Incidents of business fraud and identity theft continue to rise, costing business owners time, money, credit, and potentially, their reputation. Massachusetts is no stranger to reported business fraud and identity theft incidences. In 2021, according to the Insurance Information Institute, Massachusetts ranked as the fifteenth hardest-hit state for business identity theft.
The best way to protect your business against fraud and identity theft is to understand the scams and how they work. Once you know what to look for, follow our six tips below to protect your business and learn how to report any suspicious activity.
Whether it occurs due to a stranger or by a member of your staff, "business fraud" happens when someone disguises their theft as a legitimate transaction. It is considered fraud when someone intentionally misrepresents the truth or withholds information that results in harm, including monetary loss. Money Fraud, Return Fraud, Invoice Fraud, and Payroll Fraud rank among the most common types of business fraud.
With so much illegal cash making its way around, businesses must be careful when accepting bills of any size. Fake bills, or counterfeit money, are completely useless when you try to deposit them into your business checking account. The most common counterfeit bills are those with a higher value, like the $100 bill. You can protect your business by learning to identify legitimate and fake money. Many security features can help you identify real currency, but other options, such as pens, UV lights, and scanners, exist to help make your job easier.
If your business sells goods, you most likely have experienced some form of return fraud. Return fraud can be as simple as a customer purchasing a product, using or breaking it, then trying to return it, stating nothing is wrong in an attempt to get a full refund. Or you may come across a criminal who steals items from you and hopes to return them for a profit. Adapting your policies can help you reduce potential return fraud, and requiring receipts and limiting your return period may help curb additional loss.
One of the oldest known types of business fraud, this scheme typically involves paying non-existent workers. An internal member of your team who controls the company’s payroll system may add one or more employees who do not perform tasks yet still receive a paycheck. Other payroll fraud schemes include submitting false timesheets and issuing unauthorized bonuses. Although payroll fraud is usually an inside job, hackers have been known to breach systems and pull off this scam electronically.
All businesses need supplies to run the office. Whether it is paper, printer cartridges, or cleaning supplies, fraudsters take advantage of this by sending fake invoices in hopes that they'll be processed and paid without being questioned. If these fake invoices are paid, your money may be gone.
Another version of invoice fraud is directory listings and advertising scams, where someone asks an employee to confirm information for a service that your business requested. They may ask the employee to verify a name, telephone number, or address (information easily obtained online) to process the order. Once confirmed, they send an invoice for a service that was never authorized or provided in hopes that it will get paid. Worse, they use a recording of the employee who confirmed the information to pressure you to pay.
Business identity theft occurs when thieves impersonate owners, officers, or staff members for illegal gain. Sensitive data, such as a tax identification number and an owner’s personal information, can be leveraged to orchestrate the following business identity theft crimes.
If a criminal gets ahold of your business information, they can attempt to secure a business line of credit, take out loans, and open credit cards. Although reporting business identity theft may alleviate financial responsibility, your business' creditworthiness may be impacted.
Tax fraud is when a fraudster impersonates your business to file false tax returns and get your hard-earned refunds. Keep your financial records and information secure and shred any paperwork immediately instead of disposing of them in the trash.
Customer data has become increasingly valuable in wide-reaching ways. One of the more subtle fraud schemes involves rerouting customer traffic from your legitimate online platform and acquiring your customer information.
Criminals may register a variation of a company’s name or logo and later demand a payoff. This trademark scam is often used when franchises open in new cities or states.
Now that you are aware of the ever-changing types of fraud and identity theft, here are some steps you can take today to protect your business.
It’s important to understand the mindset of hackers and fraudsters when considering business protections. By hardening your defenses and remaining vigilant in the following ways, criminals are more likely to try elsewhere.
For a relatively nominal fee, business credit reporting bureaus such as Dun & Bradstreet, Equifax, and Experian provide companies with ongoing access. Periodically checking your credit report allows business professionals to identify any errors or suspicious activity. For example, an unauthorized credit pull or loan application would point to potential business identity theft in progress.
Never pay a bill that you can't verify. Identify employees that can place orders and approve invoices. If you're a business owner and don't process payments, consider requiring your approval on invoices over a set amount.
It’s crucial to shred paper documents to ensure they don’t fall into a criminal’s hands. By that same token, many business identity theft cases result from hacks. Investing in robust cybersecurity remains an excellent way to protect sensitive and valuable digital assets. One of the hot-trending defenses involves zero-trust networks. This strategy limits the information each staff member can access on a need-to-know basis. Should a cybercriminal learn someone's username and password, they, by default, are restricted.
Online thieves monitor professional networking platforms to learn about an organization and its endeavors. When a team member expresses enthusiasm about a lucrative project on a site such as LinkedIn, hackers can use this and other online information to make a play on business resources. Professionals are often surprised at how much of their seemingly personal and business identity information has accumulated across platforms.
An organization’s cybersecurity posture is only effective if it is up-to-date and fully secure. That’s why patching software, employing enterprise-level firewalls, and encrypted transmissions are essential. It’s also crucial to create daily backups and keep at least one offline, where hackers cannot access it.
If you suspect your company has been subject to business fraud or identity theft, notify your bank immediately. It's also important to report fraud or identity theft to the Federal Trade Commission.
At Middlesex Federal, we take your security seriously. Providing you with information that can protect your business from fraudulent activity and identity theft is important to us. Check out our alerts and safeguards page; it's filled with helpful tips and information you can use now.
Terms and conditions
This content is provided for general informational purposes only and does not constitute financial, investment, tax, legal, or accounting advice. Individual circumstances and current events are critical to sound investment planning; anyone wishing to act on this information should consult with a financial professional. The information contained in these articles was obtained from sources believed to be reliable and accurate at the time of publishing. We do not represent that it is accurate or complete, and it should not be relied upon as such. All opinions and estimates expressed in this article are as of publication date unless otherwise indicated, and are subject to change.