Credit Card Thieves Flood Wikimedia With Pennies
The Wikimedia Foundation, the parent organization of the free online encyclopedia Wikipedia and other open-source projects, recently increased the minimum amount it will accept in donations after scammers apparently began testing the validity of stolen credit cards by sending a series of 1-cent "donations" to the group.
On Nov. 8, Wikimedia saw hundreds of penny donations come in over a very short period of time. In many cases, Wikimedia donors leave messages of support or praise for the organization along with their gift, but all of the fake donations were anonymous and contained no greeting, suggesting their submission may have somehow been automated.
Wikimedia spokesperson Sandra Ordonez said the group wants to keep a low minimum contribution amount so as not to discourage donations from people in countries where a dollar may be a substantial sum and a very generous gift. "But for those one-penny donations, it was costing us more to process them," she said. "We were actually getting negative money back."
Wikimedia has now increased the minimum contribution it will accept to one dollar.
The group receives all of its donations through PayPal, the online payment service owned by eBay. Ordonez said a PayPal rep told her the company wouldn't even process a donation unless it was at least 32 cents.
A spokesperson for PayPal declined to discuss the Wikimedia situation, citing privacy concerns.
Security Fix has written about these types of phony donations before. In the offline world, if a crook steals your credit card, he will often swipe it at a local gas station to see whether the card has been reported stolen. On the Internet, criminals are increasingly targeting organizations that have little in the way of staff or back office fraud detection capabilities, donating small sums at online charities, nonprofits and even political candidate sites to check the validity of stolen cards.
November 20, 2007; 2:57 PM ET
Categories: Fraud , From the Bunker
Save & Share: Previous: A Fresh Round of Targeted E-mail Attacks
Next: MPAA University 'Toolkit' Raises Privacy Concerns
The comments to this entry are closed.