Monitoring for Fraud

From time to time an automated program (a bot) may attack your payment form. This happens when an e-commerce form is available for public use, such as on your web site. The public website leaves the payment form readily accessible to fraudsters looking to test credit card information. This does not mean that hackers are attempting to break into our secure server. Rather, they are testing credit card information they have previously stolen or bought on the black market.

Because fraudulent activity is a possibility, you should periodically monitor your transactions for suspicious activity. When you see such activity, you should:

  • First and foremost, process a credit (refund) for any approved fraudulent transactions.
  • Ensure that reCaptcha is enabled on your donation form.
  • Notify us at support@givedirect.org of the activity so we may block the bot's IP addresses or take other appropriate steps to prevent continued attack.
  • Finally, you may receive a request from a "donor" to refund a portion of a transaction to a different card or to issue a partial refund by check. Don't fall for it -- it's a scam!! We do not have the ability to refund to a different card, but more importantly, this is a key indicator that the card from the original transaction was stolen.

How to Recognize a Fraudulent Transaction

Here's a few tips:

  • Multiple, small, declined transactions in a row then suddenly one that is approved (not from a known donor). Many times you will see the same name repeated on these transactions.

  • Figure 1
  • Multiple transactions under the same name, but different card numbers. Look for the last 4 digits of the card in the detail page.
  • Obvious problems in the address info: street address, inconsistent city/state/country combinations (see the example below).
  • Giberish in one or both name fields.
  • Bogus company name or email address. (These could simply be typographical errors, but if combined with other indicators it should be apparent.)
Figure 2