The Secretary of State, in Colorado, has issued a warning to the state’s registered businesses. These businesses number in excess of 800,000. The warning has to do with corporate identity theft that is used to fraudulently make illegal purchases. The primary targets for this scam are major businesses such as; Office Depot, Home Depot, Dell and Apple.
At this point, there have been over 35 businesses that have had their financial identity compromised. This amounts to an excess of $750,000 made in fraudulent purchases from Home Depot alone, according to the Colorado Bureau of Investigation (CBI). The purchases were made by using bogus corporate identities. Five arrests have been made in connection with these criminal activities, as reported by CBI fraud unit agent Robert Brown.
It’s not yet clear how many other businesses have been affected by the scam. However, there are indications that the problem may be increasing. This has been indicated by additional groups that are become involved in perpetrating this type of scam. For example, Texas authorities have reported at least one other similar occurrence.
Evidently, an inherent weakness in Colorado’s business registration system helped to expedite the scam. This was due to an unusually wide open Colorado Secretary of State Office registration procedure. As with other states, businesses are required to register the details of their companies. This includes: the agent of the company that is making the registration, local address and other pertinent details. However, Colorado not only allows anyone to view a business registration record (as is the policy of other states). They also allow nearly anyone to make changes to that record. The Colorado state site has no username or password protection for company registration information. This means that changes could easily be made to business registration records by anyone visiting the state site.
This was the opportunity that identity scammers needed in order to set up their operations. According to Robert Brown, it was smaller to medium-sized companies that were targeted. In some cases, the companies had already gone out of business. This did not stop the criminals from using altered company registration information to make online credit applications with retail suppliers.
The system that was used in Colorado dates back to a time when corporate identity theft was not a problem. In actuality, an alert email is sent to the companies if any changes are made. However, this has not always been effective. This is especially true in cases of defunct companies. It should be noted that it is a felony to make unauthorized changes to business registration data.
Unfortunately, there are no current plans to institute a username and password system for Colorado business registrations. The state is basically telling their businesses to be vigilant regarding the email alert notification system. This may change, once the appropriate budget is approved. Discussions for this type of change will be made in January, when the legislative session resumes. It is estimated that five to seven additional employees will be needed to maintain a username and password help department.
Brown has stated that Colorado state authorities were alerted to this type of scam, previously. This occurred when Home Depot made an inquiry regarding purchases in excess of $250,000. The credit application involved was subsequently reviewed by Citibank. Citibank underwrites Home Depot credit lines. Their review revealed an alteration in Home Depot’s registration form. The change constituted a change from a physical location in Boulder, Colorado to a virtual location in Aurora, Colorado. The virtual office personnel in Aurora were then told to forward all mail to another virtual location in Harbor City, California.
The identity thieves then used Home Depot’s line of credit to make home appliance purchases. These items included TVs, refrigerators and various electronic devices. Copper wiring was also purchased using Home Depot’s name on a credit application. Since copper is a valuable metal that can easily be resold, purchasing a large amount is similar to purchasing a quantity of metal, such as silver.
In most of the fraudulent purchases, pickups were made by hired “street children and adults”.