This most often happens when the person's credit card was stolen and the thief wants to verify the card is valid. Such nefarious persons seem to prefer making donations over making purchases through an organization like Amazon because donation forms are faster and easier to process than stores. This is usually done through carding runs. More information on carding runs and other actions Blackbaud takes to avoid fraud are covered here. Additionally, there are a number of settings around address matching and CVV matching (the security code on the back of the card) documented here.

If you are concerned about fraudulent charges on your site you can take action to begin the investigation by running a transaction details report (Report Writer, Create New ReportWriter Report) for the time around the transactions that were reported as fraudulent.  Within this report look for any consistent patterns in the transactions around the fraudulent transactions:
 
  • Are there strange email addresses with a consistent pattern, e.g. all upper case letters or "firstname@gmail.com" for a number of transactions
  • Many transactions with the same amount, normally a low amount like 5 dollars
  • Made up names that don't make sense that are possibly just dictionary words like refrigerator or common names like John Smith
  • Look for similar or identical IP addresses on the transactions

If you see anything like this it will help in the investigation, and will help the Luminate Support team to properly diagnose and set your fraud settings to prevent fraud on your site more effectively.  Note well, the site settings that are default are set to be the least restrictive to valid donations and still capture much of the fraudulent transactions that can occur, but there may be increased restrictions that can be set should your site become the target of fraud.