Company names mentioned herein are the property of, and may be trademarks of, their respective owners and are for educational purposes only.
Compiled and designed by Mark Fullbright , Certified Identity Theft Risk Management Specialist™ (CITRMS) as a free service for businesses to protect themselves and reduce their exposure to identity theft. Stay Safe, Stay Secure
2. Credit reports are a staple of modern commerce and
credit decision making, and millions of businesses
rely on them every day. Consumers have credit
reports; and, because businesses regularly extend
credit to each other, businesses have credit reports
as well.
However, while there are some similarities, there are
two critical differences between business credit
reports and consumer credit reports that business
identity thieves can use to their advantage.
3. Unlike consumer credit reports,
business credit reports are available
to virtually anyone
4. Consumer credit reports contain a significant amount of
confidential and sensitive information about the subject of
the report that could be misused.
Because of this, access to consumer credit reports is
restricted to businesses with a permissible business
need, companies with whom the consumer has applied
for credit, and companies to whom the consumer grants
permission.
Business credit reports also contain a significant amount
of information about the business that can potentially be
misused.
However, because business credit reports are intended
to promote and foster commerce and aid in risk
management decision processes between businesses, a
business credit report is readily available and can be
purchased by virtually anyone.
5. Unlike consumer credit reports, a
business credit report is self-
reported by the business
6. Additional information may also be obtained and
incorporated into the report from public records and
third parties, such as other companies with which the
business has credit accounts.
Depending upon the type and source of the report, a
business credit report may also contain owner and
principal information, financial statements, trade
information, public filings, operations and facility
information, SIC/SAIC codes, etc.
All of this is valuable background information for
thieves seeking to target a company for business
identity theft
7. Because a large amount of the information is self-
reported, there is a potential for criminals to gain
access to and manipulate the file, changing the
information of their target company in order to
deceive creditors or lenders as part of their business
identity theft scheme.
Business registration information that is included in
the report is generally obtained and verified through
the appropriate Secretary of State.
Therefore, in some cases a criminal's first step is to
attempt to fraudulently change the state business
registration records, and then manipulate the
business credit report.
9. Fake Business Credit Applications
Business credit applications are commonplace and
in many businesses would not raise a red
flag, particularly if they appear to originate from a
recognized source such as a credit card
company, major supplier, or lender.
A new line of credit or extended payment terms can
be very appealing to a cash-strapped business.
10. False Business Financial Reports
Business identity thieves can manipulate business
financial reports, or easily fabricate such reports
altogether, in order to deceive prospective creditors
and lenders by making the business appear better
off than it may be.
When combined with other real or falsified business
credentials, or proof of right, false financial reports
are used to add to the appearance of legitimacy and
financial capacity as part of a business identity theft
scheme intended to fraudulently obtain loans or lines
of credit in the business' name.
11. Phishing Scams
Phishing email scams are designed to trick you, or your
employees, into divulging confidential personal and
business account information (i.e. SSN, EIN, account
number, user name, password, etc.)
The IRS, government agencies, and legitimate financial
institutions do not request you to provide or "verify" this
information through email communications.
If you or your employees receive such an email, notify
your bank's fraud department.
Do not respond to the email, and do not click on any links
or open any attachments in the email as doing so can
connect you to a fraudulent website and/or cause
spyware to be installed on your computer.
12. Popular in Business ID Theft
Schemes
Fraudulent Business Filings
Address Mirroring
Virtual Services and Technology
Shelf Corporations and Trade Rings
Use of Owner / Officer Identity
Manipulation of Business Records
Cyber Crime
Internet Black Market
Other Schemes to Defraud
13. Advocate Tip #1
Even a closed business can be reopened by paying
a nominal fee, without your consent.
Your good business name can be used by crooks to
lure previous customers and trick new ones into
providing credit cards, products and services they
have no intention to repay.
If you suspect someone may be using your
companies name, contact the Secretary of State and
check the status of that business.
If you determine fraud has occurred, file a police
report
14. Advocate Tip #2
A consumers good name and credit can also be
used by identity thieves to create business credit
files or take out loans in fake business names
Checking their own credit files may show early signs
of fraud has occurred.
Place fraud alerts, if suspicious
Monitor public records, if suspicious
If you see an unknown company or business looking at
your credit file. Contact them immediately!
Inquiries usually drop off after 10-15 business days, work
fast to minimize exposure to identity theft.
15. Advocate Tip #3
Most banks offer "zero-fraud liability" protection to
their consumer banking customers. Normally this
service is not available to businesses. Ask your bank
about coverage.
Ask about insurance coverage for Data Breach,
Fraud and Identity Theft.
Check with your bank regarding liability on
MasterCard / Visa credit and debit cards for small
businesses.
17. Fact
Only 28% of small businesses provide training to
employees about Internet safety and security.
* Source: 2012 National Small Business Study, National Cyber Security Alliance, Symantec, & JZ
Analytics.
18. Train your employees (and yourself)
Protecting your business and the sensitive
information of your business, your customers, and
employees is the responsibility of everyone in your
organization.
Properly trained employees understand the risks and
know how to recognize and stop fraud and
information security risks before it impacts your
business.
19. Online and Public Presence
Export and delete all information from web
applications associated with expiring domain names
Use Google Alerts or a similar service to monitor the
Internet
Whois Database and domain privacy services
Be alert for impostors on the web and in the phone
book
20. Data Privacy for Small Businesses
Part 1: Does Your Privacy Policy Need A Tune-Up?
Part 2: Reviewing and Retooling Your Privacy
Practices
Part 3: Keeping Privacy in Mind as You Grow Your
Business
21. Positive Pay
Most U.S commercial banks offer Positive Pay
services which can significantly reduce business
check fraud losses.
Using Positive Pay, when you write business checks,
you provide your bank with a list of check numbers
and dollar amounts.
Your bank compares any checks received for
payment against your list. If a check doesn't match, it
is identified as an "exception" and is not paid.
22. Resources
Dun & Bradstreet: Sample Credit Report
NASS Business Identity Theft Task Force
Tax Information For Businesses
Secretary of State website
Better Business Bureau®
NAID
BBB EU Safe Harbor Program
Glossary by Kroll’s Fraud Solutions
23. Company names mentioned herein are the property of, and may be
trademarks of, their respective owners and are for educational purposes only.
Special Thanks to BusinessIDTheft.org, BBB
Compiled and designed by Mark Fullbright , Certified Identity
Theft Risk Management Specialist™ (CITRMS) as a free service
for businesses to protect themselves and reduce their exposure to
identity theft.
Stay Safe, Stay Secure