Identity theft is a massive problem globally, and in the US alone, over 3.2 million identity theft and fraud reports were filed in 2019. But often when we hear such statistics, we think of personal identity theft, such as social security numbers and consumer credit cards being stolen.
However, business identity theft has been a growing trend, especially as more and more SMBs (small to medium businesses) are opening online stores. In 2017, there were over 10,000 reported cases of business identity theft, and data analytics firms estimate this will rise over 258% by the end of 2020.
According to a survey from CSID, the leading provider of global identity protection and fraud detection technologies for businesses, around 31% of small businesses are not taking proactive measures to mitigate cyber risk.
Business identity theft can affect large enterprise companies as well, and with a huge cost. While individual identity theft is typically discovered within 3 months, as individual consumers are immediately alerted to suspicious account activity, fraudulent transactions can easily fly under the radar in a company that handles many transactions on a daily basis.
Business identity theft tactics
The tactics used by criminals to perform business identity theft are similar to personal identity theft, but there is a lot of different types of information a criminal can obtain about your business to engage in fraud.
Some of these fraudulent activities can include:
- Phishing emails: Criminals can use your business logo to send phishing emails, typically sent to employees to get access information. Criminals can also hack into executive email accounts and send requests to the finance team for wire transfers.
- Vendor impersonation: Fraudsters can spoof the email of vendors you regularly do business with, and send authentic-looking invoices for you to pay, which ends up in the imposters account.
- Filing taxes: Business identity thieves can use your EIN (Employer Identification Number) to file fraudulent business tax returns and claim a refund in your name.
- Taking out loans or opening new lines of business credit.
Thus, you should be aware of the countermeasures you can take to protect your business. Identity Guard gives 13 ways that you can prevent identity theft, and the measures given apply to both individuals and business owners.
4 ways business identity theft hurts you
For starters, loss of business income or financial theft can hurt your business and trickle down to your employees, especially for SMBs. You may be unable to meet payroll, employment, and income taxes, purchase new inventory, etc.
To make matters worse, you may be held liable for fraudulent business debt and lines of credit until you can prove the accounts were fraudulent, as these types of accounts often require a personal guarantee from one or more of the business owners. Even when you’re able to prove it, you’ll suffer negative credit reporting which can severely limit your ability to secure new loans and financing.
Business identity theft can also spell trouble with the IRS and state tax agencies and require a lot of time-consuming bureaucracy to settle.
And perhaps the biggest risk of all is business failure, as many SMBs operate on thin margins and simply cannot afford the problems brought on by business identity theft. It’s estimated that around 60% of SMBs that suffer security incidents close their business within 6 months, and there are already so many mistakes startup businesses can make that can end in disaster.