This holiday season, many people will turn to charities to give back. The last thing they want to do is give money to scammers instead of a cause they truly support. According to the FBI’s website, charity fraud rises during the holidays, when people choose to make end-of-year tax deductible gifts.

“Seasonal charity scams can pose greater difficulties in monitoring because of its widespread reach, limited duration and, when done over the Internet, minimal oversight,” cites the FBI site.

Therefore, it‘s important to be careful and verify the group to which you’re giving to make sure it isn’t actually a charity scam. Let’s take a look at what people should look out for when they’re giving. See common scammer tactics and reputable tools to make sure your money reaches a trusted organization.

What’s Behind a Charity Scam?

The people behind a charity scam, as with other types of fraud, usually start by disguising what they’re doing. Some impersonate well-known charities, while others make up a name of their own. Often, they follow the news and create scams around natural disasters, such as floods, hurricanes or wildfires. But, they are also known to prey upon supporters of evergreen causes.

Phishing emails are often part of the charity scam. They attempt to trick the recipient into handing over their banking information for the purpose of making a donation. The trick might lead them to a page designed to harvest their payment card credentials. Some attackers take this a step further by sending out spear-phishing emails that specifically target users based on what’s important to them. To glean this information, scammers conduct Open Source Intelligence (OSINT) by reviewing what users post about on social media and other public websites. They then use what they find to keep the scam going. From here, they can craft an email that asks the user to contribute to a relevant cause. Or, they can send a thank you email for a donation they didn’t make as a means of guilt-tripping the target into giving more.

How to Spot a Charity Scam

Charity scam solicitations will likely come through emails, cold calls, crowdfunding sites and even fake social media accounts and websites. The Federal Trade Commission indicates the best way to avoid being a victim of a fraudulent scam is by doing your homework.

Do Your Research

Research and planning can help minimize your chances of falling for a charity scam.

1. Search an organization’s name along with the keyword ‘complaint’ or ‘scam.’

2. Review the results for signs of red flags.

3. Look up consumer reviews from those who’ve given to the charity in the past. Use to look up their state’s charity official’s opinion, or use trusted tools, such as the BBB Wise Giving Alliance or the GuideStar Charity Check. If you don’t come across anything immediately suspicious, visit the website and review the information there.

4. Search for specific information about how the organization uses people’s donations. How much of the money goes to the cause? How do they accept contributions?

Assess Payment Options

A charity should never ask you to pay using a bank account. Do not submit any payment to a charity that is asking for money in the form of cash or gift card. The safest form of payment is a credit card. Additionally, before clicking on a link to donate online, make sure you know who is receiving your donation.

It’s also good to keep a record or receipts of any donations. Review your banking statements to make sure you’re only charged the amount you agreed to donate. And, check whether the person included in the signature line has any identifiable credentials.

Know Scammer Tricks

The FTC notes that scammers have tell-tale tricks that can raise red flags. A few are:

  • Changing caller ID to make it look like they are calling from a local area code.
  • Using names that sound similar to the names of real charities. 
  • Guaranteeing sweepstakes winnings in exchange for donations.
  • Claiming your donation is tax-deductible when it is not.

Additionally, if you feel any sense of guilt or urgency in a charity language, avoid making a donation. That doesn’t mean you shouldn’t give to groups you’re sure aren’t a charity scam. Seek ones you’d like to support instead of waiting for them to come to you.

A Happy and Safe Giving Season

The holidays are a perfect time for users to spread some cheer and donate to a cause that they support. By following these tips, you won’t just prevent the charity scam from stealing their personal or financial information. They will also make sure their donations end up in the hands of those who need it.

More from Fraud Protection

Kronos Malware Reemerges with Increased Functionality

The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of Kronos emerged in 2014 and was reportedly sold on the darknet for approximately $7,000. Kronos is typically used to download other malware and has historically been used by threat actors to deliver different types of malware to victims. After remaining…

How Security Teams Combat Disinformation and Misinformation

“A lie can travel halfway around the world while the truth is still putting on its shoes.” That popular quote is often attributed to Mark Twain. But since we're talking about misinformation and disinformation, you’ll be unsurprised to learn Twain never said that at all. In fact, no one knows who first strung those words together, but the idea that truth spreads slowly while lies spread quickly is at least several hundred years old. The “Twain” quote also serves to…

A View Into Web(View) Attacks in Android

James Kilner contributed to the technical editing of this blog. Nethanella Messer, Segev Fogel, Or Ben Nun and Liran Tiebloom contributed to the blog. Although in the PC realm it is common to see financial malware used in web attacks to commit fraud, in Android-based financial malware this is a new trend. Traditionally, financial malware in Android uses overlay techniques to steal victims’ credentials. In 2022, IBM Security Trusteer researchers discovered a new trend in financial mobile malware that targets…

New DOJ Team Focuses on Ransomware and Cryptocurrency Crime

While no security officer would rely on this alone, it’s good to know the U.S. Department of Justice is increasing efforts to fight cyber crime. According to a recent address in Munich by Deputy Attorney General Lisa Monaco, new efforts will focus on ransomware and cryptocurrency incidents. This makes sense since the X-Force Threat Intelligence Index 2022 named ransomware as the top attack type in 2021. What exactly is the DOJ doing to improve policing of cryptocurrency and other cyber…