« Using Articles To Get Traffic To Your Clickbank Hop Links! | Main | Reducing Load Time Through Image Optimization »

Commercial Identity Theft

Businesses face similar financial identity theft risks to those we face as individuals, but the potential losses can be much larger on a commercial scale.

The identity thief and the confidence trickster share much in common. It is easy for a confidence trickster to say: “I work for XYZ Corporation, just charge it to their account.” And in the rush it can be tempting for businesses to accept these instructions, if the person appears to be credible and to know the usual procedures. After all, most businesses are keen for more trade and are unlikely to turn away a customer that appears to be credible.

If the thief has a little inside information, like an order number or order form in the correct format, a business card, or some more official-looking identity document, and if there is nothing inherently unusual or suspicious about the transaction, the chances are high that the thief will often be believed. Customer service people keen for business are much less likely to turn down what seems to be a credible business deal than would a suspicious accountant from the back room.

Smaller transactions are more susceptible: a taxi fare, a routine stationery purchase. They are also much less likely to be detected by a larger company through their internal audits. But identity thieves can be much more ambitious. Orders for goods to be delivered and charged to someone else, or sales of services, such as advertising that will never be published, are fertile areas for identity thieves.

Perhaps we think the world has become too sophisticated for a confidence trickster to get away with a deal like the legendary “sale of the Brooklyn Bridge” confidence trick any more. The longevity and huge ongoing scale of the famous Nigerian letter or email requesting an advance money transfer scam tells us that people and businesses today are as gullible and greedy as ever. A recent BBC report estimated this scam costs the British economy 150 million pounds each year, and that is the cost to just one of the many countries affected by this quarter century old scam.

The best defence against commercial identity theft is to have routine verification and documentation procedures in place. The larger the transaction size, the more important these procedures become. Just having a supervisor approve transactions over a certain amount can give a cooling off period and a second opinion opportunity to detect identity theft. Credit authorization procedures in most companies require at least some investigation before the transaction is completed. Procedures to verify unusual delivery instructions make identity theft more difficult. Many companies refuse to pay an invoice that does not have a matching company order number. More sophisticated transaction approval procedures assess risks according to past experience, and flag potential problems for closer attention.

But the simplest defence is just good customer service: if staff know a customer well it will soon become clear if an impersonator is not part of the customer’s usual team or is not doing business in the customer’s usual way.

Finding the right balance between growing their sales and fraud prevention is an ongoing challenge for companies. The use of information systems for fast data access and communication has made the early detection and prevention of commercial identity theft a lot more effective.

Identity Theft 5 ( 442 words)

Commercial Identity Theft: Access Codes

Businesses are especially exposed to physical and data access code identity theft.

In a busy workplace, where a lot of people work, it can be difficult to keep property and information secure if an unauthorized thief gains access. The problem of “stair dancers”, thieves who move quickly around the building using the stairs instead of the lifts and steal in an opportunist way, is an example.

The answer for most companies is to control entry to the building, with a single supervised entry point or an automated controlled entry system. Either way, some form of personal identification is usually required, such as a personal identification pass or swipe card. High security facilities may use more complex solutions. To gain entry, a thief must steal or copy an identity pass or card.

To guard against theft of a pass or swipe card, adding a PIN code to be entered when the card is swiped is a common solution. If a card is lost the magnetic entry code and the PIN number are easily changed. With a supervised entry, the security person or receptionist usually gets to know people, or you can use a stronger requirement for pass inspection with photographic identity or a signing-in procedure for where there is doubt.

Data security is most effectively managed by starting with the “need to know” principle: only those who need the information can get access. A user name and password as each person’s means of identification is the most common solution. Strong passwords should be required for important data, following good practice for setting up passwords such as only complex character combinations and a minimum length.

By limiting the number of password entry attempts (often to 5) before a time delay before another attempt (often 15 minutes) an automated log in system would take a very long time to test the possible combinations of a strong password. This activity would no doubt be detected by most systems, and access further denied from that computer. A further security measure is to restrict access to a defined network or to specified internet addresses or computers.

Programmed restrictions to certain individuals should be placed on the ability to change (or, worse, to corrupt) a database, and to download or print sensitive commercial or personal information. Data held on portable or laptop computers is more difficult to control and more susceptible to theft, and these computers are at greater risk of being interfered with for a thief to load spyware.

Systems to detect and remove spyware, especially key stroke logging software, from entering a commercial computer network is vital to guard against identity theft.

To Your Success!

Leon Edward

 FREE Identity Theft Prevention Checklist 


Leon Edward Helps people to start, grow and maximize home business income with business structure,  small business legal service information and online business training articles, reviews, marketing blog and newsletter... with legitimate business ideas and opportunities. Download his FREE Report  - How to Find A Solid Home Business Opportunity without Getting Scammed! - Find online business training articles, FREE Content ,  starting a business free ideas,
all at http://www.HomeBusinessIT.com

 FREE Identity Theft Prevention Checklist 

Leon Edward also helps people improve  IQ, focus, memory, concentration, creativity, speed reading, public speaking , time management and reducing stress.
Download his IQ Mind Brain Memory Self-Help library at his website http://www.IQMindBrainLibrary.com\

and Subconscious Programming and Mind Control at http://www.justvisualizeit.net 
subconscious mind programming | universal laws | learn hypnotism
beginner guide to online day trading | hybrid car information | grant money
internet home business opportunities  | free golf tips
your first year in network marketing | internet child safety

Hosting by Yahoo!