Find news, events, articles, videos, and more that answer your questions and keep you up-to-date.
Visit Resource Center
Stay informed on compliance updates
In some ways, business identity theft is like a powerful hurricane. It rushes in quickly and without warning; wreaking havoc and causing extensive damage and distress in its wake. Each year, business identity theft can be blamed for millions of dollars in losses to large and small businesses alike.
Stealing a business’ identity is a lot easier than you might think. State laws require the public disclosure of proprietary business information. This might include annual reports, management and personnel information, name and address, and employee identification number (EIN). All of this information can be used by thieves to apply for a line of credit or loan. Thieves also have ways of intercepting business credit card information and using this to purchase hundreds of thousands of dollars’ worth of merchandise.
The good news is this—businesses can mitigate the risk of business identity theft and prevent damaging losses by following some simple and effective steps
Nothing says “I’m not paying attention,” like missing an annual report deadline. That is like waving a huge sign that saying: “Steal my information.” Yet, because many deadlines are tied to the date you formed your company, rather than coinciding with tax filing deadlines, the date can be easy to overlook. This is particularly true if you are operating in multiple states—each of which has its own due date—it can be easy to miss one.
Stay on top of any changes to your business registration information by looking up your business on your Secretary of State’s website regularly or signing up for email alerts if available. This way, you can see if any unauthorized changes have been made (such as changing your business address) and immediately report and reverse the fraudulent activity.
Most states require a filing if the company changes its name, method of management (for an LLC), number/types of stock authorized (for a corporation), or its registered agent. Many also require notification if the principal officers or business address changes. Keeping this information updated helps ensure you receive notifications from the state—and sends a message to would-be thieves that you are paying attention to the details.
In an effort to fight the fraudulent tax return aspect of business identity theft, the IRS will be on the lookout for any filing inconsistencies or falsified information. Be prepared to provide the following:
Phishing is the use of a deceptive email to gather personal information or install malware. Sophisticated phishing techniques make these emails hard to differentiate from legitimate ones. Make sure your employees know what red flags to look for when they receive an email. Examples include bad grammar and spelling, strange attachments, and links to unrecognized sites.
A surprising number of companies post sensitive information—such as the federal Employer Identification Number—on their website. While you want your website to be informative and to engender trust in your customers, make sure that you limit the amount of information that you disclose to anyone who searches for your company name. (This also makes it more challenging for scam-artists to brand-jack (impersonate) your website.)
Whether through Dun & Bradstreet or a major credit bureau, you should be monitoring your credit activity on a regular basis to detect and address any malicious activities. You can also request to receive regular email alerts from the top credit agencies.
Technology changes and evolves quickly, so it’s important to be aware of the latest trends in business identity theft. There are several online resources available that provide critical data, statistics, and reports to help protect your business against fraudulent and criminal activity. In addition, many states provide information, including reports of recent scam-related activities, on their secretary of state websites.
Small businesses are especially guilty of neglecting to use readily available tactics for minimizing the risk of identity theft. Employees should be installing the latest security programs designed to detect and prevent malicious computer hacking and cyber-attacks.
Unfortunately, it looks like business identity theft is here to stay. With the number of incidents growing each year, and financial losses piling up, it’s more important than ever for businesses to be vigilant. By following these straightforward, common-sense actions you can reduce the risk of business identity theft.
More in Compliance Solutions
More in Running Your Business