ORGANIZATION WEB SITE “DONATION” BUTTONS GET “HIT” WITH MULTIPLE FRAUDULENT CREDIT CARD DONATIONS
BBB Gets Reports from Missoula, MT charity and Spokane Valley Chamber
In the past month, BBB has heard from two separate organizations regarding questionable activity taking place at the DONATE TO THE FOUNDATION and DONATION sections of their web sites. One report came from the Spokane Valley Chamber, and the other came from a charity in Missoula, MT.
In a short period of time, both groups saw a sudden spike in multiple donation posts via credit card coming from out of country. One group was notified by its credit card payment processing company about the unusual activity and shut their portal down until they could find answers. Another saw the activity and merely disabled the pages at their site until they could figure out what was up.
1) Unusual activity taking place at a certain section of a web site, namely a “donate” page
2) Unusual volume of activity (spurt of donations at once)
3) Donations coming from out of country (Vanuatu and Singapore)
4) Unusual donation amounts posted (anywhere from .15 cents to $5.00)
5) Donations posted using a variety of different names using the same addresses, and all using gmail or yahoo generic email accounts.
WHAT’S UP HERE
The Spokane Valley Chamber’s credit card processing company relayed to them that their web site was missing an “added security feature” that blocks such activity from occurring. Once the added feature was put into place (which didn’t take long), the hits ceased.
BBB NOTE: This particular activity did not put the rest of these two groups' sites at risk of being compromised, and was specific to the donation pages. No personal data was compromised.
Scammers are conducting their own form of phishing that uses the activation of a fake or stolen credit card at vulnerable web site pages void of a particular security feature. They are randomly finding and targeting web sites such as the ones mentioned above to see if the sites will “take a credit card.” Once they find that the fields at the donation page will take a credit card, they enter an amount to “donate,” thus activate the stolen or fake credit card to use to max it out. Seems they are, in particular, targeting “donation” pages that don’t have this feature.
If organizations and businesses see any questionable activity via their web site, we urge them to be pro-active ASAP and do the following:
1) Don’t panic. Contact your IT and web designer ASAP for immediate advice. The experts may require shutting down your portal or pages at your web site until they have a) figured out what the extent of the problem is and have b) more fully secured your site.
2) Alert your bank where your account is secured about the situation.
3) Alert your credit card merchant who maintains your online account if they haven’t already alerted you.
4) File a police report about suspicious activity to begin a paper trail in case other issues arise as a result of the incident.
5) Contact media and share your story to warn others.
6) Have a complete security scan/review done of your web site. IT is well worth the funds to secure your data and site.
7) For more information concerning system security, go to: http://www.bbb.org/data-security/