The recent fake letter and e-mail scam that contained logos of the Financial Intelligence Centre (FIC) and has already duped 419 South Africans, highlights the dangers that Corporate Identity theft can present to any organisation. Businesses that fail to implement effective document destruction practices face a higher risk of falling victim to corporate identity theft scams and as a result may be placing the organisation and its clients at risk of legal, financial and reputational repercussions.
Gianmarco Lorenzi, Managing Director of Cleardata – a group company of JSE listed Metrofile – says according to the latest Southern African Fraud Prevention Services (SAFPS) Chairman’s Report the number of fraud fillings received by SAFPS increased by 27% year-on-year in 2011, with 14 320 new incidents being reported in that year alone. “These statistics highlight the fact that identity theft is on the rise in South Africa and criminals are increasingly targeting businesses as they have realised that it is more lucrative and easier than exploiting individuals.”
From a global perspective, identity theft is also a concern with the 2012 Javelin Strategy & Research Identity Fraud Report revealing that identity fraud is one of the fastest growing crimes with the number of reported incidents increasing by 13% globally in 2011, affecting 11.6 million adults.
Lorenzi says latest trends in corporate identity theft involve consumers receiving letters with official company letterheads stating that the account details for their monthly instalments have changed and the consumer must make payments to new account details. “The consumer, thinking this is an authentic business letter, then makes payments into the fraudulent account. The scam comes to light when the business contacts the customer to establish why payments are not being made, instigating reputational, legal or financial damage for the business as the customer wonders how their details were obtained by the fraudster in the first place.”
“Businesses need to realise that one of the easiest ways for criminals to conduct corporate identity theft is by going through the company’s rubbish. Most computers also have desktop publishing technology, which has made it far easier for fraudsters to scan and duplicate a variety of corporate documents – such as purchase orders, invoices, bank statements, cash and credit card receipts or even stock certificates – containing company logos.”
Lorenzi says business records of any kind should never be put into a general waste or recycling bin, where it may be accessed by criminals intent on identity theft; instead, all business records that are no longer needed should be shredded.
He says small businesses, especially those located in rural areas, may be at more risk, as they are often under the misperception that only larger organisations situated in urban areas are targets for corporate identity theft. “This is actually not the case. Businesses of all sizes and in all locations can be exploited and must therefore employ effective document destruction practices.”
“Those businesses not practicing sound document destruction are simply placing the organisation, including employees and clients, under unnecessary risk of identity theft and should seek the advice of a reputable document shredding company that has been certified by the National Association for Information Destruction (www.naidonline.org) to mitigate the potential threat to their business and reputation,” concludes Lorenzi.