David Duggan* was an enthusiastic user of the Claude chatbot, paying $20 a month for a subscription he found useful for medical questions and household organisation. But his confidence was shattered when his wife noticed two $200 payments on his credit card bill — charges for gift cards to use the AI tool that he had never authorised. A third identical payment was attempted but blocked because it required confirmation.
“My wife asked me: ‘Hey, did you make these $200 purchases?’ It was $400 in total. And then there was a third one, but that needed a confirmation and did not go through,” Duggan recalled. He lives on the east coast of the United States.
When he contacted Anthropic, the company behind the Claude family of AI models, his account was immediately suspended. Yet the automated, computer-generated responses he received offered no explanation for what had happened, leaving him in the dark.
Duggan began searching online for others in the same situation and found a trail of complaints on the forum Reddit. One user reported ten unauthorised payments of £18 each. Another said they had been charged €216 (£186) three times. Two separate users were each charged €225 out of the blue. In a further case, a victim was billed £720 for “Claude Pro Max 20x plan” gifts — gift cards that fraudsters had directed to unknown “trashmail” email addresses, a technique designed to convert stolen credit card details into untraceable digital currency.
What made the experience particularly alarming for Duggan was that the genuine gift vouchers were sent to his personal email. That led him to suspect his email account had also been compromised, giving fraudsters access to the vouchers and potentially exposing him to further scams. After the incident, he changed his credit card details online, which prevented two more attempted payments from going through. He is now working with his bank to recover the lost money.
How the fraud works
The fraudulent charges appear on bank statements as payments to Anthropic. One Reddit user showed an email with the subject line “You’ve received a gift!” and a message stating that a subscription to Claude had been sent to them, complete with a link to redeem the gift. In the cases reported, fraudsters appear to have exploited saved payment details on users’ accounts to buy gift card subscriptions, often routing the vouchers to email addresses the victims did not recognise.
Security researchers have warned that this method allows criminals to turn stolen card information into anonymous digital assets that are hard to trace. Victims have found that simply updating their payment details on the platform can halt further unauthorised transactions.
Anthropic’s response
Anthropic has said it is putting new protections in place to prevent fraudulent gift card purchases. When scam purchases are identified, the company says it cancels the subscriptions and issues refunds. It has promised to refund any charges that have not already been reversed, and advises users to contact its support team if they spot an unrecognised payment. The company also recommends cancelling the affected bank card, requesting a new one, and changing login details on the site.
However, some users have reported difficulties with Anthropic’s customer support, including being ignored or receiving unhelpful automated responses. The company has stressed that there is no evidence that compromised card details originated from its own systems.
If you notice a payment you did not authorise, you should contact your bank or credit card firm to make a chargeback claim and report suspected fraud immediately so your card can be blocked and your account secured. In the UK, victims of cybercrime and fraud can also report incidents to Report Fraud (formerly Action Fraud) or The Cyber Helpline.
Broader security and performance concerns
The gift card fraud is only one element of a wider pattern of security issues surrounding Claude AI. Security researchers have identified vulnerabilities in Claude Code that could allow remote code execution and the theft of API credentials — flaws that exploit configuration mechanisms and can be triggered when users clone untrusted repositories. Separately, the complete source code for Claude Code was accidentally leaked due to “human error.”
Researchers have also demonstrated how Claude’s Code Interpreter tool can be manipulated through indirect prompt injection to steal sensitive user data, including chat histories. Anthropic itself has reported instances of cybercriminals abusing Claude to automate extortion operations, fraudulent employment schemes, ransomware development, and credit card fraud. Nation-state hackers have reportedly used the AI to bypass guardrails and scale phishing attacks against numerous organisations. Phishing campaigns impersonating Anthropic have been intercepted, using Claude branding to trick recipients into handing over credit card details by claiming subscription payment issues.
Beyond security, a significant number of users have complained about a decline in Claude’s performance — the AI failing to follow instructions, making more mistakes, and showing inconsistent behaviour. This has led some to cancel their subscriptions.
The UK picture
The use of AI in fraud is a growing concern in the UK. Surveys show that seven in ten people (72%) believe AI makes scam attempts more convincing, and 56% think it makes them harder to detect. In 2025, the UK recorded a record number of fraud reports, with AI-fuelled scams contributing to large-scale deception on an “industrialised” level. The Competition and Markets Authority has issued guidance warning that AI agents must adhere to consumer protection laws, and that businesses remain legally responsible for the actions of their AI. The Consumer Rights Act 2015 may also apply to errors made by AI, though remedies may be inadequate for high-value or irreversible transactions.
Claude pricing ranges from a free tier for casual users to a $20-a-month (£16) Pro subscription, with Max plans costing between $100 (around £80) and $200 (around £160) per month for higher usage limits.
* Name has been changed
