<img height="1" width="1" src="https://www.facebook.com/tr?id=1028673224260832&amp;ev=PageView &amp;noscript=1">

Frequently Asked Questions About Business Identity Theft


Colorado-based Criminal investigator Ralph Gagliardi, an advisor to Company Alarm and the head of one of the nation’s only law enforcement units dedicated to fighting business identity theft, says the crime is one of the biggest issues facing American businesses today – but hardly anyone knows about it.

That can make selling the benefits of Company Alarm difficult.

So, in an effort to help our partners in the professional industries – the lawyers, accountants and registered agents out there – I wanted to answer some frequently asked questions about business identity theft. Hopefully with this list of Q&As you can explain the importance of what Company Alarm is offering.

What is business identity theft?

You’re probably familiar with personal identity theft, right? That’s when a criminal assumes the identity of an individual in order to obtain loans or purchase things on credit or file a fraudulent tax return using the stolen person’s personal information.  

Well, business identity theft is the exact same thing, except criminals are assuming the identity of a business, not a person, in order to obtain loans, purchase things on credit or file a fraudulent tax return.

The losses incurred through business identity theft often can top those of personal identity theft simply because businesses frequently have more access to money that individuals. A criminal assuming the identity of a business often can receive bigger loans or bigger tax returns than a criminal pretending to be an individual.

What forms does business identity theft take?

Business identity theft can take on many different forms.

Business Hijacking 

One of the most common is what our founder, Andy Pham, experienced, which is the hijacking of a business through the filing of fraudulent business documents with your local Secretary of State or other state agency responsible for registering businesses.

Most Secretaries of State lack the legal authority to verify the accuracy of the business filings they receive. That means in most states if you know a little bit about a company – say, its name and its ID number – and are willing to pay a nominal fee, you’re free to file anything you’d like about that company. As long as the filing is filled out correctly, your filing at the local Secretary of State will mark it as an official document.

This loophole in America’s business registration system has existed for decades. But for the vast majority of our country’s history, it didn’t pose much of a problem.  That’s because filing business records used to take a lot of effort. You’d have to track down the proper forms and submit the filings by mail or drive to your state capital and deliver the paperwork in person.

All that changed with the emergence of the Internet. Now, with just a few mouse clicks, you can not only file business records online, you also can look up information on every business in a given state. Typically, Secretaries of State websites include online disclaimers that require filers to affirm they have authorization to make changes to the business or else face a criminal charge of perjury. But these warnings are easily, and often, ignored. In short, Secretaries of State, who champion ways to streamline business filings for legitimate purposes with user friendly access via the web, have in turn made it incredibly easy for criminals to hijack businesses as well.

Here’s how it works:

Identity thieves research a targeted business online, using the Secretary of State’s website and possibly a search engine or two. Then, the thieves change the business records with the Secretary of State. This new record typically will change the business’s official address and/or the business’s managing member. Within minutes, the Secretary of State accepts the new filing and, poof, the thieves now have an official, government document stating that he or she owns your business, which is now located at an address the thieves control.

Other forms of business identity theft

But that’s just one form of business identity theft. Other schemes include criminals setting up a fake website to impersonate a business. Or criminals obtaining an address very similar to an existing business’s in order to trick lenders into giving them money. Or criminals stealing a business’s federal Employer Identification Number (EINs) in order to file a fraudulent tax return.

In all of the above examples, the criminals’ goal is to use the targeted business to get money from third parties: the IRS, lenders, unsuspecting customers.

Trademark ransom

But business identity thieves can also try to get money from the owners of the targeted businesses themselves through scheme known as “trademark ransom.” That’s when criminals register the name of an existing business as an official trademark and then demand a ransom from the business in order to release the trademarked name and allow the business to operate.

Domestically, trademark ransom preys upon businesses that have not adequately protected their company’s name by filing with the U.S. Patent and Trademark Office. Using the Internet, criminals identity businesses that have not filed trademarks on their name and then file the requisite application with the federal government, obtaining their own trademark.

Then the criminals turn around and notify the legitimate company that it is using their trademarked name illegally and demand a ransom.

Criminals also can employ trademark ransom schemes against businesses that operate internationally. That’s because trademark protections only exist for the countries in which you’ve applied for a trademark. Thus, if you’ve only trademarked your company name in the United States but do business in other countries, your trademark protections don’t exist in those other countries. That makes you vulnerable to trademark ransom in the other countries.

How prevalent is business identity theft in the United States?

No comprehensive data is available nationwide about the prevalence of business identity theft. But there are several pieces of evidence pointing towards it being a huge, and growing, problem. And most government authorities are doing nothing about it.

Prevalence of fraudulent tax return filings

In July 2017, for example, the Internal Revenue Service reported that it had seen a 2757 percent increase in the number of fraudulent tax returns filed for businesses. The losses, annually, rank over $120 million.

Fraudulent business filings

Meanwhile, when the Las Vegas Review-Journal investigated our founder’s case of business identity theft in May 2018, it found that the Nevada Secretary of State received at least 173 complaints about fraudulent business filings from 2015 to 2017, but declined to look into a large number of the cases at all. 

In fact, the Secretary of State claimed that it only found fraud in one of those 173 cases, but didn’t contact the state attorney general because law enforcement had already been contacted by the victim.

In addition to Andy’s case, the Review-Journal documented five other cases of identity theft involving Nevada-registered businesses.  

Business hijacking

The newspaper also documented a sixth case, about a Nevada woman who hijacked more than 100 businesses registered in Colorado and used their credit to purchase more than $255,000 in cellphones accessories that later activated in China, Iraq and Vietnam.

Bureau of Investigation unit

Colorado is one of the nation’s most aggressive states in combating business identity theft. The Colorado Bureau of Investigation employs one of – if not the only – units dedicated to investigating these crimes. From 2010 through 2018, the bureau’s unit reviewed 1,326 incidents of business identity theft, with the investigations often leading to suspects outside of Colorado.

Gagliardi, who runs that unit, recently wrote on the Company Alarm website that

“most businesspeople and even their lawyers are so unfamiliar with business identity theft that they’re perplexed how to respond when it’s suddenly staring them in the face."

What can business owners do to protect themselves?  

The sad truth is there is very little businesses can do to prevent identity theft because their information is now out in the public domain for anyone to see and access easily on the web.

Unless you structure your company as a business trust – which doesn’t have the same tax and structural benefits as an LLC, S-Corp or C-Corp – there is nothing you can do to proactively prevent a criminal from finding the necessary information about your business to assume its identity in one of the ways mentioned above.

Therefore, the only option business owners have is vigilance – that is, closely monitoring your business information. If you notice immediately that something strange has happened – such as your Nevada-based business suddenly having a mailing address in Colorado, which is what happened to Andy – you can quash the impact of business identity theft before its hurts your company.

That’s what Company Alarm offers help with: 24-hour monitoring of your business information on file with the local government.

We do the heavy lifting for business owners by monitoring their information for them. Faced with the dangers of business identity theft, Company Alarm is the best protection.

Company Alarm is dedicated to helping business owners protect what they have worked so hard to build. Our monitoring software is designed to prevent cybercriminals from exploiting loopholes to hijack your company and assets. To sign up for this low-cost, value-added protection, click here.

Subscribe to Get Articles in Your Inbox