Saving the Day from Scammers: A Nonprofit’s Guide to Keeping Their Organisation Safe


Imagine this: You’re pouring your heart and soul into your nonprofit. Every donation brings you closer to achieving your mission, like helping families in need or protecting those adorable pandas. You feel a special connection with your donors, a trust that fuels your passion for making a difference. Then, BAM! A scammer swoops in, tricking a well-meaning staff member, and suddenly donor data or funds are at risk. It’s like a villain trying to steal your superpowers (donor trust in this case) and stop you from doing your good work.

Don’t worry, fellow heroes! Scammers come in all shapes and sizes, but we can outsmart them. This blog will equip you with the knowledge to be a shield against these virtual villains and keep your donors safe.

Andrew Nuxoll UNICEF cybersecurity Linkedin Live webinar non profits

Devious Disguises: The Many Tricks Up a Scammer’s Sleeve

Phishing emails might be a common trick, but scammers have a whole bag of sneaky moves. Here are a few to keep an eye out for:

  • Phishing Phonies: These deceptive emails (or calls) can look like they’re from trusted sources, like charities, banks, or even colleagues you know. They try to trick you into clicking on links or revealing sensitive information to steal passwords, credit card details, or donor data. Think of them as fake invitations to a charity gala – they look fancy, but their goal is to take something from you, not support your cause.
  • Website Wolf in Sheep’s Clothing: These malicious websites mimic real donation pages, tricking generous donors into giving their information or credit card details to a scammer. Imagine a website that looks just like yours, but instead of helping panda cubs, it’s lining the pockets of a villain!
  • Vendor Villain: Deceptive vendors might submit fake invoices, inflate prices, or create fake companies to steal your funds. They’re like that shady salesperson at a fundraising event, trying to sell you overpriced supplies you don’t need.
  • Grant Grabber: Fraudsters may pose as government agencies or grant-giving organizations, promising mountains of funding in exchange for upfront fees or personal information. Be wary of offers that sound too good to be true – real grants are there to help your mission, not take advantage of it!
  • Social Engineering Slyness: Scammers use flattery, intimidation, or a sense of urgency to manipulate staff or volunteers into revealing sensitive information or authorizing fraudulent transactions. They might play on your emotions or try to pressure you into acting quickly, but remember, a real donor or partner wouldn’t rush you into something suspicious.

These are just a few examples, so stay alert!

Spotting the Imposters: Red Flags Waving in the Wind

Here’s how to identify these scams before they cause trouble:

  • Urgency Like a Tight Deadline: Scammers often create a sense of panic, urging you to act immediately without thinking it through.
  • Suspicious Links and Attachments: Be wary of clicking on links or opening attachments in emails, especially from unknown senders.
  • Misspellings and Grammatical Errors: Legitimate organizations typically have professional communication. Poor grammar or spelling can be a red flag.
  • Requests for Personal Information: Never provide sensitive information like passwords or credit card details via email or unverified websites.
  • Unrealistic Promises: Be skeptical of offers that seem too good to be true, especially regarding grants or fundraising opportunities.
  • Unfamiliar Vendors: Research any new vendors thoroughly before entering into any agreements. Don’t just hire the first person handing out flyers at a conference!

Protecting Your Donors and Keeping the Giving Spirit Alive!

Keeping your nonprofit secure can feel like scaling a mountain in flip-flops. But fear not, here are some superhero-worthy (but totally doable) tactics to keep those deceptive emails and scams at bay:

  • Educate Your Team Like Training New Recruits: Regularly train staff and volunteers on how to identify different scams and how to report suspicious activity. Empower them to become guardians of your mission’s well-being.
  • Strong Passwords Are Like Your Secret Lair’s Security Code: Enforce strong password creation and encourage everyone to use multi-factor authentication for all accounts. This adds an extra layer of security, making it harder for bad actors to break in.
  • Donor Data? Treat It Like Your Most Valued Treasure: Limit access to donor data and only share it when absolutely necessary. Regularly monitor and update donor records to ensure accuracy.
  • Verify Communication Directly: If you receive a suspicious email, call, or request, don’t reply directly. Contact the supposed source using established phone numbers or websites to

Want to learn more about our cybersecurity risks? Click here.

We provide worldwide businesses with IT Security Transformation and Infrastructure solutions as well as an innovative Security-as-as-service Model for cost effective solutions. Backed by global partnerships and a library of 2000+ integrations, we’ve managed 10M+ identities, 10K+ threats and offered top-tier cybersecurity that saves time and money. Enjoy seamless integration across cloud applications and an all-inclusive pricing model covering product, implementation, and support. Questions? Consultations are free. Contact us at [email protected]or call +1 (925) 918-6618. Your cybersecurity upgrade starts here!