Hi everyone,
Not sure if this is an IT or Finance question, but I'll check here first. We've been getting fraudulent donations from one account that uses different credit cards each time with fake addresses, always through our website, and they're using a VPN to use a few different IPs. This has been happening since mid-December, just a few transactions a week. They started out as $1 gifts, so we upped our minimum standalone donation amount to $10. That didn't stop them, so now we're considering putting in a ReCaptcha box on our donation page. I'm pretty sure this is just one person, so ideally we don't want to spend much money trying to stop them.
Has anyone else had this problem, and if so, how did you stop it? We're refunding all of these fraudulent gifts as we find them, but I'm still worried about chargebacks and the ethical implications of allowing someone to do this on our website.
Krystle
We haven't experienced this with any actual transactions, but we did have a lot of fraudulent accounts being created up until recently. We're on TNEW so we looped in the network. They installed bot protection software called Imperva (used to be called Incapsula), free of charge, and the accounts have gone down drastically. Mind you, this was just installed on 12/18, so my data set is pretty small at this point, but that might be another option for you.
How are folks recognizing these "fraudulent accounts"?
Mainly by sight/feel for us, but the pattern seems to be accounts with no ticket history, multiple donations a week, fake addresses, fake names, and a different credit card for every transaction. We get a daily report with donation info and go from there.
For us they used the the same name JOE MAC with every transaction and with multiple $1 donations coming through online it was easy to spot. using the Finance/On Account Tracking report for our daily online donations.