Skip to main content
Skip table of contents

Fraud management

Fraud in the nonprofit industry, particularly through credit card testing on donation forms, poses a significant challenge. Fraudsters exploit online donation platforms to test the validity of stolen credit card information by making a high volume of low-value transactions. This type of fraud not only results in financial losses for nonprofits through transaction fees, but can also damage an organization’s reputation with donors and payment gateways.

Effective fraud prevention requires balancing security with donor experience. While stronger fraud controls can help reduce suspicious activity, overly restrictive settings may unintentionally create friction for legitimate supporters. The goal is to implement strategies that help minimize risk while still providing a smooth experience for donors.

Nonprofits should familiarize themselves with fraud prevention measures available through Engaging Networks as well as the tools and controls offered by their payment gateways.

Engaging Networks' Role

In addition to actions clients should take themselves, there are also steps Engaging Networks takes to protect client pages.

  • Constant monitoring by the development operations team to detect fraudulent activity.

  • Utilize various security resources provided by Cloudflare.

  • Automatically block IPs after 6 or more rejected transactions within a 15 minute window.

  • Automatic and manually enablement of Managed Challenges, which is a type of web browser challenge that can help identify non-human/bot activity, to stop fraudulent activity that is observed on a page.

  • Integrate the latest fraud prevention tools into new parts of the platform

Client's Role and Best Practices

In addition to the steps that Engaging Networks takes to mitigate fraud, client should also familiarize themselves and follow best practices.

  • Enable fraud email and SMS notifications in your Engaging Networks account under Hello > Account Settings > Notification Email > create or edit applicable recipient > check the Spam/Fraud option. This will notification is triggered when there is a large volume of rejected transactions in your Engaging Networks account and when an IP is blocked (after 5 or more rejected transactions in 15 minutes).

  • Complete the Security Academy courses which includes fraud mitigation topics.

  • Familiarize yourself with the configured fraud settings in your payment gateway. Settings vary by gateway but can include CVV verification, Address Verification Service (AVS), and expiration date matching. You may choose to adjust these settings if you’re experiencing ongoing suspected card testing.

  • Enable CAPTCHA on your pages. CAPTCHA can help prevent bots from submitting your pages.

  • Add a donation amount validator to your pages with a higher minimum. Fraudsters will often test credit cards using very small donation amounts like $1. Adding a donation amount validator with a minimum donation amount can help mitigate fraud.

  • Add a third party email validator to your pages. Spammers will often use correctly formatted but fake email addresses to submit pages. A third party email validation service such as ZeroBounce can ensure that supporters use a legitimate email address when submitting pages.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close