New to the community? Welcome! Please read our Community Rules and Guidelines
Join the live Q&A with our Community moderator team Wednesdays, 1-2pm PT (4-5pm ET) and Fridays, 4-5pm GMT. Learn more in Community Events
I accept Paypal donations on behalf of a blog I own. In the past two weeks, I've received a series of $1 donations from individuals whose names are unfamiliar. I have never received a donation in this amount before via Paypal. So far I've received 5 of these donations, each supposedly from different individuals. The first person who made such a donation then disputed the donation. Because the matter is in dispute, I could not refund the funds to the donor. I had to call Paypal to notify them that I did not solicit the donation, did not bill the person for the donation, & know nothing about what happened. Paypal told me to e mail the person saying that if they removed the dispute I could then refund the money. I did so, but the matter remains in dispute. I wonder whether the individual's e mail address is even real.
Since several others of these donations happened immediately afterward, this is starting to look like a pattern. Should I refund the money of all the donors before they can claim a dispute? Anyone else know why this may be going on? Does someone want to **bleep** up my status with Paypal so I can no longer accept donations?
I provide the website software and IT support for a non-profit which has also seen a spate of disputed donations under $5, mostly $1 & $2, beginning in Sept 2017. I've investigated donations from 61 different donors and found a number of curious things:
I am at a loss to explain what is going on and I've exhausted every avenue I can think of to gather more information about this situation. If anyone has any suggestions, insights or can share a similar experience I'd be very interested.
We may have to add reCAPTCHA to the donation form which would be easy for people to click on but harder for bots. The bots would have to be able to login to the PayPal account to complete the donation, but a bot may explain why our "Thank You" page is never visited upon completion of the payment.
Just for the record, we added Google reCAPTCHA to our donation form. We are seeing the CAPTCHA solved prior to the suspicious donations being made, so it's probably a person rather than a bot, which was my original inference given that someone has to login to the PayPal account to make the donation. The rate of these disputed donations has abated somewhat, but they are still coming.
Thanks to everyone else for the helpful information and suggestions.
I also operate the website for a non-profit with a donations button and we have also suddenly begun receiving a number of suspicious donations in the last few weeks - always in amounts between 2 and 5 Euros. We have had a donations button on our webpage for two years now but just began receiving these strange donations about three weeks ago. Before that, we were lucky if we got two donations a year.
I have noticed one common element for us: all of the donations are coming from people who use different currencies than we do (we are in Germany and use the Euro). The donations are coming from accounts in the USA (which would not normally be unusual for us), but also from accounts in Poland and the UK (there is no reason for people in these countries to send us money). This is pure speculation, but perhaps these donations are coming from bots or people who are engaging in currency speculation. They send us a donation if they think that the Euro is undervalued, in the hope that it will rise within a relatively short time. If it does rise, they request a refund, which is converted back into their own currency, but at a higher rate. Voila, they have made money on the deal. If they send 5 euros to 200 different accounts, they can effectively speculate with 1000 Euros. We do not have a captcha (going to add one ASAP) or a minimum donation amount (ditto), so in our case it could be bots making these transactions.
It's common practice for people who buy stolen credit card info to verify or validate a good number. In many cases, in order to stay under the radar, they pick a small charity or organization and make a small donation. If the transaction goes through, they have a good card - from there they go shopping on someone else's dime.
Our nonprofit is having the exact same fraudulent donation issue. Paypal has been no help. If anyone finds a solution, please do share.
Our small non-profit has this problem as well.
We are not using a form on our website in which to add a captcha to. We are using a PayPal button on our site which directs to a form?, on a PayPal domain, where the fraudulent charge is occurring. Perhaps PayPal could implement the reCAPTCHA, similar to the one below for submitting a comment, or perhaps a "donations under $5 cannot be refunded" policy.
We do need this taken care of soon so we are looking into all of our options.