topic Re: Toast Suspicious Rewards Activity questions in Back Office & Team

Toast Suspicious Rewards Activity questions

arios — Mon, 13 Apr 2026 15:11:52 GMT

Hello toast team, we are reviewing rewards activity for our accounts since we received the following suspicious activity mail; after following the instructions of the following link: https://support.toasttab.com/en/article/Taking-Action-Against-Suspicious-Rewards-Activity, we are having trouble finding the transactions/account numbers by filter, I was able to find only one of the accounts by scrolling manually, the other account couldn’t be found, could you please advise on how a fluent process for this analysis would be made?

Also, I previously joined a toast classroom session in order to review this section but did not receive a complete overview of how to analyze this since the person mentioned that this section is relatively new, one of my main questions is how could we evaluate the following:
Why is there other names/accounts linked to one employee in this section? Is this incorrect? How can we know the employee is keeping the awarded points of the real customer, is there a way to easily track this? Since there are no export buttons on this site,

Please let us know how this can be analyzed, I can happily schedule a call with somebody form the toast team to better understand this.

Thank you!

Re: Toast Suspicious Rewards Activity questions

au79teahouse — Tue, 07 Apr 2026 21:48:23 GMT

Did you search by the last four digits of the account number or by the entire account number? I usually just copy and paste the account number listed in the email.

Re: Toast Suspicious Rewards Activity questions

arios — Tue, 07 Apr 2026 22:18:48 GMT

I later on tried using the full number and it did show the account!

Do you have any knowledge and this topic:
"Also, I previously joined a toast classroom session in order to review this section but did not receive a complete overview of how to analyze this since the person mentioned that this section is relatively new, one of my main questions is how could we evaluate the following:
Why is there other names/accounts linked to one employee in this section? Is this incorrect? How can we know the employee is keeping the awarded points of the real customer, is there a way to easily track this? Since there are no export buttons on this site"

Re: Toast Suspicious Rewards Activity questions

au79teahouse — Wed, 08 Apr 2026 02:33:39 GMT

Usually what I do is to look into individual accounts' order history that are flagged by toast.

Things to look for:

1. Account accrues points on a unusual high frequency
2. Name consistency
3. Order paid in cash.

Re: Toast Suspicious Rewards Activity questions

Rob — Wed, 15 Apr 2026 16:26:41 GMT

Thanks for reaching out here! When I was searching for information, below is what I found, but I will also relay this to my team for more information! To answer your question about:
"Why is there other names/accounts linked to one employee in this section? Is this incorrect? How can we know the employee is keeping the awarded points of the real customer, is there a way to easily track this? Since there are no export buttons on this site"

An employee showing multiple linked names/accounts likely means Toast detected multiple loyalty interactions associated with that employee’s activity. That can happen for legitimate reasons, but it can also indicate the employee may be attaching their own or related accounts during checkout. You would need to validate it by reviewing the underlying orders.
For locating the accounts from the suspicious activity email, the most reliable method is to search using the full loyalty account number from the email rather than only the last four digits.
For the employee-linked names/accounts, that section is generally best used as an investigation signal rather than a final determination. In practice, the next step is to open the flagged loyalty account and review its order history for patterns such as unusually frequent point accruals, cash-paid orders, repeated activity under the same employee, and mismatches between the loyalty account details and the expected guest.

At the moment, the review process is still fairly manual. The main way to validate whether an employee may be retaining points intended for a guest is to compare the flagged account’s order history against the employee handling those transactions and look for repeated suspicious patterns over time.

I believe this is the new Loyalty Misuse reporting experience, which should help provide a more structured employee-level view for this type of review.

Re: Toast Suspicious Rewards Activity questions

rcmck — Mon, 13 Apr 2026 03:23:50 GMT

On a side note, this site is public now, your screenshot includes names phone numbers and emails, may want to remove that or edit it out.