Charity scams are a serious problem in Australia and around the world. With costs reaching into the tens of thousands, it sometimes seems little can be done to prevent the betrayal of people’s trust by heartless fraudsters. But that is not the case; there are warning signs and precautionary measures that can be taken to reduce the risk. Learn how to identify and protect yourself against charity scams.
As an “Internet-ready” society, we are constantly surrounded by cyber threats. In fact, a recent study revealed that the threat of cyber-attack came in third, behind natural disasters and extreme weather, for large-scale disruptive events. In 2018, fraud incidents cost Australians a whopping A$489.7 million.
In the myriad of malicious scams currently in circulation, charity scams are amongst the most sinister. Fraudsters manipulate people’s good will and eagerness to donate money by diverting donations away from the people who truly need it, in order to gain a profit for themselves. In 2018, A$210,000 was lost to charity scams. In 2019, this figure increased to over A$400,000. Globally, the cost of charity scams is also worrying. In 2018, fraudsters in the U.K. siphoned off £746.3 million worth of donations, which is roughly A$1.4 billion.
There are various methods used by scammers when it comes to charity scams. A cyber-criminal might pose as member of a genuine charity asking for donations and claiming they are raising money for a specific cause, or they may pose as an individual needing money for health expenses or other reasons. The majority of these scams happen online through email or social media posts, but there are also scams being carried out via phone calls or text messages.
There have been some notable charity scams throughout history:
The case of William Aramony, who spent 22 years as President and CEO of United Way of America (UWA), the umbrella group for thousands of local United Way organizations that funded social and human service projects. In 1995, Aramony and two co-conspirators were convicted of defrauding UWA. He was convicted on 25 counts of felony and sentenced to seven years in prison for fraudulently diverting US$1.2 million of the charity’s money to benefit himself and his friends, including a 17-year-old who was added to UWA’s payroll and was given gifts worth over half a million dollars.
Another notable fraud case is that of James Reynolds, who was fired from the American Cancer Society in 1984 following accusations of bad record-keeping and theft. Shortly after being fired, Reynolds created four fake charities, the Cancer Fund of America, Inc. (CFA), Cancer Support Services Inc. (CSS), Children’s Cancer Fund of America Inc. (CCFOA), and The Breast Cancer Society Inc. (BCS). The Federal Trade Commission charged him, and several aides, with stealing $187 million in donations between 2008 and 2012. Less than three percent of the money raised ended up being invested in patients.
As the above examples show, fraud attempts aren’t always about stealing money from public donations, sometimes they target the charity itself.
The British government recently issued a cyber security alert after several charities were reportedly targeted by fraudsters. The criminals impersonated charity staff members and emailed finance or HR departments, attempting to change the employees’ bank details to get the salaries redirected into their own accounts.
In another incident, attackers compromised a website collecting donations for the victims of the recent Australian bushfires. The criminals injected a malicious script that stole the donor’s payment information via a credit card skimmer at checkout.
Who is behind charity scams?
There is no single threat actor or group behind charity scams. Sadly, there are many individuals prepared to defraud people by posing as a charity or as someone who is asking for money towards a good cause.
According to authorities, a surge in the volume of charity scams coincides with large scale disasters, such as Hurricane Katrina in 2005, the 2010 earthquake in Haiti and more recently the bushfires in Australia. According to authorities, the public have already reported over 400 scams attempting to capitalise on the bushfire tragedies.
Staying vigilant: make sure your donation counts
Like most fraudulent activity, charity scams play on people’s emotions to gain illegal profit. However, there are steps that can be taken to reduce the risk of falling for such a scam.
Red flags to look out for:
Pressure to give the donation right away – an impatient recipient urging you to make an immediate donation for any reason, is fishy. A genuine charity will welcome your donation at any time.
Thanking you for a donation you have previously submitted, when you don’t remember making one. This is an old trick, meant to lower your suspicions by making you think you’ve already donated to the cause.
Asking for up-front payment via money order, wire transfer, international funds transfer, digital currency, such as Bitcoin, or any other digital payment method. The wealth of payment options available nowadays makes it easier for fraudsters to withdraw the money quickly whilst hiding their identity. Money sent using these methods much harder to track and retrieve.
There are also a few steps you can take to verify the authenticity of the organisation approaching you for a donation:
Check the organisation’s name and website address to make sure they match a known organisation and not posing as one.
Look for the organisation’s credentials on the Australian Charities and Not-for-Profits Commission (ACNC) website to see if they are a genuine charity. Similar charity and non-profit guides exist in most countries.
If you receive a text message or phone call, confirm the organisation’s phone number online before donating.
If you have any doubts, don’t donate money or share your personal details.
If you think you have been scammed, contact your bank or financial institution immediately. It is also recommended to report scams to the Australian Competition and Consumer Commission (ACCC), the U.K. government services and information (Gov.uk), the U.S. Federal Trade Commission (FTC) or the European Commission’s anti-fraud office, through their respective websites.