Bad actors often use website donation pages to test stolen credit card numbers, making small donations in the $1.00 - $2.00 range, to verify if the card can be used.
To protect against this type of fraudulent activity, the following items are recommended:
Enable CAPTCHA Security on your donation page:
iMIS 2017 GA (20.2.64.xxxx/20.2.65.xxxx): https://help.imis.com/iMIS2017/Implementation/Configuration/Enabling_CAPTCHA_Security.htm
iMIS Cloud Enterprise (20.3.xx.xxxx): https://help.imis.com/iMIS20Cloud/Features/Settings/Contacts/Contacts.htm#reCAPTCHA_settings
iMIS Cloud Professional (100.3.xx.xxxx): https://help.imis.com/100_200/Features/Settings/Contacts/Contacts.htm#reCAPTCHA_settings
Enable the card security code (CSC) option for credit cards:
iMIS 2017 GA (20.2.64.xxxx/20.2.65.xxxx): https://help.imis.com/iMIS2017/Features/Commerce/Payments/Authorizing_credit_cards_and_debit_cards.htm
iMIS Cloud Enterprise (20.3.xx.xxxx): https://help.imis.com/iMIS20Cloud/Features/Finance/Payments/Authorizing_credit_cards_and_debit_cards.htm#Setting_the_CSC_as_a_requirement
iMIS Cloud Professional (100.3.xx.xxxx): https://help.imis.com/100_200/Features/Finance/Gateways/Payflow.htm
Require an address and email address. iMIS uses the Address Verification Service (AVS) to verify the address is valid.
Create a donation payment alert on a Staff Dashboard page to alert staff of low dollar amount donations (ie $1.00 - $2.00 range), if this is not normally given.
Sign up for Fraud Protection Services from your credit card processing vendor.
*Also see the following TechAlert article: