Poor Document Destruction may result in Corporate ID Theft
Businesses that fail to implement effective document destruction practices face a higher risk of falling victim to corporate identity theft scams and as a result may be placing the organisation and its clients at risk of legal, financial and reputational repercussions.
This is according to Gianmarco Lorenzi, Managing Director of Cleardata – a group company of JSE listed Metrofile – who says that each year corporate identity theft costs US businesses approximately $48 billion dollars, according to the Federal Trade Commission. “In addition to this, latest statistics released by the 2012 Javelin Strategy & Research Identity Fraud Report reveal that identity fraud is one of the fastest growing crimes with the number of reported incidents increasing by 13% globally in 2011, affecting 11.6 million adults.
“While there are no local statistics, the fact remains that identity theft is on the rise globally and criminals are targeting businesses as they have realised that it is more lucrative and easier than exploiting individuals.”
Lorenzi says latest trends in corporate identity theft involve consumers receiving letters with official company letterheads stating that the account details for their monthly instalments have changed and the consumer must make payments to new account details. “The consumer, thinking this is an authentic business letter, then makes payments into the fraudulent account. The scam comes to light when the business contacts the customer to establish why payments are not being made, instigating reputational, legal or financial damage for the business as the customer wonders how their details were obtained by the fraudster in the first place.”
“Businesses need to realise that one of the easiest ways for criminals to conduct corporate identity theft is by going through the company’s rubbish. Most computers also have desktop publishing technology, which has made it far easier for fraudsters to scan and duplicate a variety of corporate documents – such as purchase orders, invoices, bank statements, cash and credit card receipts or even stock certificates – containing company logos.”
Lorenzi says business records of any kind should never be put into a general waste or recycling bin, where it may be accessed by criminals intent on identity theft; instead, all business records that are no longer needed should be shredded.
He says small businesses, especially those located in rural areas, may be at more risk, as they are often under the misperception that only larger organisations situated in urban areas are targets for corporate identity theft. “This is actually not the case. Businesses of all sizes and in all locations can be exploited and must therefore employ effective document destruction practices.”
“Those businesses not practicing sound document destruction are simply placing the organisation, including employees and clients, under unnecessary risk of identity theft and should seek the advice of a reputable document shredding company that has been certified by the National Association for Information Destruction (www.naidonline.org) to mitigate the potential threat to their business and reputation,” concludes Lorenzi.