Protect your small business from identity fraud.
Most people know that is it is important to protect yourself from identify theft, but many don’t realize their business is also at risk of identity fraud. Taking these simple steps can protect your business from costly fraudulent activity.
Protect sensitive information.
Your sensitive business information should be guarded the same way you protect your personal information. Don’t share items like your company’s EIN or banking information on any platforms that aren’t secure, including email. Don’t text sensitive information and never communicate with an employee’s personal email. Personal email servers are particularly vulnerable to phishing and hacking attempts.
Be sure to only share this sensitive information with those you trust. Don’t share your usernames and passwords with anyone — including even bank employees. Be particularly cautious of anyone who sends you an unsolicited email requesting your EIN, routing number, bank account number, credit card information, or any usernames or passwords. These phishing attempts are a common way fraudsters obtain valuable information from unsuspecting business owners and their employees.
Monitor for fraudulent activity.
Regularly monitor all your business banking accounts and notify your financial institution at the first sign of suspicious activity. If you see any charges you don’t recognize, don’t delay in contacting your bank or credit card provider to request more information on the transactions or to report them as fraudulent. In addition to monitoring your bank accounts, monitor your business credit report on a regular basis and confirm that all information is accurate and up-to-date. Unlike individual consumers, federal law does not currently allow small businesses one free credit report every 12 months. However, there are several resources for free partial business credit reports and credit report activity updates. Two of these resources are CreditSignal and Nav.
CreditSignal is a free credit reporting service offered by Dun & Bradstreet (D&B) that provides a summary of your company’s D&B credit profile and alerts you when your D&B credit score has changed or when someone has requested to purchase your D&B credit profile. Nav is a free credit monitoring service that provides you with summaries of your personal and business credit profile ratings.
For full, accurate credit reports for your business, you will have to pay to pull a complete report. A cost-effective option is to pull a report from one of the bureaus every six months rather than pulling all your reports at once.
Protect yourself from corporate account takeover.
Corporate account takeover is a particularly alarming type of fraud where thieves gain access to a company’s finances and make unauthorized transactions like transferring funds, adding fake employees to payroll, and stealing sensitive banking information. According to the American Bankers Association, corporate account takeover is a growing threat for small businesses with the vast majority of data breaches affecting business with 100 employees or less. A strong relationship with your bank is the best way to protect your business against corporate account takeover. Your business banking partner should deploy security measures like Positive Pay, call back confirmation on new ACH and payroll transactions, and safe browsing extensions. The security of your passwords also plays a vital role in preventing corporate account takeover. Utilize an enterprise level password keeper like Lastpass or Keeper to generate strong, unique passwords and securely share them with your appropriate team members. Be sure to never reuse passwords, especially on sensitive websites like your banking login.
Create a company plan of action.
In addition to the security measures established by your bank, strong internal procedures should be put into place to ensure your business’ financial information is safeguarded. Implement anti-virus software and create a plan to regularly keep all software on company computers, phones, and other devices updated to prevent any vulnerabilities. Establish a protocol for who can authorize transactions, how often financial information should be monitored, what information can be shared, and what employees should do if they receive a suspicious email. Communicating this policy with your employees is vital to effectively preventing business identify theft. Employees should have a strong understanding of the warning signs of identity theft and how to respond in the case of an attempted fraud.
For more helpful tips on keeping both your personal and business financial identity secure, visit our security page.