Remember those Capital One
identity theft commercials? They were pretty humorous, right? Unfortunately, when
your identity becomes stolen, you won’t be smiling. Take it from us. Our business was recently the victim of identity fraud.
A few months ago, we first noticed an enormous amount of product was invoiced from one of our vendors. After further investigation, we realized it was a fraudulent order that was never authorized. Soon after, more fraudulent invoices from additional vendors came streaming into our accounting department. It was at this time we knew we had a problem.
In our case, a scammer obtained one of our credit applications, which was illegally authorized with our President’s signature. The scammer was then able to use the credit application to falsely represent themselves as Wasp, setting up fake reference accounts, faxes, and emails. Thankfully, our team quickly caught these fraudulent charges and was able to take action and contact the authorities.
It’s been a rough few months, but thanks to the help of the local authorities and implementation of additional safety precautions, we are confident that this issue has been resolved.
We were victim of identity theft, but there are a number of methods scammers can use to prey on your small business. Here are a few common scams to look out for.
1. Phishing Email
Each day, business owners are inundated with thousands of emails. When you’re scanning your inbox, you may come across an email soliciting you with information or may even be pretending to be a reputable company you’ve done business with in the past. Even if the email claims to be from a government agency, NEVER click on a link within the email. Always follow up by contacting the agency or business directly via phone or website.
2. Data Breach
Whether your employees are working from the office or the comforts of their homes, it’s important to
keep your business data secure. Sensitive business data can seep into the wrong hands mistakenly through negligence, tricky hackers, or a disgruntled employee.
3. Directory Scam
One of the oldest scams that still plague small businesses today are directory scams. Scammers prey on small businesses and pretend to be an online directory or involved with the Yellow Pages. The business will provide sensitive information only to find out later they were billed for fake ads or listings in the Yellow Pages.
To better shed some light on the topic of corporate identity fraud, and help prevent your small business from becoming a victim to any number of scams, we’re providing you with six (6) tips to better protect your company’s identity.
1. Educate Employees
Employee education is key in preventing small business fraud. The more you can inform your employees of the warning signs of fraudulent activities, the better off your business will be in safe guarding against malicious attacks. Whether your employees handle management, finances, or accounting, here are a few
essential red flags of fraud to look for.
2. Conduct a Thorough Background Check
Before hiring any new personnel, be sure your HR department conducts a comprehensive background check by confirming with references. But don’t just stop there, to ensure your new hire is trustworthy and credible, you’ll also want to run checks on past employment, criminal history, education certificates, and even credit history.
3. Dispose Sensitive Documents Properly
Much like handling your personal identity, a business contains documents with sensitive financial and employee identification information. When disposing of such documents, be sure to use a paper shredder or storing them in a locked and secure container. Throwing out an old employee’s computer? Take the appropriate safeguards to wipe the internal hardrive of important documents before properly recycling or disposing of the device.
4. Make Changes to Important Documents
It’s important to properly dispose of sensitive business documents, but it is just as important to make changes to sensitive documents, especially if you fall victim to business fraud. In our case, it was encouraged that we remove any document with an authorized signature preprinted on it. In addition, Detective Kimberly Neal of the
Plano Police Department recommended, “ the format, font, color, and even the styling of all external documents.” Ultimately, the idea is to make it as difficult as possible for anyone to take or steal from your business.
5. Verify, Verify, Verify
The biggest lesson learned from our unfortunate run in with scammers was to verify
everything. Always check where the credit application is being sent. Be sure to look for odd addresses and never ship to a home address. When working with outside vendors, it’s important to have them verify orders before they move forward with shipment.
6. Properly Manage Your Assets
According to a 2010
study from the ACFE (Association of Certified Fraud Examiners), 90% of occupational frauds stem from asset misappropriation, which is the abuse, misuse, or theft of office assets. One sub-category of asset misappropriation includes non-cash assets, such as inventory, intellectual property, supplies, and fixed assets. To better
track your inventory and manage your business assets, we suggest
tracking your assets with an automated asset management system.
To further educate you on small business fraud, we’ve provided a few shareable tips and facts. Just click the “share” link and you can do your part to raise awareness on small business fraud.
- On average, fraudulent scams will last 18 months before being detected –
Share
- The average fraudulent loss for a small business is $150,000 – Share
- Avoid identity theft by removing all documents with anyone’s signature preprinted on them. – Share
- Never use your date of birth as a security measure, such as a password or pin code. –
Share
Thanks to our friends at the Plano Police Department and
here for the helpful information.
Small business fraud is not 100% preventable, but with careful attention to details, and implementing the appropriate safeguards,
you can lower the risk of attack.
Have you or your business experienced identity fraud? What precautions or security measures did you implement afterwards?