About the only thing you can do in this case would be require real-life validation like a drivers license or social security number (and then check that it's valid and the information provided matches) or send the user off-site to a verification service before allowing interaction, which isn't free. Another option would be to require a refundable downpayment on the amount from a valid credit card, but then that gets seriously thorny because you're handling money related to the campaign now and have to worry about chargebacks and disputes etc. They've probably gone with the optimal course here.it makes me wonder (and I do hope it is the case) if they have put in place a tighter authentication process than they had to start with .... no clue what that would involve