Welcome to the
Fraud of the Day Website!

Search
Close this search box.

[2023 Top Fraud Trends Special Series] Business Identity Fraud

[2023 Top Fraud Trends Special Series] Business Identity Fraud

Cropped view of a senior woman receiving help with her finances from her granddaughterhttp://195.154.178.81/DATA/istock_collage/0/shoots/783362.jpg
Senior Director of Strategic Alliances
LexisNexis Risk Solutions - Government

This the final blog of special series featuring top fraud trends predicted for 2023.

Every business owner wants to make a name for themselves. However, every fraudster also wants to make a name out of it too! According to PwC’s 2022 Global Economic Crime and Fraud Survey, 46% of organizations experienced some form of fraud in the last two years. Business identity theft is a serious issue for all businesses, big or small.

Fraudsters steal the identity of a business in several ways – by attacking the company directly or targeting the employees. While one method is a more direct attack on your business, both forms of theft will end up hurting your business and costing you time and money.

Identity thieves can steal a business’ identity by gaining access to the business’ bank accounts and credit cards or by stealing sensitive company information, such as the tax identification number (TIN) and the owners’ personal information. The thieves then open lines of credit or get business loans based on the business’ identity and creditworthiness. Typically, thieves cash out quickly and go unnoticed until the bills and collection notices arrive at the door of the victimized business. Stolen money and information are just the beginning for the problem. Business identity theft can lead to credit score drops, IRS audit penalties, and a hit to your company’s reputation. Not to mention the money and time used to resolve the damage.

The COVID-19 crisis has brought about years of change in the way companies in all sectors and regions do business. As quickly as companies have accelerated the digitization of internal business operations and customer interaction, fraudsters have too. Cybercriminals have become masters at social engineering attacks. Social engineering attacks typically involve some form of psychological manipulation, fooling otherwise unsuspecting users or employees into handing over confidential or sensitive data. Commonly, social engineering involves email or other communication that invokes urgency or fear in the victim, leading the victim to promptly reveal sensitive information, click a malicious link, or open a malicious file. Because social engineering involves a human element, preventing these attacks can be tricky for enterprises.

All these social engineering attacks involve some sort of impersonation. Fraudsters use every tool available to make their impersonation more convincing. And one of the best tools available is a genuine — or genuine looking — business email address. A Business Email Compromise (BEC) scheme is any phishing attack where the target believes they have received an email from a genuine business. BEC scams have been reported in all 50 states of the US and 177 countries. Clearly, business identity fraud is an issue.

On February 4, 2023, U.S. Attorney’s Office in the Southern District of Texas announced a case where online hackers used the BEC scheme to steal more than $800,000 from a Houston company. The still unidentified hackers got access to an employee’s computer and accessed their company’s computer networks including email servers as well as accounts. Through these phishing attacks, they were able to create fake email addresses but identified employees responsible for financial obligations and posed as vendors who were owed money. Before they realized that this was a scheme, employees were “tricked” into wiring funds to an account that the hackers controlled.

Unfortunately, it can be quite easy to create a fake company since establishing a new business usually involves simply entering registration information at a government agency and paying a fee. Thanks to the Internet, setting up a fake business has become easier than ever. In just a few clicks, phony companies can register for state and local business licenses, establish store front offices, and obtain other proofs as legitimate businesses. Why so easy? Who knows. But maybe we should implement some sort of multi-layered approach for business registrations? Something that includes digital identity intelligence and behavioral biometrics. Maybe? Couldn’t hurt!

On February 3, 2023, New York’s Attorney General Letitia James’ asked a judge to dissolve the bogus company — called Sahadi’s Fine Foods Products. The con-artists set up a fake business with a nearly identical name as a historical business from Brooklyn, Sahadi’s Fine Foods. The fraudsters even used the same mailing address in their registration as a business! In pretending to be the historical business, the con-artists have stolen nearly $100,000 from customers.

Luckily, the true Sahadi Fine Food business has a loyal customer base, but that does not take away from the damage done by the fraudsters who can still do business. It is hard to put a stop to these businesses that are created from business identity theft, which is why it is an alert for Fraud Trends 2023.

 

 

 

Related Articles

Get Your Fraud Fix!

Five days a week wake up to the most current fraud article in your inbox

Contact Us

Thank you for your interest in Fraud of the Day. For more information, please complete the following form.
To receive the most current fraud articles direct to your inbox, click the Subscribe button above.

"*" indicates required fields

This field is hidden when viewing the form
Would you like to subscribe to our Blog?
We respect your privacy.
This field is for validation purposes and should be left unchanged.

SUBSCRIBE TODAY

Fill out the form below to receive the Daily Fraud Highlight, the Weekly Fraud Summary or both. Thank you for your interest in FraudoftheDay.com.

"*" indicates required fields

Name*
Subscription Type*
This field is for validation purposes and should be left unchanged.