You are a target – Identity theft
What is identity theft and who is most at risk? First, let’s define it. Identity theft is the deliberate use of someone else’s identity. Usually to gain a financial advantage, or to obtain credit and other benefits in the other person’s name.
In this lecture, we’re going to discuss, what is identity theft and who’s most at risk? We’ll talk about corporate identity fraud. How you might go about protecting your corporate identity and, I’ll provide you with an example of a corporate identity phishing email.
Who’s at risk?
Now, to some extent, we’re all at risk of identity theft. But in particular, cybercriminals tend to target people who fall into specific categories.
They like young people. Those in the 18 to 24 age bracket. They tend to be using their credit and debit cards for the first time. They’re not always so cautious about revealing personal details.
People who earn good money are also of great interest to cybercriminals.
They like to go where the easy money is.
Anybody who uses weak passwords is definitely a target.
Perhaps surprisingly, cybercriminals also quite like children. The reason they like children is that could be many years before the identity theft comes to light.
What about the business risks of fraud based on corporate identity theft? Well, in 2016, the value of online crime losses in the UK was estimated at over a billion pounds. With something in excess of 37,000 crimes committed. Of this, some of it obviously belongs to corporate identity fraud.
The cost runs into many millions of pounds per year. It’s actually very difficult to obtain accurate figures on these losses. Because, not surprisingly, companies are reluctant to admit to becoming victims, because of the damage it will cause to their reputation.
The best estimate that I was able to find, was that Companies House state on their website they handle between 50 and 100 corporate identity theft cases each month.
So, when we’re discussing corporate identity fraud, what is it we’re actually talking about?
Well, companies and their owners and directors can easily become corporate identity fraud victims. Fraudsters and scammers are interested in company directors and owners because they tend to be affluent.
What happens, is that identity thieves fraudulently change details that are registered at Companies House. When this occurs, companies are left vulnerable to further fraud.
For example, criminals may appoint rogue directors, and use their fake profiles to go out and about, purchasing goods and services on credit with no intention of ever making payment. Such fraud only comes to light when suddenly, the legitimate company finds itself faced with a huge, unexplained bill.
Why is it so easy?
Fraud can be committed relatively easily because Companies House does not check paper documents for validity. They accept the documents as submitted, in good faith and then those details are publicly registered. As directors and company officers aren’t contacted when changes are submitted, the legitimate officers of a company are usually totally unaware that such a fraud is occurring.
The consequences of corporate identity theft could be very severe. For example, the annual filings of a company could be misrepresented. Perhaps showing inflated profits, in order to gain fraudulent credit.
When full identity theft occurs, companies might have their bank accounts drained, credit reports manipulated, or their officers impersonated, and misrepresented.
How can we protect ourselves?
Fortunately, there are several ways in which Companies House helps to protect against corporate identity fraud. In order to help safeguard the personal information of a company’s directors. These are:
1. WebFiling. Where you register for online filing.
2. PROOF. Where you sign up to submit most changes online. There are a few exceptions.
3. Monitor. This is an alerting system that notifies you via email, when any changes are submitted.
This You are a target – Identity theft lecture is a preview from our online course ‘Information Security Awareness’, for the full course please visit https://chl.thinkific.com/courses/information-security-awareness