Why Your Business (Yes, Business) Will Probably Be a Victim of Identity Theft

We’d like to share a story with you.

Stanley Ipkiss, from the movie “The Mask,” is a shy, fumbling bank clerk in Edge City. His life may be a little quiet and lonely, but it’s his. Until one night when he’s denied entrance to a hip nightclub - the Coco Bongo to be exact - and finds himself stranded with a broken down rental car by the harbor.

He discovers an ancient mask, a crude depiction of Loki, the Norse God of night and mischief, takes it home, and puts it on. And then something funny happens. The mask wraps around his head - and transforms him into a cartoonish, yellow-suited, whirling dervish with the power to bend reality and break the laws of physics.

The Mask assumes Stanley’s identity, wreaks havoc on his life, and besmirches his good name. After all that (with a closet stuffed with stolen bank money) he’s arrested for robbery and public disturbance and thrown into a dank jail cell.

Ok, ok. The Mask is just a Jim Carrey movie and not an identity theft case study at all. But the chaos, stress and upheaval - they’re all the same. And just because everything works out well in the end for Stanley - he nabs the girl, beats the bad guys, exacts revenge on his oppressors, and lives happily ever after - does not mean that real life victims are so lucky.

A Staggering Epidemic

Identity theft has become big business. As we posted last week, the crime is exploding, poised to surpass traditional theft as the leading form of property crime. And if you think consumers are the only victims, think again. Businesses, particularly small businesses, are becoming even more alluring - and easier - targets.

With the string of recent data breaches at major retailers and alarming Internet hacks like the Heartbleed bug, it’s no wonder that identity theft costs businesses worldwide an estimated $221 billion per year! Because fraudsters are finding increasingly sophisticated ways to hijack your identity and your life, on and offline criminal activity has become pervasive. So pervasive, in fact, that cyber security experts advise every business to expect to be victimized at some point.

Tricks, Cheats & Swindles

Attacks seem to come in every form, from every corner, including:

• Fraudulent Business Registrations and Filings: Thieves can hack into government systems to wrest control of businesses’ registration and filing processes.
• Tampered Business Credit Reports/Records: Fraudsters falsify business credit reports and financial records to impersonate the business and acquire loans and lines of credit.
• Physical Address Mirroring: Criminals “move in” - using the business’s physical address to obtain loans, credit, cash, goods, and services in the business’s name.
• Tax Fraud: Identity thieves steal businesses’ Tax Identification Numbers (TINs) and use them for tax refund fraud and other schemes, which create tax liabilities for the business.
• Cyber Crime and Business Banking Fraud: Bank accounts can be drained, funds misappropriated, and fraudulent wire and ACH transfers made - all in a matter of minutes. Cyber crime means big losses.
• Misuse of Business Owner Identity: Because the owner and other key executives’ identities are so closely intertwined with the business, their individual identities are often compromised, as well - used to obtain loans and lines of credit, access existing bank or credit accounts, and make significant transactions in the business’s name.
• Misuse of Technology and Business Services: Misusing technology and virtual business services is just another way for thieves to impersonate, appear legitimate, mask their location, and commit fraud.
• Shell Corporations and Trade Rings: Fraudsters use shell corporations and trade rings to deceive, impersonate, and bolster their legitimacy in fraud schemes.

Avoiding The Mask- A.K.A Identity Theft

Scary, right? You cannot prevent this violation of privacy, but you can employ relatively simple techniques to protect yourself. If you don’t make silly blunders - like donning a mysterious mask - it will be just a little bit harder for the crooks. We recommend that you follow this checklist:

1. Safeguard important documents.

Guard your business Employer Identification Number (EIN) as closely as a Social Security Number. That means keeping all sensitive company documents/records in a safe, secure location inaccessible by unauthorized persons and micro-shredding (cross-, confetti-, or diamond cut) unneeded documents. Be wary of disclosing your EIN, especially for unnecessary reasons or unsolicited business credit applications.

2. Monitor your business registration and credit reports.

This is one of the best ways to prevent fraud. Enroll in services to monitor your information with the state and all three national credit bureaus (Equifax, Experian, and TransUnion). You’ll have access to your files 24/7 and receive email alerts notifying you of new activity on your account.

3. Protect your bank accounts.

If you reconcile your accounts daily, you’ll be much more likely to spot suspicious or fraudulent activity. You should also be familiar with your financial institution’s business banking and fraud policies and secure your payment systems: authentication controls for ACH and wire transfers, Positive Pay for checks. And always, always be on the lookout for phishing email scams! 

4. Practice safe online banking.

We once asked a cat burglar how to best prevent online bank fraud, and it has since become one of our most popular posts. Read this oldie but goodie to learn about banking safely online.

5. Look for red flags.

To catch the thieves in the act, you have to know what you’re looking for. Familiarize yourself with the tricks, cheats, and swindles above - all the ways identity thieves operate -  and then remain vigilante. Keep an eye out for:

• Missing or late account statements.
• Misaddressed mail.
• Unusual inquires.
• Large orders from unknown or strange customers.
• Correspondence regarding accounts that are not yours.
• Suspicious activity around your building or immediate area.

The faster you act, the safer you are. To learn more about identity theft and prevention services, please contact your financial institution.

*This is the third installment of “Safeguarding Your Business,” a series that educates you on how to stop defending yourself against external business threats. It will help put you in a position of offense, where you can start thinking strategically about your business. If you missed the previous article, you can find it here.