Announcement

Collapse
No announcement yet.

Fraud Receipts

Collapse
X
Collapse
 
  • Page of 2
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
  • #1

    Fraud Receipts

    Hello.

    Today I received two confirmation emails for a donation. This is normal. One is part of the receipt auto reply and the second one is a confirmation that the donation when through. The auto reply receipt was for $1,500 dollars and the second one was for $1. The amounts should match. I google searched the donator and it is of a dead person. How do I prevent a person from hacking the auto receipt?

    Thank you for your help!
    Anna
    Home – Advocates for the West
    https://www.advocateswest.org
    providing free legal services to conservation groups and concerned citizens to protect and preserve our open spaces and natural treasures – now, and into the future. Together, we win for the West.
    Tags: fake donation receipt, hacked receipt
  • #2
    Good day Anna:

    This makes no sense- emails cannot be hacked. Are you referring to email you get from the system and Salesforce autoresponder? That is the only way you can get 2 receipts.

    Are you referring to your account: 19136?

    If so I see 2 transactions by Bethany W. for $1 and $2 and using the same credit card which does not follow any fraud attempts. All information appears to be matching.

    Please elaborate or give me the Order Numbers so I can research it further.
    Regards,
    Click & Pledge Support Department

    Join us @ the educational webinars: https://clickandpledge.com/webinars/
    Live Support- read more: https://support.clickandpledge.com/s/article/general-information-live-support/

    Comment

    • #3
      The dollar receipt has an order number.

      Order Number: 1307252157234783747

      The $1,500 just has a transaction number.

      Transaction # f8d79769-321a-44f8-8d17-30dd9337d5df

      The name is Daniel A. and this was today.

      Thank you for looking into this.

      Anna

      Comment

      • #4
        Good day @ademetriades:

        The Order Number you sent is for a donation of $1 and all information has matched with the bank.

        The receipt which was also sent to you by our system indicates this clearly. Please see image below:
        Click image for larger version Name: Receipt_AW.jpg Views: 1 Size: 36.3 KB ID: 15228

        Please let me know what you are seeing that you think this is for $1500. I just simply can't find a single donation to your account with the information provided. Searching your entire transaction history shows not a single $1500 transaction being attempted, be it approved or declined.

        You may want to forward the receipt you are referencing to our support department and reference this forum post. We will investigate it further and get back to you.

        Looking forward to hearing back from you.
        Regards,
        Click & Pledge Support Department

        Join us @ the educational webinars: https://clickandpledge.com/webinars/
        Live Support- read more: https://support.clickandpledge.com/s/article/general-information-live-support/

        Comment

        • #5
          Click image for larger version Name: Fake_receipt.jpg Views: 1 Size: 43.6 KB ID: 15229

          After donations are made, two emails are automatically sent out, one from Sales Force and one from Click and Pledge which is all triggered by Civicrm. I am just now realizing that this receipt must of come from Sales Force. I don't know how each place would get different information on the transaction.

          Thank you for your help on this.
          Anna
          Last edited by ademetriades; 07-29-2013, 12:15 PM.

          Comment

          • #6
            Hello. I just learned that the problem is not fraud. People are trying to make other amount donations. Daniel was trying to donate $150 and only $1 was donated, plus one receipt said $1,500. Today someone tried to donate $1000 and only $1 was donated. Do you have any idea what could be wrong?

            Comment

            • #7
              Good day @ademtriades:

              The issue is if you enter , (comma) as thousand separator we consider that as period. We process transactions in many currencies and anywhere else in the world considers , as period and in US that is considered a thousand separator.

              We can't even offer warning since it will cause issues elsewhere. In eCommerce sites one should not use comma as a separator. 1,500 is considered $1.50

              Please let me know if we can be of any further assistance.
              Regards,
              Click & Pledge Support Department

              Join us @ the educational webinars: https://clickandpledge.com/webinars/
              Live Support- read more: https://support.clickandpledge.com/s/article/general-information-live-support/

              Comment

              • #8
                Hello. I did a test donation without the comma, $1000 and the transaction only went through for a dollar. Other amounts will work until it is in the thousands. It automatically just turns the amount into single dollars. Any why this would happen?

