You probably hear a lot about personal identity theft these days. But have you considered the growing threat of business identity theft? For the criminals, business identity theft can be even more lucrative than stealing the identity of an individual, and for business owners it can be nothing short of devastating.
Business identity theft is not a data breach or the loss or theft of confidential customer information (although this can lead to personal identity theft for your customers). Like personal identity theft, business identity theft involves the impersonation of the business itself. The purpose is to misuse confidential business information to manipulate or falsify business filings and records and perform other malicious activities that will allow the thief to profit. With the right information, identity thieves can defraud creditors, suppliers, financial institutions, business owners and officers, unsuspecting customers and the government. Business identity theft often involves the perpetrators posing as a legitimate business to establish lines of credit under the business name, or resurrecting a defunct business without the previous owner’s knowledge, and then using that credit to purchase goods or gift cards to keep or to sell.
Small and medium-sized businesses are more likely to be victims of identity theft. While the perpetrator seeks speedy financial gains, the business can be left unable to acquire credit and perhaps unable to operate at all in the aftermath.
Can Cyber Liability Insurance Protect My Business From Identity Theft?
You might wonder if there is an insurance solution for business identity theft. The answer is yes, and no. Standard commercial property and liability policies will not usually adequately address any issue related to cyber liability. You can cover some exposures under a cyber liability policy, such as notification expenses (the cost of notifying customers of a data breach) and others types of related expenses that occur after the damage has been done. But every business has unique cyber liability risks, and most will need a stand-alone cyber liability program tailored to their specific exposures. Cyber liability coverage can vary significantly from one carrier to another, and you need to know exactly what your policy covers and where you still might have some gaps.
While the right cyber liability insurance policy can help you after the fact, prevention is the best way to manage your risk of business identity theft. Even if your insurance policy helps you recover some of the costs of clearing up the mess, the damage to your business reputation and your overall ability to operate may be much more difficult to repair.
Steps to Prevent Business Identity Theft
The following strategies can help you prevent business identity theft:
- Develop and implement a comprehensive protection plan for your business. Your plan should outline exactly what needs to be done to protect your business identity, and then the plan must be put into action.
- Protect sensitive documents by keeping them in a safe and secure location. Shred any documents that are no longer needed. You must under all circumstances protect your company’s federal tax identification number, financial information, bank account information and any other information that could be useful to identity thieves.
- Don’t think that all identity theft is high-tech. Thieves often steal wallets and purses, intercept or reroute mail, and rummage through garbage in order to obtain sensitive information and use it to their advantage.
- Never share sensitive information over the Internet unless you are sure you are using a secure site or connection and are sending it to a credible party.
- Monitor your credit statements and your credit report. Monitor your business credit with all of the major credit bureaus. If something seems wrong, take action immediately. Sign up for email alerts so you are notified immediately if there is any activity on your accounts.
- Monitor all of your customer and supplier accounts as well as all credit card and other bills. If you see an unexpected bill, charge, credit card, or account—or if a bill you expect never arrives—contact the company involved.
- Report any lost or stolen credit cards immediately.
- Make sure your banking agreements include fraud protections.
- Use up-to-date anti-virus, anti-spyware and Internet security software; always download security patches and updates as soon as they are available.
- Utilize a firewall on your business network.
- Secure your wireless network.
- Be alert for unusual or large orders form unknown customers.
- Perform background checks before hiring, train employees well, and keep sensitive information within your organization on a need-to-know basis.
If you suspect that you have been a victim of business identity theft:
- Immediately contact your bank and credit card providers.
- Report any issue to the credit reporting agencies (Dun & Bradstreet, Equifax, Experian, and TransUnion). Speak to the fraud department of each bureau.
- File a report with local law enforcement.
- Contact creditors, billing companies and customers to notify them of the potential identity theft.
- Correct any fraudulent business filings with your state.
- Document all conversations, and follow up often to make sure the situation is being resolved to your satisfaction.
- Throw away nothing! You will need to keep all documentation for potential future use.
- Continue monitoring your accounts and credit report.
Business identity theft can be devastating for any business, large or small. Would you like to learn more about cyber liability insurance and how it can help if you are a victim of this harmful crime? Can we help you develop and implement a risk management program that addresses business identity theft and other cyber liability exposures that you have?