The Office for Civil Rights (OCR) recently reported that scammers were fraudulently collecting sensitive information and stealing donations by creating and using fake social media platforms, such as Facebook, Twitter, charity websites, and phishing emails.
According to OCR, these fake websites will usually do one of these two things:
- Ask for a credit card number to steal the donation; or
- Infect your electronic device with malicious software that can extract sensitive information (passwords, usernames, or account numbers) that is subsequently used to commit fraud.
In the past, scammers have used natural disasters to take advance of charitable individuals using fake websites. In 2012, a fraudulent charity calling itself the "Hurricane Sandy Relief Effort" raised $600k that was used by thieves to pay off their own credit card debt and not towards the storm victims that the donations were intended for.
This year, between the destruction of wildfires and the current hurricane season, it's a good time to revisit the tips for preventing a social media scam.
OCR offered the following tips if you'd like to help:
- To make a legitimate donation, go to the charity's official website to make the donation. Type the address in your browser or use a bookmark to ensure you don't go to a fraudulent website by mistake.
- Be sure to verify the existence and legitimacy of non-profit organizations by using Internet-based resources.
- Most legitimate charities maintain websites ending in ".org" rather than ".com".
- Do not respond to any unsolicited incoming e-mails or text messages, by clicking links or downloading files contained within those messages, because those links or files may contain viruses or other malicious software (including ransomware) that could steal your personal information and/or harm your computer or other electronic devices.
- Be cautious of organizations with copycat names similar to but not exactly the same as those of reputable charities.
- Do not be pressured into making contributions; reputable charities do not use coercive tactics.
- Legitimate charities do not normally solicit donations via money transfer services.
To combat the threat of this type of scam:
- Hang up the phone if you are suspicious of the caller.
- Never allow remote access to your computer unless such access is known to be legitimate, and the requestor's authenticity can be verified (e.g., calling your IT Help Desk to verify the identity of IT support personnel requesting remote access to perform maintenance).
- Do not trust unsolicited phone calls, emails, or texts.
- Be suspicious of requests for personal information over telephone, email, or text.
- Do not download unknown software or purchase unsolicited online services.
- Verify the identity of the caller directly with CE or BA officials, or with the company, the caller claims to represent.
- Record the caller's information if you suspect a scam and report it in accordance with your organization's policies.
Avoid any charity or fundraiser that:
- Refuses to provide detailed information about its identity, mission, costs, and how the donation will be used.
- Won't provide proof that a contribution is tax-deductible.
- "Thanks" you for a pledge you don't remember making.
- Guarantees sweepstakes winnings in exchange for a contribution. By law, you never have to give a donation to be eligible to win sweepstakes.
If you have any questions, please feel free to reach us by phone toll-free at 855-427-0427 or send us an email at firstname.lastname@example.org.