Tweet
Release Date: May 17, 2019
New Feature:
To combat script attacks against all Connect forms, the Google's invisible reCaptcha has been added to all Connect forms. More information may be found here: https://www.google.com/recaptcha/intro/v3.html
Credit card validation attacks against forms is a daily occurrence and has increased by orders of magnitude in receipt months. On a daily basis various nonprofits are being targeted by script attacks against their forms validating stolen credit cards. Several organizations have experienced more than 100K posts in less than 10 seconds which also borderlines a DNS attack against our network. While Click & Pledge provides 100% protection against all fraud, the magnitude of these attacks are taking a toll on Salesforce posts and reports. To minimize this attack vector we have introduced reCaptcha to all forms. The reCaptcha does NOT ask the validation questions with each donation but only appears when suspicious activity is detected.
This feature has been part of the code for over 2 years but not enabled. On Friday, May 17, a decision was made to activate the code to stop a massive attack against a couple of forms. The feature has been tested thoroughly and we are confident that it will mitigate many issues that are facing various organizations.
At Click & Pledge, our number one priority is your data security and integrity. Please post any questions you may have regarding this feature to this form or contact our support department.
New Feature:
To combat script attacks against all Connect forms, the Google's invisible reCaptcha has been added to all Connect forms. More information may be found here: https://www.google.com/recaptcha/intro/v3.html
Credit card validation attacks against forms is a daily occurrence and has increased by orders of magnitude in receipt months. On a daily basis various nonprofits are being targeted by script attacks against their forms validating stolen credit cards. Several organizations have experienced more than 100K posts in less than 10 seconds which also borderlines a DNS attack against our network. While Click & Pledge provides 100% protection against all fraud, the magnitude of these attacks are taking a toll on Salesforce posts and reports. To minimize this attack vector we have introduced reCaptcha to all forms. The reCaptcha does NOT ask the validation questions with each donation but only appears when suspicious activity is detected.
This feature has been part of the code for over 2 years but not enabled. On Friday, May 17, a decision was made to activate the code to stop a massive attack against a couple of forms. The feature has been tested thoroughly and we are confident that it will mitigate many issues that are facing various organizations.
At Click & Pledge, our number one priority is your data security and integrity. Please post any questions you may have regarding this feature to this form or contact our support department.