Identity Theft for Business

Identity Theft for Business: 3 Ways to Help Stay Safe

Did you know that your business has an identity just like you do? Because you can open accounts in your business’s name, identity thieves can do the same thing to commit fraud. This makes businesses a prime target for identity theft. The IRS reported that business identity theft has increased dramatically in recent years, from 350 reported cases in 2015 to approximately 10,000 business returns with potential for fraud in the first six months of 2017. 

Because of this increase, the IRS updated its practices for 2018 and now requires additional information for businesses, such as the SSN of the company executive authorized to sign corporate returns, payment history, filing history and parent company information. The IRS has also published five red flags for business identity theft, which include:

  • The IRS rejects an e-filed return saying it already has one with that identification number.
  • The IRS rejects an extension to file request saying it already has a return with that identification number.
  • The filer receives an unexpected tax transcript.
  • The filer receives an IRS notice that doesn’t relate to anything they submitted.
  • The filer doesn’t receive expected or routine mailings from the IRS.

Here are three ways to help prevent business identity theft:    

1.     Use an Employer Identification Number (EIN) instead of your SSN for business purposes. 
Many small businesses use their SSN number for business purposes. Using an EIN means that if your business identity is stolen, the thieves do not automatically have access to your personal identity. You can get an EIN for your business on the IRS website. 

Once you have an EIN, view it in the same way you do your personal SSN. With your EIN, business name and address, a thief can open business accounts and commit fraud. Be wary of other applications asking for your EIN, and limit providing your EIN as much as possible. 

2.     Sign up for notification of changes to your business registration. 
Your state may offer a free service that will notify you about changes to your business information. If your name, address, registered agent, business owner or officer information is modified, you will receive an email. Because thieves often change business information, unauthorized changes can be an early indicator of business identity theft. Check out the business identity theft page for your state to find out if the program is offered and how it works in your area. 

3.  Use the latest computer and internet security protocols. 
Because thieves often head online to steal business information for identity theft, it’s important to protect your network and computers. Make sure employees use secure passwords and remove network access immediately when an employee leaves. The U.S. Attorney General’s Office in the District of Rhode Island recommends using firewalls, anti-virus software, spyware protection software and encryption software. Other precautions recommended by the Department of Justice include not sharing files with personal information on the network or internet, using only authorized software, and checking logging data and audit trails.

Sorting out a business identity theft costs time and money. By taking steps to actively prevent business identity theft, you can focus on growing your business and serving your customers.