The leading experts in campus-wide payment solutions to independent schools.

Blog

When You Suspect Fraud on Your School’s Online Giving Account

It’s the busiest time of year for your school’s giving campaign but it’s also the period when we occasionally see fraud attempts in the online giving accounts at our client schools. What should you do if you suspect fraud and how can you increase your guard?

Credit card fraud has a few telltale signs which usually makes it easily recognizable. Spelling and grammatical errors are common. In addition, the payer will often have an unusual snail or email address, unverifiable phone number and will usually ask for the funds to be wired, mailed or refunded to a different card.

In addition, fraudsters will most often make more than one attempt with various cards. They may also try to play on people’s emotions, such as in one of the examples below.

If you suspect that there has been an attempt at fraud on your online giving account, we recommend you do the following:

  1. Notify Diamond Mind immediately. Diamond Mind will contact our processor to report the situation.
  2. Refund only the original card. No refunds should ever be processed to unknown parties through any means other than a refund to the original card used for payment.
  3. Consider adding fraud protection through NMI’s iSpy or Authorize.net’s Fraud Detection Suite.
  4. Contact your web application form provider, if it is not Diamond Mind, to ask them if it’s possible to block the IP address or add a Captcha (Completely Automated Public Turing test to tell Computers and Humans Apart) to the payment screen. While Captcha will not prevent a fraud attempt that has been keyed in by a person, it will prevent auto-pummeling of your online payment page with a long list of stolen cc numbers.

We also recommend these two steps to avoid fraud:

1. Check transaction reports regularly and/or turn on transaction receipts through your gateway.

2. Add address or card verification requirements through your webpage.

Please do not hesitate to call your Diamond Mind account manager if you have any concerns about an unusual communication regarding your payment accounts.

And please note these two examples of fraud attempts on independent school accounts:

Example 1:

Apology for the delayed in response. Yes! I made a gift donation Fund, but unfortunately there was an error on the gift,the intended gift is for $200 not $2200.I would have getting back to you earlier but I couldn’t because I recently lost my husband to complication during surgery, He was hit by bullet while we were robbed in our home in Illinois, and this have caused a devastating effect on my psychic as I’m seriously preparing for the funeral. I tried reaching you via the phone number listed below but you weren’t available.

Again! Secondly! All my account including the old card which i use for donation is no longer valid for transaction, the card account has been discarded and closed permanently because my old card was a gift card.it is inactive due to deactivation as it was also stolen by the robbers.
kindly make $200 gift donation Fund and I provide you with my Black Gold Corporate Business Card for the reimbursement of $2000.

My new contact information is:

Card Holder’s Name:Charlotte Murray
Type Of Card: Visa Card
Credit Card Number:XXXX-XXXX-XXXX-3772
Expiration Date: 07/16
CVV: 2XX

OR YOU CAN SEND ME WESTERN UNION MONEY TRANSFER OR MONEYGRAM.
Kindly let me know how we may proceed and Do get back to me asap and keep me in the loop

Kind Regards
Charlotte Murray
9176753288


Example 2:

Greetings

My Name is Williams Paul, i got to know about about your Organization through a friend who have already make donation to this Organization once.

i was moved by my friend, So i make donation to this organization but I m really very sorry to tell you that my intended donation was just

$200.00 and not 2200.00.

Please i will be very appreciate to your Organization to issue a refund credit for $2000.00 to my Visa card Account Number list below

Visa Card : 4120xxxxxxxx0381

Expiry Date: 02/2017,  on my authorization.

Do not hesitate to contact me if you have any question, and also forward to me a copy of the refund receipt.

Thanks for your cooperation,
Williams Paul