The current economic unrest is massively impacting charities’ fundraising efforts, placing enormous pressure on their income and their ability to meet increasing operational overheads. However, digital age, once welcomed as a vehicle for growth, is only adding to economic worries. Online fraud and financial crime have a huge effect on charities, not only financially but also reputationally.
A recent study by BDO’s Charity Team found that while 50% of detected frauds were perpetrated by staff, members, volunteers, or trustees, the other 50% were being perpetrated by outside parties. Most of this is conducted online.
More worryingly, BDO’s report goes on to say that 92% of charities that suffered a fraud suffered financial loss; 56% of the charities affected by fraud then experienced serious non-financial issues as a result of the fraud; and 64% expected fraud risk to increase in the next 12 months.
Given these statistics, it is vital charities do everything they can - within the resources available - to protect themselves against the different forms of digital fraud.
WHAT ARE THE DIFFERENT TYPES OF FRAUD A CHARITY FACES?
For simplicity, we would split the types of fraud a charity faces into two: internal and external.
Internal fraud can range from grant fraud (using grant funds for a reason other than that they were applied for) to expense fraud (claiming fraudulent expenses or inflating expense claims), procurement fraud (manipulating the procurement process for personal gain), and payroll fraud (fake ‘ghost’ employees, inflating hours worked, awarding unauthorised salary increases, or misappropriating sick pay or benefits).
Today, external fraud tends to be cyber fraud (hacking, phishing, and ransomware attacks against the charity itself), AI fraud (using AI to manipulate or deceive charities or their donors for financial gain), and donation fraud (fraudulent activities carried out in the name of a charity to solicit illegal donations).
Another type of fraud is merchandise fraud. Either goods are sold on the basis that the purchase price will be given back - in full or in part - to the charity as a fundraising tool, or a well-known brand produces a line in partnership with or on behalf of a charity and publicises the fact that a percentage of the purchase price will be sent to the charity.
More and more there is a direct crossover between AI, donation, and merchandise fraud online. This is why it is paramount that charities are aware of how their name and brand are being represented on the internet and social media.
The final area charities should be aware of is domain name fraud, or, as it’s also known, domain spoofing.
Although frauds are becoming more refined by the day, domain names are still a key element of many fraud schemes. Domain names have been used fraudulently since the launch of the internet due to the ease with which it can be used to impersonate others.
Domain spoofing involves attackers using domain names closely resembling legitimate ones to deceive users that a message comes from a different sender. Domain names that are similar to those of main charity websites, or domains used for certain campaigns, may be used for deceiving donors on social media or through email or text message scams.
Common tactics include adding elements such as a generic term, a hyphen, or a single letter to the charity domain, or a misspelling that is easily overlooked, such as a double ‘l’, for example. The scammers can also use a domain extension that has not yet been registered by the charity for its own use or for defensive purposes. This can be a generic domain name such as .org or .charity, or a country top-level domain such as .co.uk or .de.
WHAT DAMAGES DOES DONATION FRAUD CAUSE A CHARITY?
Whether a charity’s brand is misused to create realistic-looking fundraising landing pages, to back up interactive websites complete with AI-generated ‘bots’ that make it feel like you’re talking to a genuine fundraiser, or to promote fake social media accounts that attempt to mimic legitimate fundraising activities, donation fraud inflicts huge damage on a charity.
Obviously, a huge part of this damage is financial. The funds donors want to send to a charity will be stolen by the scammers, so it will never reach the charity to be used to further their cause. Worse still, as many donors won’t even realise their gift has been stolen, they won’t think to repeat their donations.
However, arguably worse is the reputational damage fraud can inflict on a charity.
If it becomes public knowledge that they have been hit by fraud and donations have been stolen, it will erode supporters’ trust, which in turn will reduce the likelihood they will continue to donate. It will also sow a seed of doubt in potential donors’ minds, which will impact the charity’s future fundraising. Some may never recover positive public perception.
And the impact fraud has isn’t limited to fundraising. Being the victim of fraud can also lead to strategic partners, sponsors, or partner nonprofits losing confidence. It can also leave the charity open to greater scrutiny from regulatory bodies. Adding insult to injury, this could even cause regulatory bodies to find reason to audit or fine the charity.
HOW CAN A CHARITY HELP PROTECT THEMSELVES AGAINST THE ONLINE RISKS TO THEIR BRAND?
As branding specialists, we are hugely experienced when it comes to identifying, monitoring, and acting against the online threats our clients face. To make the online threat monitoring process quicker, easier, and more cost-effective for our clients, we have designed iProvidence, a state-of-the-art online brand protection platform that combines the latest search technology with our legal and brand enforcement expertise.
The iProvidence model is simple – the technology finds any online misuse of a brand, whether it’s on a website, an online market, or social media; our team then filters the results by level of risk, and then the brand owner decides whether they want our attorneys to take decisive enforcement action to snuff out the threat.
While this was designed for corporate clients, we appreciate both how much damage online brand fraud can cause a charity and the cost constraints charities are under, which is why we would be glad to run an initial online threat assessment for your charity free of charge. This search would provide you with a report listing all the potential misuses of your brand or, better still, confirming your brand is not currently being misused online.
With regard to every type of brand impersonation, if a charitable organisation is suffering from widespread abuse, iProvidence not only complements but also hugely strengthens our stand-alone services for combatting online infringement, such as cease-and-desist letters and our domain name take-down services, such as Uniform Domain-Name Dispute-Resolution (UDRP).
If you would like us to run your free report today, please email our online brand protection team today, including your charity’s name, any associated trading names, and the point of contact to send the report to.
