Unfortunately, small business owners tend to face a high risk of business identity theft. After all, their personal information is often inextricably connected to their companies and, therefore, even more susceptible to cyberattacks that illegally acquire names, Social Security numbers, credit card data and other personal information.
How Does Business Identity Theft Happen?
According to Chase, "A thief might act as a representative of the company in order to defraud creditors and suppliers, loan officers, unsuspecting customers and even the government if taxes are involved." Thieves can also access tax ID numbers and other financial or management information through public filings or private databases.
When cyberthieves successfully compromise a business owner's identity (or that of his or her business), they can:
- Gain access to cash and credit accounts
- Make illegal transfers of funds, unauthorized purchases and cash advances
- Open fraudulent bank and credit accounts
- File false tax returns
Through their illicit activities, cybercriminals can quickly drain cash reserves and severely damage a company's credit standing. What follows is a business owner's worst nightmare: bad credit reports, calls from collection agencies, account closures and misdirected customer payments.
Take Action to Reduce the Threat
The widespread adoption of cloud services and the growth of the Internet of Things bring new risks for data security, as ITProPortal points out. It's therefore critical to establish strict guidelines for protecting data and then to ensure that these guidelines are enforced. Here are some steps that you should try to implement as soon as possible:
- Update all of your security devices and software, particularly technology that was purchased and installed more than a year ago.
- Talk with your commercial bank representative about scheduling regular reviews of your accounts to spot any unauthorized loan requests or new lines of credit.
- Encourage your employees to use prepaid company credit cards so that you can set usage limits and deactivate cards in the case of a security breach.
- Require vendors and third-party benefits administrators to adhere to strict data-protection policies. If you're dissatisfied with their security policies, find another partner who will more stringently pursue procedures to protect you against business identity theft.
- Enlist the services of a reputable credit monitoring agency to check your credit reports for any suspicious activity.
- When your business purchases new mobile devices, make sure that they meet key security requirements. With wearable devices and location monitoring technology, for example, you should verify that these devices don't serve as access points to secured business data or otherwise threaten safeguards you've put in place.
- Shred all hard copies of documents when they are no longer needed. This includes "cancelled checks, bank statements, medical information, credit card applications, pre-approved credit card offers, and all other documents that may contain any personal identifiers."
Most importantly, you should establish an employee education policy to heighten awareness of business identity theft among your workforce. Teach your employees to recognize and act against email scams, spear phishing and phone requests for confidential information. You can't afford to have anyone in your company fall prey to schemes that result in the theft of key business data.
SIGN UP FOR THE THRIVE NEWSLETTER