August Edition 2
Following on from the security issue I spoke about in the previous Internet Banking feature, I hope that this follow-up piece on identity theft will clarify a few things.
The emergence of the internet acts in 2 key ways to increase identity fraud. Firstly, as a simple source of identification of potential suppliers and secondly as a faceless interface. The companies affected tend not to be the multi national or large companies that are well known in the public domain, but more so mid-tier and small businesses.
What is Identity Theft/Fraud?
Identity theft is the unlawful taking of another person's details without their permission. The information stolen can be used to obtain many financial services, goods and other forms of identification, i.e. Passports and Driving Licences.
Once the criminals have copies of someone's identity they can embark on criminal activity in that name with the knowledge that any follow-up investigations will not lead automatically to them.
How to protect yourself
Be careful with your personal information. If you receive a telephone call from a credit card company, bank or other retail company asking to confirm certain details about yourself, decline them and ask to call them back, preferably through a central switchboard.
When destroying personal correspondence such as bank and credit card statements, consider using a shredder or even burning them.
If you move address remember to inform all the companies that send personal information to you in the post. Always consider re-directing your post with Royal Mail.
How do you know if you are a victim?
- Are you missing your regular monthly statements?
- Have you noticed charges to your bank accounts that are not yours?
- Being contacted by a debt collection agency about outstanding payments for items or services that you have not ordered.
Protect yourself by acting quickly
Do not ignore the problem; even though you haven't perpetrated these acts, the debt falls to your name and address and once blacklisted for credit, it may take many years to fully recover the problem.
What is Phishing?
'Phishing' is the act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The email directs the user to visit a website where they are asked to update personal information such as password, national insurance number and bank accounting details.
A survey last year revealed that between January 2004 and June 2004, 1.5 million phishing emails were sent out. More than a quarter of a million were sent in the month of June alone.
The easiest way to avoid getting caught up in this is to remember that a bank or other financial institution will not send out e-mails to you asking for details such as PIN numbers, passwords or other personal data, no matter how genuine the e-mail looks. If you think the e-mail is not genuine, forward it on to the bank it purports to come from.
Is there a way to combat this?
The Metropolitan Police Service has recently launched a major new initiative to advise businesses on how they can take simple preventative steps to minimise the possibility of their company's identity being hi-jacked.
Working in conjunction with Companies House under the 'Sterling' initiative, the Metropolitan Police warn companies to take 4 simple steps.
First, check that your company's details are registered correctly at Companies House and that they have not been fraudulently changed.
Second, companies are advised to sign up for Companies House electronic filing, by which information is filed online with an electronic password. These 'electronic' customers can then subscribe to 'PROOF', the Protected Online Filing service that reduces the chance of fraud even further. PROOF customers tell Companies House that they will only file electronically, and that paper which claims to come from them should be rejected. Companies House will therefore reject any paper versions and return them to the company unless specifically authorised to accept them by the company.
The third step is to sign up to Companies House 'Monitor', an email alert system through Companies House Direct, which will warn the password holder when any future changes to your company details are made.
The fourth and final step is a precautionary measure not to rely solely on Companies House records. It is recommended that you satisfy yourself that your customer is legitimate through additional means.
The Metropolitan Police's 'Sterling' initiative is a long-term partnership strategy which takes a pro-active partnership approach to reducing opportunities and combating economic crime.
For more details, visit www.met.police.uk/fraudalert
SOURCE: First Voice of Business, http://www.companieshouse.gov.uk www.met.police.uk , http://cms.met.police.uk , www.company-wizard.co.uk , www.danbro.co.uk
Identity Fraud and your business