Business identity theft is on the rise. There’s no doubt.
The Internal Revenue Service reported a 2,757 percent increase in fraudulent tax returns filed for businesses from 2015 to 2017.
Dun & Bradstreet, the commercial credit reporting agency based out of New Jersey, saw incidents of business identity theft rise 46 percent from 2016 to 2017.
Ralph Gagliardi, the Colorado-based criminal investigator in charge of one of the nation’s only law enforcement units dedicated to business identity theft, says the crime “is one of the biggest problems facing American businesses today, but virtually no one knows about it.”
So, if you’re a registered agent, if you’re in the business of helping other businesses, business identity theft probably will be on your radar, if it’s not already.
What can you do about it? We at Company Alarm believe you can advise your clients on how to protect themselves from business identity theft. And we can help you do that.
Educate, educate, educate
Perhaps the biggest obstacle in fighting business identity theft is the public’s general lack of knowledge about it. Business identity theft has not received nearly the same kind of attention that personal identity theft has – even though the losses from business identity theft can be far greater.
So, the very first thing any registered agent would need to do to help protect his or her clients is simply to educate them about the crime itself.
Obviously, if the crime isn’t well known – or even tracked by anyone in the government – it’s difficult to find reliable information on the topic. But Company Alarm is trying to change that. We have an ever-growing library of educational articles on the topic.
These articles are reviewed by Agent Gagliardi, who serves as an adviser to Company Alarm. So you can be assured that what we’re reporting is backed up by one of the leading minds on this topic in America today.
You might also refer your clients to this investigative report by the Las Vegas Review-Journal, which broke the story on our founder’s case of business identity theft and explored the weaknesses in Nevada’s business registration system. (Spoiler alert: The problems the Review-Journal found in Nevada are found virtually in every state in America today.)
Once you’ve shown your clients the seriousness of business identity theft, the next thing you’re going to want to do is offer them some training on how they can avoid making themselves a target.
One thing you’ll want to advise them on is how to protect their critical business information.
Sadly, most states publish detailed lists of the businesses registered within their borders, including their names, addresses and key officials. Having this information all in one place makes it incredibly easy for cybercriminals to pick off unsuspecting businesses in quick succession.
However, one critical piece of information that typically isn’t included on those state websites is businesses’ federal Employer Identification Numbers or EINs. Those numbers are invaluable to identity thieves – but usually they have to work to get them.
Your job is to teach your clients how to make the criminals work even harder.
Say your client has an employee who needs their EIN to fill out an urgent application. Most business owners under that scenario would look up the number and e-mail or text it to their employee. Or maybe write it down on a note and pass it along.
But those are exactly the wrong things they should do!
As we all know, e-mail is relatively easy to hack. Text messages are likewise unsecure. Notes, meanwhile, get left on desks or thrown away whole. They’re easily retrievable by dumpster divers (a common hobby of identity thieves) or by unscrupulous cleaning crews who may work in your office building.
A better strategy for your clients is to have them look up their EINs and verbally tell the number to the employee asking for it, either in person or over the phone. If your client were in person, it would be even better if they simply entered the number onto the form themselves.
The bottom line is you want to advise your client not to make an additional, unsecured record of the EIN or allow their employee to do it either. That’s just creating another avenue for identity thieves to access a business’s critical identifying information.
Other things you’ll want to train your clients include being careful about what they post on social media. Identity thieves are typically great at online research. They can use any information at their fingertips to aid in their efforts to hijack a business. You want to teach your clients not to give them any extra ammunition by keeping their social media accounts free of compromising information.
The last piece in a business’s fortifications against identity theft is monitoring. The sad reality is that identity theft is almost impossible to prevent. There’s too much information out there already about your business and yourself. A motivated criminal is going to find the information he or she needs to steal identities.
And lending agencies and other businesses are just sloppy enough that criminals are going to be successful quite often using stolen information to impersonate a business or individual.
The solution then isn’t prevention, but rather acting immediately when you know your business has been compromised. The founder of Company Alarm, Andy Pham, had one of his businesses hijacked in late 2015 – but he didn’t know about it until about 11 months later. Those months gave the cyber-criminals who targeted him plenty of time to cause a lot of problems.
The key to combating business identity theft is to not give the bad guys any time. You want to act the moment you know your business is under attack.
So, the way you do that is through monitoring. You could, for example advise your clients to log into their local secretary of state account once a week and check to see if any of their information on file with the state has been changed without their knowledge, which would be a major red flag for a hijacking in progress.
Such monitoring, however, is cumbersome, and hard to remember to do. That’s why we launched Company Alarm, which through the use of our proprietary scanning software will continuously monitor a business’s information on file with the state 24-hours a day.
If any information is changed about a business – say its address or the name of its managing member – the business owner will receive a text message immediately notifying him or her about what has changed.
And those text messages will not be something vague like, a new record has been filed for your business. No, Company Alarm notifications say specifically what has changed. As Andy, our founder, likes to say, he would have reacted immediately if he had gotten a message telling him that he was no longer listed as the managing member of his company and a stranger’s name was now in his place.
In other words, you can direct your clients to come to Company Alarm for help monitoring their critical business information. And if you sign up to become a partner with Company Alarm, your clients can get a discount on our services and you can make a little extra money, too.
Company Alarm is dedicated to helping business owners protect what they have worked so hard to build. Our monitoring software is designed to prevent cybercriminals from exploiting loopholes to hijack your company and assets. To sign up for this low-cost, value-added protection, click here.