• Over $8 billion is lost or stolen from small businesses every year. (FBI)
• In 84% of cases, money was stolen before the fraud was detected by the bank. (Ponemon Institute)
• 60% of businesses that suffer business identity fraud close their doors within 1 year. (Wall Street Journal)
• 56% of businesses experience fraud every year. (Javelin Research & Wall Street Journal)
• 75% of business victims lost money in online banking fraud. (Javelin Research & Wall Street Journal)
“In terms of potential losses and damage to victims, business identity theft could easily be considered consumer identity theft’s bigger, meaner, and more evil twin” says Michael Bennett in The Consumer Identity Theft Protection Manual. In Part I of this story, we described what makes stealing a business’ identity so appealing. Now, we discuss how to protect your company – and yourself.
Set up a credit monitoring service that alerts you when new credit is opened in your business name. Regularly check your corporate filings on the Secretary of State’s website to see if your information is correct and to see which tools are available to protect it. Set up email alerts for online accounts to monitor logins and activity. Monitor business accounts daily.
Limit access to company accounts, and ensure that all employees have passed background checks before granting access. Use different passwords for every account, using multi-factor authentication when possible. Store important documents in a secure location, and shred anything that contains information that could be used by thieves. Set up security and authentication controls to prevent fraudulent wire transfers or electronic transactions. If you pay by check, consider enrolling in Positive Pay. Available at most commercial banks, Positive Pay is a system where you provide your bank with a list of check numbers and amounts for business checks you’ve written, and they only pay checks that match. Any checks not on the list are presented to you for approval prior to payment.
Be wary of phishing scams – never respond to unsolicited emails or provide personal information to unknown parties. Don’t visit unverified websites on a company computer and never download unauthorized software, which could contain password-stealing malware. Always have up-to-date anti-virus software and scan regularly. Create security protocols and train employees about the dangers the protocols prevent – they will be more willing to cooperate knowing it protects their identities and paychecks, too.
The earlier any identity theft is caught, the less damage is sustained. By thinking about the risks and enacting a prevention plan, you’re protecting your business and personal identity from potentially devastating losses.
NBP members get discounted access to business identity theft prevention services by logging into our portal and finding iDefend Business under the “ID Protection” tab.