                Thank you!
                Anna

                Comment

                • #9
                  Anna,

                  Please post the link to your form so we can review the form you are using on your site. Is this one of our forms designed in the portal or a custom form?
                  Regards,
                  Click & Pledge Support Department

                  Join us @ the educational webinars: https://clickandpledge.com/webinars/
                  Live Support- read more: https://support.clickandpledge.com/s/article/general-information-live-support/

                  Comment

                  • #10
                    Hello.

                    Here is the link to the page, https://www.advocateswest.org/donate/. The form was created using the civicrm contribution format, checking the box for allowing other amount and entering in specific price amounts in Amounts section Fixed Contribution Options. Nothing custom was done other than following the guide of the civicrm.

                    The only way to donate $1000 is through the other amount but I did test it as a specific amount and the comma is still added and registers any amount over $1000 as a dollar amount (ie $2000 goes through as $2).

                    Thank you for looking into this,
                    Anna

                    Comment

                    • #11
                      Good day @ademtraides:

                      Can you possibly duplicate this form and change where it posts?

                      If you make a copy of this page so it does not affect your visitors then we can test it. Next please change where it posts to https://verify.faas.cloud.clickandpledge.com

                      You can review what is being posted to us in that page. The Verify service shows all the fields that are being posted to us.

                      Once you create a copy send us the link so we can review.
                      Regards,
                      Click & Pledge Support Department

                      Join us @ the educational webinars: https://clickandpledge.com/webinars/
                      Live Support- read more: https://support.clickandpledge.com/s/article/general-information-live-support/

                      Comment

                      • #12
                        Hello.

                        I will duplicated the form and post somewhere else.

                        I am confused by what you mean by change where its posts to https://verify.faas.cloud.clickandpledge.com? Is this something to do with the payment processor?

                        Thanks!
                        Anna

                        Comment

                        • #13
                          Originally posted by ademetriades View Post
                          Hello.

                          I will duplicated the form and post somewhere else.

                          I am confused by what you mean by change where its posts to https://verify.faas.cloud.clickandpledge.com? Is this something to do with the payment processor?

                          Thanks!
                          Anna
                          Okay. I duplicated the page and you can find it at advocateswest.org/donation-test.

                          In terms of posting(?) to https://verify.faas.cloud.clickandpledge.com, I changed the payment processor to this url instead of https://manual.clickandpledge.com/. Let me know if I didn't guess right about what I was supposed to do and I will change things.

                          Thank you!
                          Anna

                          Comment

                          • #14
                            Anna,

                            This does not make sense- the payment processor cannot possibly be https://manual.clickandpledge.com - that is the link to our manual and not our API.

                            How did you set this up? are you using the Click & Pledge module? How did you connect CiviCRM to our API?
                            Regards,
                            Click & Pledge Support Department

                            Join us @ the educational webinars: https://clickandpledge.com/webinars/
                            Live Support- read more: https://support.clickandpledge.com/s/article/general-information-live-support/

                            Comment

                            • #15
                              Originally posted by Support.Department View Post
                              Anna,

                              This does not make sense- the payment processor cannot possibly be https://manual.clickandpledge.com - that is the link to our manual and not our API.

                              How did you set this up? are you using the Click & Pledge module? How did you connect CiviCRM to our API?
                              I don't know what to say. I could have sworn I followed the picture instructions on the manual. Donations were processing too.

                              Anyways, I have now changed the payment processor site url to http://clickandpledge.com.

                              I've tested with this new setting and the $1000 still processes as a dollar.

                              Anna

                              Comment

                              Previous 1 2 template Next
                              Working...
                              X