© 2005 Convio, Inc. NTEN Webinar: Protecting your organization and donors from online scams February 23, 2006.

Slides:



Advertisements
Similar presentations
What Are Scams? Scams are designed to trick you into giving away your money or your personal details. Scams come to you in many forms – by mail, ,
Advertisements

Cyber Stalking Cyber Stalking Phishing Hacker 1. Never reveal your home address !!! This rule is especially important for women who are business professionals.
Fraud Protection. Agenda Start time: ____ Break time: ____ (10 minutes) End time: ____ Please set phones to silent ring and answer outside of the room.
1 Identity Theft and Phishing: What You Need to Know.
BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
What is identity theft, and how can you protect yourself from it?
1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.
8 Mistakes That Expose You to Online Fraud to Online Fraud.
Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Ethical Hacking by Shivam.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
Quiz 2 - Review. Identity Theft and Fraud Identity theft and fraud are: – Characterized by criminal use of the victim's personal information such as a.
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
How It Applies In A Virtual World
Internet safety By Lydia Snowden.
The World-Wide Web. Why we care? How much of your personal info was released to the Internet each time you view a Web page? How much of your personal.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
What is E-commerce Safety Precautions Password Strengths
PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Washington State Department of Financial Institutions “Regulating financial services to protect and educate the public and promote economic vitality.”
Cyber Crimes.
Day 3 Cybersafety Presented by FJUHSD Teacher Librarian.
The Internet = A World of Opportunities Look what’s at your fingertips A way to communicate with friends, family, colleagues Access to information and.
Identity Theft By: Chelsea Thompson. What is identity theft? The crime of obtaining the personal or financial information of another person for the purpose.
Reliability & Desirability of Data
Scams & Schemes Common Sense Media.
Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.
Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.
People use the internet more and more these days so it is very important that we make sure everyone is safe and knows what can happen and how to prevent.
Staying Safe Online Aberdeen Grammar School. Things to do online Keep in touch with friends and family using , twitter and social networking sites.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS). SELECT AND USE APPROPRIATE METHODS TO MINIMISE SECURITY RISK TO IT SYSTEMS AND DATA 1.1 I can describe.
Dangers of the Internet CEL : C O M P U T E R S I N E V E R Y D A Y L I F E CEL 1 Dangers of the Internet Name: ____________________ Class: ________________.
Network problems Last week, we talked about 3 disadvantages of networks. What are they?
Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.
BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)
Personal Online Safety Information Security Systems Community Outreach Program McKinley Middle School April 23, 2013.
Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.
Inappropriate Content Hackers Phishers Scammers Child Abusers Bullies.
Internet Safety Internet Safety LPM
Phishing Dennis Schmidt, CISSP Director, Office of Information Systems HIPAA Security Officer UNC School of Medicine UNC School of Medicine.
BY JESSICA SCHOLEY p1. Id Fraud Is When Someone Pretends To Be Someone Else Using There Address, Birthday And Other Information. People Also Use Id Fraud.
Scams and Schemes Essential Question: What is identity theft, and how can you protect yourself from it?
Alert against Online Shopping Frauds. Online Shopping A form of electronic commerce whereby consumers directly buy goods or services from a seller over.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
Computer Security By Duncan Hall.
Protecting Yourself from Fraud including Identity Theft Personal Finance.
Unit 2 Assignment 1. Spyware Spyware is a software that gathers information about a person or site and uses it without you knowing. It can send your information.
Identity Theft PD Identity Theft Identity theft is a serious crime which can: Cost you time and money Destroy your.
IDENTITY FRAUD Lesson 2-5. A Few Figures on Fraud… 1 in Americans are victims of identity fraud each year. $ Average out of pocket cost to.
Managing Money Workshop The National Autistic Society AGM
Yes, it’s the holidays... A time of joy, a time of good cheer, a time of celebration... From the Office of the Chief Human Capital Officer (CHCO ) Privacy.
Fraud Protection.
Scams & Schemes Common Sense Media.
Fraud protection.
Personal spaces.
ISYM 540 Current Topics in Information System Management
Phishing is a form of social engineering that attempts to steal sensitive information.
Protect Your Computer Against Harmful Attacks!
Cybersecurity Awareness
Information Security Session October 24, 2005
Social Engineering Humans are often the weakest point in security
What is Phishing? Pronounced “Fishing”
Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.
Presentation transcript:

© 2005 Convio, Inc. NTEN Webinar: Protecting your organization and donors from online scams February 23, 2006

