Business & Finance
News
2/15/2007
05:23 PM
Connect Directly
RSS
E-Mail
50%
50%

Latest Identity Theft Scam Targets Business Executives

Small to mid-size companies that allow their employees to open lines of credit in the executive's name, could be most at risk.

A recent spike in identity theft among business executives reported this week highlights a troubling new tactic that criminals are using to commit fraud against not just consumers but businesses themselves.

Within a two-week period in January, there was a sharp increase in the number of business executives reporting that their identities had fraudulently been used to open up lines of credit with a number of different merchants, says Julie Fergerson, a founder of the Merchant Risk Council and vice president of emerging technologies for anti-fraud security vendor Debix, a provider identity protection services that prompts banks to call individuals before opening new credit cards and loans in the individual's name. The Merchant Risk Council, created in 2003 when the Merchant Fraud Squad and the Internet Fraud Round Table merged, is a group of more than 7,800 merchants, vendors, financial institutions, and law enforcement agencies that seek to improve cyber-fraud prevention.

The scam is most likely to hit executives at small to mid-size companies that allow their employees to open lines of credit in the executive's name in order to purchase business supplies, at a merchant such as OfficeMax or Staples. In one case, goods being ordered in the name of one U.S. business executive were shipped to the U.K. and then on to Africa, Fergerson says, adding, "There are at least 200 companies known at this time to have issued credit in this guy's name." There's now an alert out discouraging merchants from extending credit to this executive. Fergerson declined to identify the executive specifically because law enforcement is investigating the crime.

The scam works for three reasons. Business executives tend to have excellent credit, merchants are less likely to scrutinize an application for a business line of credit because risk has traditionally been low, and the merchant billing cycle to businesses is typically as much as 60 days, giving the fraudster plenty of time before the merchant and business owner identify the fraud. When the merchant tries to collect on the money they're owed, the transaction is denied because it's not tied to a legitimate account. Nor has the business under whose name the account was created received any of the merchandise. This means the merchant has to eat the cost of the merchandise. During the two-week period in January, Fergerson saw nine cases of business executive identity theft, whereas normally she would see only one or two.

Mounting concern over identity theft and fraud comes as Bank of America Tuesday said its online banking customers will be able to use their cell phones and smart phones to check account balances, pay bills, and transfer money. With more and more mobile phone users in the U.S. able to access mobile Internet through their cell phones, Bank of America realizes it's got to balance these security concerns with the need to grow its online and mobile banking channels. The new service will be available to Cingular, Sprint-Nextel, T-Mobile, and Verizon Wireless customers and is launching in March in Tennessee, with plans to expand nationwide in subsequent months. The bank is assuring customers that information will remain encrypted when sent between the mobile phone and the bank.

This latest twist on identity theft and fraud comes as law enforcement continues to sort out the recent cyber theft of sensitive customer information stolen from retailer TJX, which was storing customer information in violation of the Payment Card Industry Data Security Standard created by Visa and MasterCard. Fergerson says she expects to see law enforcement announce a breakthrough in the case within the next 90 days, although she declined to provide more specifics. On Feb. 7, Massachusetts Attorney General Martha Coakley announced that her office's Consumer Protection Division is leading a multi-state civil investigation into the TJX security breach. TJX has acknowledged that information regarding credit and debit cards sales transactions in TJX's stores in the U.S., Canada, and Puerto Rico during 2003, as well as such information for these stores for the period from mid-May through December 2006, may have been accessed.

Identity theft has topped the Federal Trade Commission's annual "Consumer Fraud and Identity Theft Complaint Data" report for the past seven years, in 2006 accounting for 36% of the 674,354 complaints received.

With this latest scam against business executives, it's not just their customers that these executives need to protect; it's their own company's credit and ability to work with suppliers.

Comment  | 
Print  | 
More Insights
IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Must Reads Oct. 21, 2014
InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and trends on InformationWeek.com
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.