Business identity theft is the use of specific business information, such as a company credit card, to unlawfully obtain goods or services in the name of the company. The term can also apply to scam companies that hijack website code and business data from a legitimate company to get personal or financial information from the real company's customers. While nothing can truly provide foolproof protection from business identity theft, taking multiple measures to protect private data can go a long way toward preventing this crime.
One of the best ways to prevent business identity theft is to enroll with a credit monitoring service. For a monthly charge, these companies will carefully monitor all transactions on company credit lines and send immediate notices if unusual or illicit purchases appear. Some services can also track any new accounts opened under the company name, to ensure that these accounts are authorized.
Basic safety measures are key to preventing business identity theft. Keep all essential documents under lock and key, and make all company computers password protected. The day that an employee ceases working for the company, disable all passwords, key codes, and other measures that could allow him or her access to any company information. Never simply throw away any business documents, but institute policies that require all documents to be shredded. Many thieves gain all the information necessary to commit fraud by simply going through company trash cans.
Though it may seem old-fashioned, never accept new clients without checking references first. Be aware of any unusual behavior from regular clients, such as a client that typically orders one small item per month suddenly requesting ten orders in a week. Protecting clients from identity thieves who have stolen their information not only prevents business losses, it also promotes customer loyalty.
The Internet provides thieves with tremendous opportunity to scam customers in the name of a legitimate business. Some thieves use a technique called phishing, in which emails are sent to customers that appear to be from a legitimate business, such as a bank or frequently used website. These emails ask the customer to enter account details, credit card numbers, and addresses to clear up a discrepancy or update records, allowing the thieves to steal this information. Smart business owners regularly perform Internet searches on their own company to see if mirror websites with nearly-identical names have been set up for the purpose of phishing and scamming the company. Investigate all customer claims of suspicious emails to help prevent loss of reputation due to phishing scams.
Proper employee training and a clear chain of command where sensitive information is concerned can help reduce the risk of business identity theft. Teach employees to guard business information, including blank letterhead, account information, and passwords, as carefully as they would guard personal data. Give each employee sensitive information only as it pertains to his or her job, and enact a strict disciplinary policy regarding sharing company information without permission. Let junior employees know to ask a superior before giving out any company information, and provide regular education geared toward privacy policies.