🄯2026 Steven Jay Cohen, Some Rights Reserved.
The last thing that I ever thought I would be posting about is Donation Fraud, but circumstances demand otherwise...
For nearly as long as this site has been online, readers have been able to choose to "Buy me coffee" as a way of saying thanks for the content. Having written AdSubtract (an Ad Blocker) a while back, I can't really use ads to monetize the site, so a few Coffee Links here and there and been a great no-pressure way to pass the hat around.
And, until October 2025, there was no issue at all. But then, things changed.
Out of nowhere, I was bombarded by $5 donations. At first, I was happy, then things started to look suspicious. Eventually, I realized that some hacker was trying to use my site for Credit Card Testing Fraud.
A hacker locates a site with donation links because donation links are a lot simpler than the usual online shopping carts. This makes them easier targets when a bad actor buys stolen credit card info online, then sets up a system to try all of the cards out, and anything that succeeds in making a donation is an active card that they will then go off and use until they've maxed it out.
Once I turned off the exploited link, I went about refunding any charges that went through -- I really do hope this is enough to alert someone to the fact that their card might have been stolen since I don't have a way to reach out to them directly.
After that, I thought it was all over, until 10 days later, it started all over again using another link from my site. So, I pulled all of those links down, deactivated that system entirely, and once again went about refunding money.
With this finished, I realized that I could migrate the links to a Pay What You Want link from PayPal. And since PayPal has better fraud detection built in by default, here's hoping that I won't be dealing with this again any time soon.
"This is why we can't have nice things!"
Seriously, this was the first thing to go through my mind, quickly followed by being amazed that it took until 2025 for a hack like this to happen. Then, that was followed by me wondering why things like this were happening now?
Could it be that AI had something to do with this?
The hack on my site was very low end. So, it would not have required AI to make it happen but I can't help but think that a few incredibly lazy bad actors asked a chatBot how it would hypothetically go about verifying some of the stolen credit card info they had bought on the Dark Web.
With everything happening online, and so much of it being scary, I have been spending a bit too much time huddled up in a small ball, rocking back and forth, and ignoring things the best I could. I'm not sure how best to contribute to the conversation because I don't want to add to the noise, but if I am completely silent, that isn't helping either. So, if we are trying to find that silver lining, maybe that will be my return to posting in this space. And, as time goes on, I can try to figure out how what I do fits into the newly emerging future.
You can find me here and for now on BlueSky but not many other places. As that changes, and it likely will, I'll post about it here.
🄯2026 Steven Jay Cohen, Some Rights Reserved.
