As despicable and unsettling as it may be, there are a lot of people who steal from charities. Sometimes the perpetrator is closely involved with the organization and misappropriates funds. Other times it’s an unsavory characters who takes cash straight out of a donation box. But most often, the thief is someone much more cunning. Someone who never sets foot anywhere near the charity.
Cyber criminals are more than willing to raid the coffers of charitable organizations, as well as the financial accounts of those who contribute to them. And these crimes are on the rise as not-for-profit groups are easy targets for cyber fraud.
Most recently, the Australian website MyCause made headlines when attackers stole credit card details from as many as 12,000 people who had made online donations. Many of these do-gooders found themselves dealing with fraudulent transactions for thousands of dollars. Prior to the MyCause incident, Goodwill revealed that hackers lifted payment card details from an undisclosed number of store customers using the same tactics employed in the massive Target breach.
These separate events have more in common than the fact that both involved charities. Specifically, the organizations targeted were compliant with their industries’ security standards. However, neither had implemented cyber security measures beyond those standards.
Both these incidents emphasize the urgent need for all organizations look closer at their cyber security position, and take measures to improve it. This is especially true for non-profits where it’s easy to be complacent. They think it’s enough to be compliant with the set cyber security standards. Yet cyber criminals are developing new, more advanced attacks every day. And many non-profits turn a blind eye to the risks they pose to their organizations and donors.
For non-profit organizations looking to improve their cyber security posture, Lunarline offers a complete range of products and services to help keep you secure. Our penetration testing service can give you a thorough understanding of your current vulnerabilities, and a plan for improvement. And our baseline hardening tool makes it easy to get your network properly configured and locked down in just a few hours.