Sunday, September 25, 2011

Protecting Your Business From Identity Fraud

"To build may have to be the slow and laborious task of years. To destroy can be the thoughtless act of a single day." ~Sir Winston Churchill

So many business owners think that identity fraud only happens with individuals. Unfortunately, this is just not the case. The incidence of identity fraud involving businesses is increasing, and to complicate matters even further, state laws against stealing an individual’s identity are much more rigorous than those against stealing a business’s.

I see identity theft occur most often with businesses when employees are given a company credit card. It is so easy for a thief to get your card number and use it to make unauthorized purchases. This is why it is so critical that you go over your credit card statements regularly to ensure there are no fraudulent charges. Obviously, you do not want to leave that responsibility with the cardholder as it would be too easy to hide any abuse. It is always a good idea to have some checks and balances in place.

Where identity theft is concerned, prevention is key. One essential piece of avoiding theft and misuse of your information is changing your passwords every 45 to 90 days. You should always make sure the passwords you choose are complex by using a phrase to remember them. Changing passwords often can be a pain, but it is so important to protecting your financial information against unauthorized access.

Another good rule of thumb is to never send any identifying information at your bank’s request. There are numerous scams out there that do a very good job of disguising themselves as your financial institution. No matter how valid they seem, you must always verify with your bank that the information is legitimate.

Be so careful about how you use your wireless network. If your network is not protected, your information can be stolen so easily. You should never transfer sensitive information on a wireless or any other network without encrypting it first.

Free public wireless networks are one of the biggest potential dangers. Should a staff member use one of these public networks to either send or receive sensitive data, it could leave your company open to identity theft. This can happen so easily since most of these wireless hubs have no security. Before you can access them, you have to sign off that you understand the risks of using the network and agree not to hold the provider responsible in the event of a breach.

As an additional layer of protection, business owners should establish a call-back procedure with their financial institution. The bank will call the account owner to verify the transaction before any transfers are made, especially in the case of wires.

Another important practice is always shredding documents that contain your financial information. It is so easy for thieves to go through the trash and find your financial records. For me, shredding is kind of therapeutic. I like to hear that shredder going because I know that no one else will be able to access these documents. You should make sure you have a shredding policy in place, and it is not a bad idea to start moving toward a policy that prohibits hard copies of these records.

Another easy, but effective practice is turning off your PCs when you leave at night. Many businesses leave their machines on, which gives a hacker a lot of time to run password-breaking programs against their financial applications.

Finally, make sure that your virus checker and firewall are up to date and that all downloaded documents are checked for viruses or any other malware.

Now go and make sure you have a policy in place to ensure your business identity remains secure. These steps are absolutely critical if you want your business to continue to operate safely without falling victim to identity theft.

You can do this.


  1. Jerry, Thanks for making a case for business ID theft. Our business got hit recently when thieves used our EIN to open a fraudulent merchant account and run stolen credit card numbers through. The thieves got our EIN off of none other than The website by the Florida Department of State has all business EIN numbers in clear text for every single business entity in the state!

    We also had a tough time filing a police report once our ID was stolen - the key here is to be persistent with local law enforcement. You must have a case ID number to file any damage reports with many vendors. This is what it also took to remove the fraudulent merchant charges.

    Your article is a great start, but theives do this as their business and they're getting innovative themselves!

  2. Like a debit card, a credit card is also a plastic card issued by a financial institution for usage to complete payments and purchases. Instead of the needed funds to complete the transaction being deducted from an associated financial institution, they are issued in the form of debt by the underlying credit card company. Visit::