Be Wary of Corporate Identity TheftPutri Pertiwi
Identity theft does not only do happen to individuals, but also to business entities and that is what we call corporate identity theft. What is it actually?
Like individuals, companies also have identities. What are the company identities? They are name, logo, domain, certificate, bank account number, and others attribute that belongs to a company. Corporate identity theft is the act of theft or misuse of identifiers and business credentials, manipulation or falsification of archiving and business records, and other related criminal activities intended to obtain profits.
A phony website is one of the corporate theft examples just like one that NASS mentioned in the report titled Developing State Solutions for Business Identity Theft. The perpetrators made a website resembling the one belongs to the original car dealership. Through the phony website, the perpetrators deceived their victims by luring low priced car and making them transfer some money for cars that did not exist.
A similar case also occurred in South Sulawesi, Indonesia. Cited from Sindonews (12/1), the perpetrators made a phony website under the name of a state-owned bank to drain the customers’ accounts.
How can a company identity be stolen?
There is always a way to steal the identity, even with the simple method e.g., getting a corporate identity from paper trash. Now, the digital era amplifies the technology to open more opportunities for the perpetrators. Social media, email, company website, other digital platforms that contain identity become the target of stealing.
Even there is more cutting-edge method revealed by cybersecurity researcher Awake Security, Troy Kent. Troy said to CNBC (3/12) that the perpetrators could use the cryptocurrency mining machine to hack the organization’s security system, and then steal documents – intellectual property rights or other important documents, credentials.
Using the stolen credential information, the perpetrators could pretend to be CEOs and deceive many parties, which ultimately tarnish the reputation of the company.
The more successful a company is, the greater its potential to be the target of identity theft. Therefore, companies need to take mitigation efforts. There are some simple tips, procedures and actions that companies can do online and offline. Among others are:
- Do background checks on business partners and directors
- Do not accept orders or faxes that are handwritten
- Validate the partner’s address
- Always re-check the information received
- Ensure the telephone area code is in accordance with the partner’s address
- Make sure potential partners can provide bank references
- Make clear all potential relationship of the business partner/client with any identical companies
- Implement data encryption throughout the company’s online system
- Create a data destruction policy, for both hard and soft data.