We tend to associate fraud with the for-profit world, in which criminals steal credit cards to illegally buy products and services. However, fraud also affects the nonprofit payment sector — and it usually comes in several varieties.
Donor fraud can happen whenever:
- An organization or individual creates a fictional charity and tricks donors into making contributions.
- A real charity knowingly misrepresents how money will be used. For example, several cancer nonprofits recently bilked donors out of $187 million.
- Hackers break into your financial records or use stolen credit cards to make illegal transactions.
- Fraudsters pose as your organization and dupe donors into making contributions.
Preventing donor fraud in the first two instances is basically beyond your control — there isn’t much you can do. Fortunately, you won’t face any fraudulent losses directly.
However, when criminals pose as donors or as your association, this can negatively impact your organization:
- You might have to cover fraudulent losses out of pocket.
- Donor fraud can also lead to extra penalties (for your organization).
- You waste time and money disputing fraudulent losses, even when you are in the right.
- Donors lose confidence in your security, and by extension, whatever causes you support.
Damage Control When Donor Fraud Strikes
To reduce this damage, you should:
- Contact your payment processor and bank the moment you suspect fraud has occurred.
- Contact the victims so they can take the appropriate steps on their end.
- Immediately send an update to all your members alerting them to the potential breach.
None of this sounds inviting, and it’s not supposed to. This is why you need to employ best practices to reduce donor fraud.
Donor Fraud Prevention: When Criminals Pose As Contributors
To reduce the likelihood of hackers breaking into your system or using stolen credit cards, it’s imperative that you work with a PCI-compliant payment processor that uses advanced security methods such as tokenization and encryption to ensure that all financial data remain safe from prying eyes.
Additionally, a trusted processor will offer fraud management tools to help you screen suspicious activity within your payment environment. These tools allow you to:
- Prevent criminals from testing cards on your account.
- Block transactions from untrustworthy countries.
- Place transactions on hold until they can be manually reviewed.
Donor Fraud Prevention: When Criminals Pose As Your Organization
Some thieves use phishing emails and landing pages that are cleverly designed to look like they belong to your organization. Anyone who makes a contribution on one of these fake pages sends money to the criminal — not you. This con can also happen via telephone.
To prevent these phishing attacks from happening, consider:
- Setting up Google Alerts so you can monitor your online presence. If a fake page goes up, you’ll receive a notification.
- Adding yourself to your newsletter. If a criminal gets hold of your mailing list, you’ll receive a phishing email at the same time as your other members.
- Instructing your members to immediately forward any suspicious emails looking like they came from your organization. With enough lead time, you’ll be able to contact everyone else on the list and limit the damage.
FOR MORE TIPS ON DONOR FRAUD PREVENTION, CHECK OUT THIS ADDITIONAL RESOURCE:
- Upgrade Your Nonprofit Data Security with These 5 Tips – Find out the true cost of a nonprofit data breach, and get actionable tips on improving your nonprofit’s security with this handy resource from our friends at G2 Crowd.