Most people have never heard of “corporate identity theft”. The general concept is that identity theft happens to an individual. This may be through the careless actions of a consumer or the cleverness of a criminal. It may be hard for some to understand that a company will also have an “identity”. That identity can be stolen, as well. This form of crime is becoming increasingly common. The problem is that many business owners and other executives, advisers, attorneys, etc. know little about it. Without even a cursory understanding of corporate identity theft, the victims will be unable to prevent it.
Just like an individual consumer, a corporation has a credit history with vendors. A company’s credit history is vital to continue doing business with its vendors. A clean credit history is an indication that a company pays its debts on time. A poor credit history will prevent a company from continuing to do business with those that provide needed supplies. It can also prevent a company from obtaining needed financing for expansion.
The most common form of this type of identity theft involves fraudulently using a company’s credit profile. This is done to set up credit for another company. It can also be used to make purchases using the company’s name. The theft of a corporation’s good credit history can sometimes be easily accomplished. This is sometimes due to lack of diligence on the part of the vendors. A vendor might not verify that a credit applicant is actually a representative of a particular company. When that happens, an identity criminal can set up their own company using fraudulent means.
Other than being illegal, this might go unnoticed indefinitely if bills are paid on time. There is a risk, however, that the identity thief may pay late or even default on bills. These negative credit marks will then appear on the original company’s credit report. This is also a good indication of a company that would not be honest in conducting business, either.
It’s also possible for one company to capitalize on the good name of another. In some instances, a company’s name may be used for another company’s purposes. In 2008, LifeLock was sued by Namesafe for using their name and trademark. In this case, LifeLock allegedly used ads on major search engines to direct Namesafe Internet traffic to LifeLock’s site. (See reference 1) It was alleged that when consumers clicked on the Namesafe banner they were directed to LifeLock’s website. LifeLock’s name did appear in the ads. But it seemed clear that the ads were designed to fool Namesafe customers. The ads were immediately removed.
A large volume of sensitive data is contained in a company’s Human Resource department. This can prove to be a major challenge when it comes to protecting that information. The key to protecting these files is understanding the methods of perpetrating corporate identity theft. Basic strategies have been recommended for Human Resource professionals. These include:
• Constant enforcement of procedures and policies, IT security and physical safeguards.
• Employee education regarding the correct handling of sensitive data.
• Modification of security procedures as needed.
Security policies should address areas that include; who has access to sensitive data and where data is stored. In addition, an employee, who is leaving the company, should surrender all badges and identification. There should also be a corporate plan of action for any security breach that occurs. An example would be a set of policies and procedures that would surround a stolen company laptop.
Screening personnel is also vital to a company’s data security. Background checks should be conducted on all employee applicants. Screening of vendors is also advised. Also, when using vendor services, a breach of information clause should be included in the contract.