2 © 2005 Convio, Inc. Online Fraud Techniques ■ Some current types of online fraud: ▶ 1. e-Commerce vendors can be defrauded of merchandise e.g. by people using stolen credit cards; this doesn't affect online donations, because there is no merchandise to be fenced / resold ▶ 2. Phishers trick people into giving them financial information ▶ 'ers use the internet to pitch victims ▶ 4. Carders use online donation websites to test stolen card numbers ▶ 5. Hackers break into computers to steal data ■ Many of these are of interest to nonprofits

3 © 2005 Convio, Inc. Fraud is not a new, internet-related problem ■ A donation phishing scam is no different than: ▶ someone standing in the mall shaking a collection tin with your organization's name on the side ▶ a fake fundraiser soliciting “donations” door to door or on the telephone ■ Because the internet is a newer medium, the public is less “street-wise” about how to spot scammers ■ Technology will never prevent fraud, education is the key solution

4 © 2005 Convio, Inc. What is a phishing scam? ■ Phishing is a technique used by online fraudsters to collect people's personal information to be used in subsequent fraud activities ■ Phishers try to obtain: ▶ credit card numbers ▶ names and addresses ▶ social security numbers ▶ passwords for online banking, PayPal, etc. ■ “Phished” data is now a commodity in online fraud circles – stolen credit card numbers sell for about $1 each in hacker forums

5 © 2005 Convio, Inc. How does phishing work? ■ The phisher sends out spam s which mimic those from a well known financial institution ■ A typical come-on line: “Come to our website to re-verify your login” ■ Links in the take the unwary to a website run by the phisher, which collects their data ■ The non-profit connection: After major disasters, phishers target potential donors to well known relief agencies like the Red Cross

6 © 2005 Convio, Inc. Phishing example Forged “From” address Link text is a PayPal URL, but clicking takes you to the phisher's site The usual pitch: “Your account information needs to be updated...”

7 © 2005 Convio, Inc. How can I help protect my donors from online fraud scams? ■ Educate donors to take a few simple precautions ▶ Be suspicious of unsolicited or unexpected ▶ Don’t click on untrusted links – instead, go directly to the organization’s Web site, or use a reputable search engine ▶ Always review credit card statements for unauthorized charges ■ Arm donors with the information they need ▶ Provide guidelines for locating your official Web site ▶ Actively promote your URL ▶ Tell donors who your service providers are for and donation processing

8 © 2005 Convio, Inc. Common misconceptions ■ “Make sure the URL matches the organization” ▶ In an HTML , the text of a link can be anything, including a different URL from the link target ▶ Many non-profits use a service provider, and their donation forms use the provider's secure URL ▶ Conversely, it's easy for a scammer to use a fake URL that's very hard to spot: remember paypaI.com (did you notice... “pay pie” with a capital “ I ” ? ) ■ “Nonprofits don't solicit donations by ” ▶ They certainly do, but only from opted-in list members... they don't spam

9 © 2005 Convio, Inc. How can I help protect my donors from online fraud scams? (2) ■ Encourage donors to verify the legitimacy of an organization before donating funds ▶ GuideStar: ▶ CharityNavigator: ■ Publish Sender Policy Framework (SPF) information for your “From” address ▶ Consult with your marketing provider ■ If you discover a fraud site ▶ Contact the host ISP and request that it be blocked ▶ File a report with the FBI at

10 © 2005 Convio, Inc. Carding: How it works ■ Carders use online donation sites to test stolen credit cards, to make sure they are still valid, before using them for fraud ▶ Carders make a small donation, and see if they get a thank-you page or a rejection ▶ Often done in large volumes with automated software ▶ Some fraudsters just make up card numbers using generator software, and use carding to find out which ones are real

11 © 2005 Convio, Inc. Carding: What should nonprofits do? ■ Carding does not defraud the nonprofit, but it is a nuisance to clean up after a carding run ■ What to do: ▶ Consult your service providers ▶ Anti-fraud technology can help to detect and block carding runs in progress ▶ If you get carded, you (or your provider) must refund the fake donations – keeping the money would be fraud, and will result in chargebacks

12 © 2005 Convio, Inc. Defending against hackers: what should my organization be doing? ■ Make security of donor information a priority: ▶ Don't be tempted to build an amateur donation form, use a professional solution: - No excuses... Network for Good is free ▶ Never collect and store credit card numbers or SSNs, and especially not on your website – a hacker can't break into data you don't have ▶ Never donor information ▶ Make sure your donor database is very secure ▶ If you are using SSNs as member id's... stop! ▶ Sloppy security is becoming less tolerated - example: California SB 1386 “Hacking Disclosure” Law

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.