam since May 2025.

This method exploits trust in physical retail purchases, leaving victims with worthless cards after believing they’d bought gift value.

Charges and Custody

The three men are charged with Fraudulent Possession of Gift Cards, a first-degree felony under Texas law.

At the time of reporting:

  • All three are being held in the Dallas County Jail.

  • Bond holds were placed due to suspicion of immigration violations.

Why This Matters?

Gift card fraud — once considered a relatively low-profile crime — has become a serious financial threat to consumers and retailers alike. Around the holiday season, high volumes of gift card purchases make these scams especially damaging.

The Texas Legislature recently tightened laws and penalties concerning gift card tampering to better address this type of fraud, recognizing its growing prevalence.

How to Protect Yourself

Clearphish Recommendations:

Inspect packaging carefully — look for extra glue, cuts, or signs of resealing before buying a gift card.
Buy from inside stores, rather than outdoor kiosks or racks, when possible.
Check card balance immediately after purchase (before gift-giving).
✅ Be wary of deals that seem “too good to be true” — they often are.

Final Thoughts

This case underscores how traditional physical scams have scaled into multi-million-dollar operations using simple tampering and consumer trust. As fraudsters adapt, vigilance — especially during peak shopping seasons — remains essential.

If you’re giving gift cards this holiday season, look twice, inspect thoroughly, and verify balance immediately to avoid becoming a victim of fraud.

Disclaimer: ClearPhish maintains a strict policy of not participating in the theft, distribution, or handling of stolen data or files. The platform does not engage in exfiltration, downloading, hosting, or reposting any illegally obtained information. Any responsibility or legal inquiries regarding the data should be directed solely at the responsible cybercriminals or attackers, as ClearPhish is not involved in these activities. We encourage parties affected by any breach to seek resolution through legal channels directly with the attackers responsible for such incidents.

Latest News

Google and FBI Disrupt NetNut Proxy Botnet, Cutting Off 2 Million Infected Android Devices

Google and FBI Disrupt NetNut Proxy Botnet, Cutting Off 2 Million Infected Android Devices

Google and FBI Disrupt NetNut Proxy Botnet, Cutting Off 2 Million Infected Android Devices

Google and FBI Disrupt NetNut Proxy Botnet, Cutting Off 2 Million Infected Android Devices

Google and FBI Disrupt NetNut Proxy Botnet, Cutting Off 2 Million Infected Android Devices

Jul 6, 2026

Cisco SD-WAN Zero-Day Under Active Attack: How Hackers Achieved Root Access

Cisco SD-WAN Zero-Day Under Active Attack: How Hackers Achieved Root Access

Cisco SD-WAN Zero-Day Under Active Attack: How Hackers Achieved Root Access

Cisco SD-WAN Zero-Day Under Active Attack: How Hackers Achieved Root Access

Cisco SD-WAN Zero-Day Under Active Attack: How Hackers Achieved Root Access

Jun 26, 2026

Klue OAuth Breach Expands as Icarus Hackers Claim Salesforce Data Theft

Klue OAuth Breach Expands as Icarus Hackers Claim Salesforce Data Theft

Klue OAuth Breach Expands as Icarus Hackers Claim Salesforce Data Theft

Klue OAuth Breach Expands as Icarus Hackers Claim Salesforce Data Theft

Klue OAuth Breach Expands as Icarus Hackers Claim Salesforce Data Theft

Jun 23, 2026

Rokarolla Android Banking Trojan Targets 217 Banking and Crypto Apps

Rokarolla Android Banking Trojan Targets 217 Banking and Crypto Apps

Rokarolla Android Banking Trojan Targets 217 Banking and Crypto Apps

Rokarolla Android Banking Trojan Targets 217 Banking and Crypto Apps

Rokarolla Android Banking Trojan Targets 217 Banking and Crypto Apps

Jun 17, 2026

Microsoft June 2026 Patch Tuesday Fixes 200 Vulnerabilities and 3 Zero-Days

Microsoft June 2026 Patch Tuesday Fixes 200 Vulnerabilities and 3 Zero-Days

Microsoft June 2026 Patch Tuesday Fixes 200 Vulnerabilities and 3 Zero-Days

Microsoft June 2026 Patch Tuesday Fixes 200 Vulnerabilities and 3 Zero-Days

Microsoft June 2026 Patch Tuesday Fixes 200 Vulnerabilities and 3 Zero-Days

Jun 10, 2026

ChatGPT Share Links Abused to Deliver Malware Through Fake OpenAI Outage Pages

ChatGPT Share Links Abused to Deliver Malware Through Fake OpenAI Outage Pages

ChatGPT Share Links Abused to Deliver Malware Through Fake OpenAI Outage Pages

ChatGPT Share Links Abused to Deliver Malware Through Fake OpenAI Outage Pages

Jun 3, 2026

Get updates in your inbox directly

You are now subscribed.

Get updates in your inbox directly

You are now subscribed.

Get updates in your

inbox directly

You are now subscribed.

Get updates in your inbox directly

You are now subscribed.

Enable your employees as first line of defense and expand your digital footprints without any fear.

Enable your employees as first line of defense and expand your digital footprints without any fear.

Enable your employees as first line of defense and expand your digital footprints without any fear.

Enable your employees as first line of defense and expand your digital footprints without any fear.