Published: November 4, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
Identity theft is a nerve-racking thought, especially when the future success of a business may be on the line. Corporate identity thieves have disrupted many an enterprise, causing financial chaos and harm to a reputation that could threaten its very existence. It’s the money that identity thieves are after, and if a company’s good name goes under in the process, it’s simply collateral damage. Unfortunately, not every enterprise survives these attacks, especially small-to-medium sized businesses (SMBs) who often lack the resources to fight identity theft. In fact, 60% of SMBs don’t survive identity theft and have no choice but to close their doors within six months of an attack.
Bad actors have a playlist of threats to choose from to enter a data system, including business email compromise (BEC), SIM card swapping, and spoofing websites. Either way, corporate identity theft takes many forms, including posing as a vendor who needs a large invoice paid or a bogus email from a higher-up (whaling) directing large funds be transferred to an outside account. Also known as business identity theft, hackers are willing to do whatever it takes, including filing false company tax returns and posing as a legitimate company employee. It’s the appearance of legitimacy that allows identity theft to succeed, and that theft supports a hacker’s singular goal of stealing a company’s cash. Efforts by an enterprise to avoid or survive these attacks are something every business can and should do to protect itself.
Security Steps to Combat Identity Theft
The weak point of any enterprise are its employees, as they’re often the first line of attack for identity theft. Remember, it only takes one wrong click on a phishing email to start an avalanche of security problems.
These same employees can also be the strongest line of defense against cyber threat when they are regularly educated about hacking tactics and how to spot and avoid them. Increased awareness translates to increased avoidance of identity theft, especially for those whose jobs involve access to company funds and transfers.
Have a plan and stick to it. Create strict security protocols for any process involving company funds and those who have access to transfer it. These rules should include limiting who has access to capital, avoiding any confusion as to who is responsible for transfers. Confusion fosters mistakes…and hackers love creating confusion.
Add layers of verification along every step of a financial transfer. The more identity verification obstacles placed in front of a hacker, the more likely they are to move on to a different, easier target. Adding hurdles like multifactor authentication (MFA), including fingerprints and voice printing, can also keep a hacker from achieving identity theft and send them elsewhere.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org