The entire world is commemorating Veteran’s Day, and internet scamsters are out to cash in on it, warns Federal Trade Commission (FTC), USA. The government agency has warned about charity scams that dupe people supporting veterans and service members. Scammers mostly use the names of credible organizations to exploit their goodwill. However, they can be identified using simple policies that legitimate charities follow, added the alert.
Statistics point toward the mindset of the staff of charitable organizations and the personal and outdated models of devices as one of the causes leading to successful cyberattacks. Research by UK-based IT support business Ramsac says 67% of the staff in charitable organizations used personal devices for work which was higher than business at 47%. Nearly 30% of charities suffered cyberattacks in the last 12 months, says research by WRS Insurance, UK.
Despite not being big multinational companies, charitable organizations are targeted because of a lack of cybersecurity awareness among their staff and not using proper security options like multifactor authentication for logging in. Not cross-checking the security measures used by suppliers and third-party solution providers is also instrumental in data thefts.
A UK government survey pointed out that the ability to detect and respond to threats can deter and prevent damage to organizations. While it also said that only 68% of UK charities have up-to-date anti-malware protection and only 19% had formal cybersecurity strategy. Only 19% conducted staff awareness training and merely 6% of them had a cyber essentials certification.
Asking scammers simple questions about the organization may help detect if they are lying. Such as the organization’s history, year and place of origin, address, branches, officials, etc. Some of the ways to spot a scammer posing as a legitimate employee of a charitable organization were as follows:
- Charitable organizations cannot use an automated call or a prerecorded message to reach potential donors. If one gets a call from a bot talking, it is a scammer. Automated calls are only made to registered members of the organization who can opt out of it.
- The caller ID of the charitable organization should be registered and should reflect on the call.
- Payment websites of scammers may not have ‘https’ in their links.
- They insist on paying using cryptocurrency.
- Scammers may offer a prize from a contest after donating.