Researchers at Symantec have warned that fraudsters are checking the validity of stolen credit card details by making small donations via charitable websites.
The security company said that debit and credit card account holders should be on the lookout for unauthorised donations on their statements, as they could be a pre-cursor to far more serious fraud on the account.
Calum Macleod, European director at data vaulting specialist Cyber-Ark, said that this is especially worrying for business debit and credit card account holders, as they tend to have less control over card use than their personal counterparts.
"It is always difficult to vet business card activity, so I would urge all company card account holders to be on the look-out for all small transactions, especially innocuous looking donations, and check with the cardholder as to their validity," he said.
"The problem with these small but unauthorised transactions is that they almost always lead to larger unauthorised transactions coming through and these can be a major headache to resolve."
Macleod added that companies need to be extra careful when it comes to storing and transmitting card details.
"Companies should use a secure and encrypted system for storing details on the company IT systems, and always use encryption on the rare occasions when it becomes necessary to transmit the card details to a third party," he said.
"The Payment Card Industry DSS guidelines should be applied diligently by any organisation that accepts payment cards, regardless of whether or not they are obliged to do so.
"These scammers are not targeting charities out of the goodness of their hearts, but because these transactions are less likely to be picked up by banks' fraud detection systems as they are not regular transactions."
Scammers use charity donations to test card numbers
By Staff Writers on Jul 17, 2007 2:00PM