Giving to Charity? Don’t Donate Your Data to Fraudsters

As a drumbeat of data breaches becomes the new reality — 42% of organizations breached in 2017 were breached in the past — it’s easy for consumers to throw up their hands and brace themselves for becoming a victim of identity theft or other financial crime.

However, there’s an obvious step you can take to protect your personal information: Don’t give it away to fraudsters. That sounds like a “brief glimpse of the obvious,” but fraudulent organizations often pose as good ones, tricking consumers.

For example: in the wake of Hurricane Harvey, the IRS issued a warning about fake charities, which had sprung up like mushrooms. The IRS advised:

Criminals often send emails that steer recipients to bogus websites that appear to be affiliated with legitimate charitable causes. These sites frequently mimic the sites of, or use names similar to, legitimate charities, or claim to be affiliated with legitimate charities in order to persuade people to send money or provide personal financial information that can be used to steal identities or financial resources.

The IRS’s warning illustrates the dangers of charity fraud. The big question, then: How can you dodge charity fraud, when there are so many ways for criminals to get ahold of your personal information?

Four Steps to Protect Yourself from Charity Fraud

In the age of data breaches, self-broadcasting of personal information, and ever more-sophisticated fraudsters, here are four steps you can take to protect yourself:

1. Be diligent and vigilant about who you’re giving your personal information and credentials to. Be very careful before donating to a new charity; to do so, you typically need to create an account. If those details get compromised, you’re a potential victim for account takeover. Make sure you’re not revealing personal information that can be used in this way to a charity that you’re not absolutely sure is legitimate.
2. Check yourself before you wreck yourself. Keep track of your transactions, which is easier than ever with mobile banking apps that send you notifications and alerts. Get the app that works best for you (from your bank or a third-party app such as Mint), sign up for these features and monitor your transactions on regular basis. If your bank or other card provider offers a card freeze feature, you can use that, too, if you think that your personal information have gotten into the wrong hands.
3. Donate where you work. Many companies will match employee charitable contributions. By donating through this program, you can avoid putting out your personal information on the internet.
4. Make the donation through a trusted third party. Many charitable organizations now accept payments via PayPal and other popular payment apps. If you still want to donate directly, you can use a trusted payment app to do so.

Just like practicing “safe software” on your mobile phone, it makes good sense to cultivate your “payment hygiene,” as it will serve you well beyond charity fraud. As the international banking community becomes more open, with standards like PSD2 in Europe and other developments, we will need to be even more vigilant in the future, since more organizations will have the ability to take funds out of your account.

Stay charitable, stay safe and follow me on Twitter @FraudBird.