The theft of a laptop can open up the possibility of corporate identity theft.
While many associate the term identity theft with the theft of an individual’s identity, corporate identity theft, in which the identity of a company or business, including small and medium-sized businesses (SMBs), is stolen, is increasingly more common. . In some cases, the intrusion is so stealthy that executives don’t notice the problem until a lot of damage has already been done. SMBs can be more attractive than individuals to identity thieves due to larger lines of credit and less scrutiny of how it’s used.
Shredding documents containing sensitive information can help companies protect themselves from identity theft.
The exact mechanisms for corporate identity theft may vary slightly by country, depending on laws and mechanisms for changing information. For example, in the UK, by submitting authentic-looking documents to a corporate registration service, an identity thief can make substantial changes to an organization. It is the mechanism for appointing new directors, change of director or change of registered office. With these types of changes, the directors themselves will not be notified and the new directors have, in effect, taken over the company.
Another approach is to create a fake website that appears to match a corporate identity (called phishing). Through this site, people are hired for jobs with a title like “Account Coordinator” and set up with features to receive payments from “clients.” The real job is to be a money mule for scammers.
Fraudsters can acquire the information that enables corporate identity theft in several ways. The loss of any computer, laptop, netbook or mobile device with company data is a potential invitation to corporate identity theft. Working in public without a privacy screen is another problem. Displaying a business license on the wall may be the law, but when it includes the business license number and CNPJ, if those items are legible or someone can take a picture and enlarge them, the information inside can be stolen. Taking this into account when placing the license is a good plan.
Steps to prevent corporate identity theft include the following suggestions. First, institute a company policy regarding confidential information and how it is handled. Second, make sure security systems are up to date, computer networks have firewalls, and antispyware, antivirus, and antispam software are turned on. Make reviewing your business credit report a regular part of your spending review. Invest in a good shredder and shred all business paper before you throw it away. Also, anyone who uses a Social Security number as an EIN (Employer Identification Number) should substitute it to reduce risk.