Corporate identity theft targets small businesses as well as large corporations much like regular identity theft does. Businesses may discover that they are the victims of identity theft when they apply for credit, grants or loans, and find out that their credit is bad. Most people think that identity theft only happens to individuals, but corporate identity theft is on the rise.
The most common form of identity theft is the fraudulent use of a company’s credit profile by thieves. With credit profiles, thieves can easily obtain credit for a separate, oftentimes nonexistent, company, or they can also rack up charges in the company’s name.
Similar to credit score, all businesses also have credit histories that are used to establish credit with vendors, and much like individuals’ credit, it is important for companies’ credit to remain in good standing. A company cannot obtain credit, buy new equipment or rent a space without a clear credit history.
How it works
Identity thieves steal a company’s credit profile by impersonating them. Once the identity thieves obtain the credit profile, they establish their own accounts and accumulate unauthorized charges. They may also create accounts in the company’s name. All that is required is the company’s account numbers. Identity thieves obtain this information in much the same way they obtain individuals’ information:
- Dumpster diving
- Thieves will dig through company trash during off-hours in order to obtain account numbers, company history, addresses and more.
- Pretexting
- Identity thieves will also pretend to be passed or current employees and try to obtain confidential information from other company employees and representatives.
- Hacking
- Hackers will use malware, such as viruses and worms, to access confidential documents on company servers.
- Stealing mail and other documents
- Thieves will steal any sort of mail from a company mailbox to piece together information.
How to Safeguard against Corporate Identity Theft
Companies can protect against corporate identity theft by following these commonsense tips:
- They should secure any of their or their clients’ personal information by storing the data on secure networks.
- Company credit history should be monitored regularly. Businesses should inquire with business reporting agencies about their credit records, and make sure there is no unauthorized or incorrect information on the records.
- All incorrect credit records should be corrected immediately. Companies should work with the agencies to have it removed, and companies should also keep regular track of their information.
- Secure the company’s premises with locks. Identity thieves will do anything to obtain a company’s confidential information. Therefore, all companies should secure their stores with durable locks, shatterproof glass, secured windows, and an alarm system.
- All company data should be stored in a secure place. Personal information should be placed in a secured filing cabinet, and all electronic data should be placed on a flash drive rather than on the office computer.
- All information should be shredded prior to being thrown out. This will prevent thieves from obtaining account numbers and tax returns.
- Do not give out sensitive information. When an individual requests sensitive information over the phone or through the mail, their request should be ignored. Many thieves attempt to gain information this way.
- Secure the company mailbox. Companies should secure and monitor their mailboxes to prevent thieves from stealing credit card bills and bank statements.
- All company computers should be secured with anti-virus and anti-spyware software as well as firewalls. This will prevent hackers from accessing servers and obtaining confidential documents.
- All documents pertaining to the company should be well organized and monitored frequently.
Companies may also invest in corporate identity theft protection services for an added layer of protection. AIG currently offers corporate identity protection for small businesses. AIG also guarantees to defend a lawsuit, regardless of whether it is groundless or fraudulent. Their plans provide:
- coverage for legally enforceable damages and liabilities
- coverage for regulatory action expenses as well as for costs for victims whose personal data may have been compromised
- coverage for crisis events
- legal assistance
- identity theft recovery services
Summary
Corporate identity theft, once thought of as rare, is increasing rapidly, and can destroy an entire business’s credit easily. It is important for businesses, no matter how large or small, to educate themselves on corporate identity theft, and take the necessary safeguards to ensure that their businesses are protected. Once a thief obtains a company’s sensitive information, they are able to change the registered address of a business, the director of the company, and they can also appoint new directors. It is important to take action against corporate identity thieves by securing all sensitive company information.