3 Fraud Prevention Strategies for Non-Profits.

In a report published by the Canadian Anti-Fraud Centre (CAFC) received 70,878 reports, of which over half involved mass marketing fraud. The CAFC received an additional 19,560 reports from victims of ID fraud. How much did this fraud cost Canadians? An astonishing $530 million?in victim losses. But this is just the tip of iceberg, as the CAFC estimates that only 5 to 10 per cent of people report fraud.

In honor of the Fraud Prevention Month theme (Tricks of the trade: What’s in a fraudster’s toolbox? What’s in yours?), in this blog we share 4 fraudster strategies to watch out for, to keep your non-profit’s data (and your members’ and donor’s data) safe and secure

“The top three most reported types of fraud this past year were phishing, extortion and personal information scams, all frauds designed to get you to pay or give away sensitive information like your SIN #, passwords or banking details.” RCMP

#1: Convincing Impersonations

Are you sure that you’re communicating with who you think you are? You may be surprised by just how sophisticated fraudsters’ impersonations can be. They could pretend to be someone that you know, such as a trusted partner, stakeholder, or even one of your own staff members.?

In the last few years, a successful email scam that targeted staff within non-profit organizations has been making the rounds. Why were they successful? Staff would receive an email that appeared to be sent from their boss’s email address, with an urgent request to click on a link, or purchase something online. Fear of not meeting workplace expectations can make staff vulnerable to such time-sensitive requests – especially when they’re from the boss. Equally as dangerous are fraudsters that impersonate staff of organizations that you have never dealt with in person or over video calls.?

The CAFC recommends that you:

• Never trust that a message is from who the sender says they are – especially when they ask you to send something.

#2: Links That Look Legit

Lower attention spans and busier lives create vital opportunities for fraud. Most people no longer read emails word for word. When we receive an email that looks even vaguely legitimate, chances are we will open it, read it, and likely click on the links in the body of the email.? That’s exactly the action that fraudsters want us to take.?

Clicking on these malicious links can have serious impacts on your systems, network, and data. Although it may seem like nothing happens when you click the link, viruses, tracking software and more may be quickly uploaded to your computer or device. When working on a computer (remotely or not) that’s part of your company network, there is a larger danger that the virus or malware will spread like wildfire through your entire company network.

And email isn’t the only source of malicious links. Increasingly, fraudsters are sending links via text pretending to be your bank asking for information, or a courier who is urgently trying to deliver a package. Social media platforms are also not immune.

The CAFC recommends that you:

• Navigate to the website through your own search engine instead of clicking the link.

#3: Tempting Pop-Up Messages

In the process of implementing digital transformation strategies, many non-profit organizations add website pop-up messages to better engage potential members. Unfortunately, fraudsters use this tool for the same reason: it’s effective and quick, with a high ROI.

As with other fraudster strategies, urgency is a common tactic. The message will ask you to take a certain action, often based on fear tactics. They may use this in a positive way (you’re our grand prize winner, but you have to click this link to claim the prize in the next 60 seconds!) or a negative way (our scan shows that your device has a virus – click here to get rid of it NOW!). Either way, these individuals capitalize on our fears to make us take the action they want to take – and fast.

The CAFC recommends that you:

• Don’t use public wi-fi or unsecured networks.

With tight budgets and busy schedules, it’s easy for fraud prevention to make its way to the bottom of non-profit organizations’ to-do lists. But if it stays there, you’re not just putting your organization’s data at risk. You’re also making the data of your members, donors, and valued stakeholders vulnerable too.?

If Fraud Prevention Month has inspired your non-profit to take a closer look at your vulnerability to digital fraud, please get in touch! We can help you create or revise your digital safety and cybersecurity strategies to ensure that fraudsters keep their hands off your data.