Comment from Cyber-Ark

Watch out for charity donations on your card

Researchers at Symantec have warned debit and credit card account holders to be on the look-out for small, but unauthorised, charitable donations on their statements, as they could be a pre-cursor to serious fraud on the account.

According to Symantec, its researchers have identified a shift in fraudster `valid stolen card' checking activity, with fraudsters `testing' stolen card details for ongoing validity by making a small donation via a charitable Web site.

Calum Macleod, European director for Cyber-Ark, the data vaulting specialist, said the shift in cybercrime activity is especially worrying for business debit and credit card account holders, as they tend to have less control over card usage than their personal counterparts.

It's always difficult to vet business card activity, so I would urge all company card account holders to be on the look-out for all small transactions, especially innocuous looking charitable donations, and check with the cardholder as to their validity, he said.

The problem with these small, but unauthorised, transactions, is that they almost always lead to larger unauthorised transactions coming through and these can be a major headache to resolve, he added.

Macleod went on to say that companies need to be extra-careful when it comes to storing and transmitting card details.

They should use a secure and encrypted system for storing details on the company IT systems, and always use encryption on the rare occasions when it becomes necessary to transmit the card details to a third party. The Payment Card Industry DSS guidelines should be applied diligently by any organisation that accepts payment cards, regardless of whether or not they are obliged to do so he said.

For more on unauthorised charitable card activity click here