While the warning signs that an individual’s identity has been stolen are relatively easy to spot, every business owner faces an extra level of complexity when protecting his or her company’s identity from theft. Knowing the more common at-risk indicators—and how to effectively take action—can lessen the risk and eliminate any long-term consequences.
IRS and State Agency Correspondence
The proliferation of business identity theft makes it crucial for business owners to take action when they receive unexpected or unexplained notices from the IRS. These notices can include:
- An original tax return for a particular year being accepted by the IRS as an amended return.
- Names of fictitious or departed employees.
- References to an inactive business.
Note that many of these events can occur as the result of clerical errors, so it may not be apparent the information has been used for illicit purposes.
- Alert the Federal Trade Commission if a breach has occurred.
- File one or more police reports if identity theft involves your business or your employees.
- Contact the IRS or agency that originated the notice or that is impacted by the false action.
Businesses rely on credit and unfortunately, cyber crooks do, too. Business owners should stay alert for:
- Unexplained credit charges online or on printed statements.
- Written notices regarding term or interest rate changes that are unusually dramatic.
- Past due or collection calls and letters on accounts that are current.
- Contact the creditor for clarification and keep a record of the conversation.
- Provide written documentation of credit history and usage.
- File a statement with each of the major credit bureaus, explaining the identity theft.
- Close affected accounts and request written confirmation.
You’ve structured your business and its name carefully. Compromising either puts you and your business at risk. Signs include:
- Correspondence addressed to a company using a variation of your business name.
- State office or other notices of change in structure.
- Provide written notification to the state that holds the original filing.
- Monitor your business filings regularly, using online access and written requests.
“Phishing” and other sophisticated email schemes are conducted by fraudsters who may pose as business entities with the goal of accessing your business systems. If successful, these emails can:
- Access or alter sensitive business data, including financial information.
- Allow unauthorized payments to be fictitious entities.
- Compromise business and personal records.
- Train employees to recognize phishing and other schemes.
- Implement rigorous procedures for email and email attachments.
- Contact the sender; if it’s a real company.
- Contact the IRS if phishing includes fraudulent IRS correspondence.
Just as individuals must be vigilant to protect their personal identities in this era of cyber-crime, a business owner needs to take some additional steps to assure the identity of their business is safe as well.