Hi everyone,
Not sure if this is an IT or Finance question, but I'll check here first. We've been getting fraudulent donations from one account that uses different credit cards each time with fake addresses, always through our website, and they're using a VPN to use a few different IPs. This has been happening since mid-December, just a few transactions a week. They started out as $1 gifts, so we upped our minimum standalone donation amount to $10. That didn't stop them, so now we're considering putting in a ReCaptcha box on our donation page. I'm pretty sure this is just one person, so ideally we don't want to spend much money trying to stop them.
Has anyone else had this problem, and if so, how did you stop it? We're refunding all of these fraudulent gifts as we find them, but I'm still worried about chargebacks and the ethical implications of allowing someone to do this on our website.
Krystle
We haven't experienced this with any actual transactions, but we did have a lot of fraudulent accounts being created up until recently. We're on TNEW so we looped in the network. They installed bot protection software called Imperva (used to be called Incapsula), free of charge, and the accounts have gone down drastically. Mind you, this was just installed on 12/18, so my data set is pretty small at this point, but that might be another option for you.
I can second the installation of Incapsula (Imperva) helping to decrease the number of fradulent accounts being created as the same thing happened with our organization. (Did not know the name had changed.)
Do we know if the installation of Imperva/Incapsula is now standard for T-New Users? Or is this done on a case by case basis?
How are folks recognizing these "fraudulent accounts"?
No idea as to whether or not it is now standard. I certainly had to ask for it when we installed it, but that was well over a year ago now. As for the fraudulent accounts, those have been indenfitied mostly by sight/feel when the Box Office does its daily new account clean-up sweep.
Mainly by sight/feel for us, but the pattern seems to be accounts with no ticket history, multiple donations a week, fake addresses, fake names, and a different credit card for every transaction. We get a daily report with donation info and go from there.
Hi Both, Incapsula (A web application firewall or WAF for those of you not familiar) is not yet standard for TNEW but will be with the move to AWS later in 2020. John, if you requested this at the time of TNEW go-live then you would have it in place already, but should be able to check that with a support ticket to verify. We install i case-by-base for members who request it right now.
Thanks,
Chris
For us they used the the same name JOE MAC with every transaction and with multiple $1 donations coming through online it was easy to spot. using the Finance/On Account Tracking report for our daily online donations.
Sorry if my response was unclear, but I am not in doubt. I asked, and it was installed. I was merely trying to clarify to Tom that I did indeed have to ask for it. But it sounds like you are headed in the direction of standardization on it as it is, so this should eventually be a moot point.
We had some questionable names/email addresses come up in our merge constituents screen. The bulk of them with an @mail.ru email and our mailing address. I did a search of @mail.ru email accounts in SSMS and found a bunch of them that way.