Cybercriminals are taking advantage of the surge in online spending as people stay home due to the coronavirus outbreak. And some popular charities are getting caught in the fray.
Malicious activity like email spam, advertising fraud, and “domain spoofing,” in which criminals register domain names masquerading as legitimate brands, are on the rise, according to law-enforcement officials and companies that monitor online threats.
Experts usually anticipate an increase in malicious activity around days like Black Friday and Cyber Monday, but it’s been even more intense recently, says Elad Schulman, vice president for brand protection at Mimecast, a company that monitors and tracks cybercrime and helps firms address it.
With much of the world quarantined, “more people are getting online and doing all sorts of activities, including shopping, right now,” Schulman said. “You can’t really rob people in the streets because they’re not in the streets. But you can create scams and scam people online. Charities are collecting money, and money’s what they’re looking for.”
GlobalGiving has seem a small uptick in scams because of the organization’s role in the coronavirus response. These scams have come in several forms, including people fraudulently claiming to work for GlobalGiving and asking for money in emails or trying to raise money using a fake domain that resembles the nonprofit’s real site.
Recently someone registered a domain called globa1giving.com, which used the nonprofit’s logo and made an appeal to support a coronavirus relief fund. After a reporter inquired, the charity had it taken down.
GlobalGiving launched its Covid-19 relief fund back in January when the virus was spreading in Wuhan, China.
“It’s one of those things that unfortunately as an organization grows or is working on programs that are relevant to the news, scam artists will try and take advantage of people’s good nature and leverage a nonprofit brand to further their own greedy or malicious intent,” says Kevin Conroy, chief product officer at GlobalGiving.
Conroy has seen this pattern before in the wake of natural disasters.
“When there’s a spike in news coverage around a particular event that we’re associated with, there’ll be a spike in fraud associated with it, usually right after the fact,” he said.
Feeding America, which has seen a surge in demand at its network of food banks and pantries, has not seen a substantial increase in the number of digital attacks over the past few weeks, despite the outpouring of support for the organization, said Elizabeth Nielsen, senior vice president of digital and direct marketing.
But that’s not to say scammers aren’t active. The charity recently identified a fraudulent Google ad — another entity had misrepresented itself as Feeding America — and immediately reported it to Google, which took the ad down. The group has also experienced “fake” ad traffic being sent to the charity’s website, making it seem like more people had seen a Google ad for the group, which drove up traffic numbers and thus the cost of advertising.
“Digital fraud is a reality of doing business,” Nielsen wrote in an email. “Just like any other e-commerce website or nonprofit site accepting donations, we experience various types of fraudulent activities.”
Set Up News Alerts
Many savvy nonprofits monitor for online threats throughout the year. Because the tricks and tactics used by scammers are always changing, many companies employ third-party providers to help identify fraudulent activity. But there are things charities can do internally.
At Feeding America, team members from various departments, including digital marketing and fundraising, gift processing, IT, and finance, help monitor for issues. “Having proactive measures in place helps ensure we protect the Feeding America brand and our supporters,” Nielsen said.
Setting up Google News alerts for your organization — including common misspellings and phrases that appear on your site — can do a lot to uncover malicious activity, says Conroy of GlobalGiving.
Basic domain-name defense, like buying the .com, .net, and misspelled versions of your web address, can only do so much. “It just gets to be far too expensive to pay hundreds of thousands of dollars for every possible typo” in your name, he says.
When charities do identify a fraudulent domain, they can contact the host and request that the site be taken down. While these problems are usually taken care of swiftly, it’s still a big risk for nonprofits, Conroy said. “Our reputation and donor trust is so vital for us to be able to continue to get support.”