Post-lockdown and across many organisations, employees now enjoy more freedoms. For charities, hybrid working looks like the way forward. People can tap into the organisation from anywhere and you may not even see them in person. While we’d like to trust everyone we come across, there is a lot of potential for fraud.
To protect your organisation and information, we take a look at what fraud is, and pitfalls to avoid. We also go over how digital tools can help avoid and detect those with malicious intents.
What charity scams are out there?
Like many sectors dealing with money, charities have a fiduciary responsibility. The UK Government takes this to mean that directors have a duty to make sure that money coming in is free of fraud.
To get to the bottom of how to prevent fraud, there’s a need to understand what online fraud looks like.
Charities are typically targeted by bad actors using phishing or spear phishing scams. Both types of fraud use emails to gain unauthorised access or payments. Under the more generic type of phishing, many emails are sent out reporting a situation.
Recipients are asked to click a link or make a payment to resolve the problem. That’s when a virus penetrates your software, or when staff are requested to enter user names and passwords.
Spear phishing is more targeted, often urgently asking charity directors to make payments.
Watch out when fundraising
While digital fundraising events have raised the bar for many charities looking for new sources of funds, it has also been a boon to those looking to do fraud. Unfortunately, these ploys play on public good will and tarnish the reputation of charities.
UK Fundraising points out that digital fundraising has risks. Bad actors can obtain email and website domains which bear striking resemblances to authentic charities. They use fake online donation pages to solicit support by pretending to be digital fundraisers for the cause.
Fraudsters can also use payment pages to test out stolen card details.
The Third Sector Protect says fraud can also happen during emergencies. The perpetrators use email, donation boxes, and other means employed by charities to misdirect funds. They can sometimes even fundraise in the name of your charity.
Remember, fraud doesn’t just come from online sources. Fraudsters can easily re-direct donated charity collection items and generate for-profit sales. Civil Society reports that more than half of fraud cases are perpetrated by someone known to the charity. For hybrid workers, it’s important to be aware of both online scams and those done in person.