Business identity theft is alive and well

And it can happen to your business.

Criminals do not discriminate – any type of business or organization of any size or legal structure including sole proprietorships, partnerships, LLCs, trusts, non-profits, municipalities and county governments, school districts and corporations are all targets for business identity theft.

What exactly is business identity theft?  First, let’s clarify that we are not talking about an information security breach or an incident involving the loss or theft of confidential consumer information. Rather, business identity theft discussed here involves the actual impersonation of the business itself.

It happens when criminals pose as owners, officers or employees of a business in order to get their hands on cash, credit or loans, leaving the business on the hook to deal with the debt. A favorite tactic of identity thieves involves the theft of the tax identification number (TIN) or employer identification number (EIN) of the company or the owners’ personal information to use that data to open new lines of credit or obtain a business loan based on the company’s identity.

Another common form of business identity theft occurs when criminals file fake documents with the Secretary of State’s office to change company information such as its registered address or the names of directors, officers or managers. Once the records have been changed, the identity thieves can establish lines of credit or new accounts with the false information.

Other examples of the fraudulent use of a company’s information include current or former employees making use of their access to financial documentation; establishing a temporary office space or merchant accounts in a company’s name; going through a business’s trash and recycling bins to find account numbers or other sensitive data; using phishing attacks or other scams to get the business’s banking or credit information from employees; and filing for tax credits with stolen EINs.

Businesses are an attractive target for identity thieves. Generally speaking, a company will have higher credit limits than an individual, so opening a new account or line of credit in a business’s name will yield more cash for a criminal and larger purchases will receive less scrutiny. Perhaps most frustrating, companies are required by law to report certain identifiers (an address, EIN/TIN, and names of directors in most states), meaning the information is publicly available and easily accessible to anyone.

The invoicing and payment terms typically available to businesses can also work against them. Identity thieves may have a window of up to 30 days after a purchase to disappear before a company detects a problem – and even longer if the thieves use a different address.

Unfortunately, business identity theft is an underreported crime for a variety of reasons. Companies often have no idea their identity has been compromised until they begin receiving unfamiliar bills and collection notices when it is already too late to stop the thieves. Government agencies receive frequent requests for changes to company information and an address change is unlikely to raise red flags. Some businesses aren’t paying close enough attention or fail to caution employees about the possibility of phishing scams, while others may be embarrassed or concerned about their reputation with customers and don’t want to report what happened.

Given the underreporting problem, statistics on business identity theft can be hard to come by. However, the Internal Revenue Service (IRS) said it has seen the number of corporate tax returns flagged for potential business identity theft increase exponentially in recent years, from 350 in 2015 to 4,000 in 2016 with a jump to 10,000 in only the first six months of 2017. The cost of the damage has also risen dramatically, from $122 million in 2015 to $268 million the following year and $137 million for just the first half of 2017.

Importantly, these numbers reflect just one of the many forms of business identity scams.

What can companies do to protect themselves? Click here for a checklist of the most important steps for prevention and what to do if your business becomes a victim.

April 12th, 2018|Criminal Activity, Fraud, Security|

Pennies add up to $18.7 million in allegedly illicit gains

A bit different from the billion dollar frauds that frequently made the headlines in the years past, a complaint filed on October 5, 2014 by the justice department in the federal district court in Manhattan accuses two former New York brokers of securities fraud and conspiracy for secretly adding a few pennies to the cost of securities trades they processed to generate $18.7 million in gains. The SEC also filed civil charges against the men, and added another broker as a defendant. The SEC’s complaint alleges that from at least 2005 through at least February 2009, the defendants perpetrated the scheme by falsifying execution prices and embedding hidden markups or markdowns on over 36,000 customer transactions. According to the SEC, the defendants charged small commissions—typically pennies or fractions of pennies per share; the scheme was devious and difficult to detect because they selectively engaged in it when the volatility in the market was sufficient to conceal the fraud. One of the defendants, who was in charge of entering the prices into the trading records and playing a critical role by controlling the flow of information, already pleaded guilty to securities fraud and conspiracy.

October 15th, 2014|Criminal Activity, Fraud|

FTC halts high school diploma mill

As the request of the Federal Trade Commission (the “FTC”), on September 16, 2014, the U.S. District Court for the Southern District of Florida imposed a temporary restraining order to halt the business operations of Diversified Educational Resources, LLC (DER), and Motivational Management & Development Services, Ltd. (MMDS), and freeze their assets. The FTC’s lawsuit seeks a permanent injunction to stop the defendants’ deceptive practices and to return ill-gotten gains to consumers, which according to a preliminary review of bank records referenced in the lawsuit were more than $11,117,800 since January 2009.

The complaint alleges that the defendants violated the FTC Act by misrepresenting that the diplomas were valid high school equivalency credentials and that the online schools were accredited. The FTC charges that the defendants actually fabricated an accrediting body to give legitimacy to their diploma mill operation. DER and MMDS allegedly sold the diplomas since 2006 using multiple names, including,,, and, which purport to describe legitimate and accredited secondary school programs such as “Jefferson High School Online” and “Enterprise High School Online.” The websites claim that consumers can become “high school graduate[s]” and obtain “official” high school diplomas by taking an online exam and paying between $200 and $300. In numerous instances, consumers who attempt to use their Jefferson or Enterprise diplomas to enroll in college, enlist in the military, or apply for jobs are rejected because of their invalid high school credentials.

September 19th, 2014|Employment Decisions, Fraud, Lawsuit|

The SRA issues warning about a fake website

The Solicitors Regulation Authority (the “SRA”) in the United Kingdom issued a bulletin that it received a report that a website “ is operating which refers to the firm Dovernor Chambers” and that the wording on the website appears to have been cloned from the websites of genuine law firms without their knowledge or consent. The SRA says that it is identifying a new fake law firm on an almost daily basis. Some scammers reportedly are stealing a law firm’s entire web page, and then changing the contact information to redirect traffic elsewhere.

September 19th, 2014|Fraud|

Insider trading enforcement actions continue as SEC’s top priority

Illegal insider trading generally occurs when a security is bought or sold in breach of a fiduciary duty or other relationship of trust and confidence while in possession of material, nonpublic information. In recent years, the SEC has filed insider trading cases against hundreds of entities and individuals, including financial professionals, hedge fund managers, corporate insiders, attorneys, and others. In 2014, examples of noteworthy cases include enforcement actions against the following:

Two husbands on March 31, 2014 – In two unrelated cases, the SEC charged two men with insider trading on confidential information they learned from their wives about Silicon Valley-based tech companies. Each agreed to financial sanctions to settle the charges.

Stockbroker and law firm clerk on March 19, 2014 – SEC charged two individuals who were linked through a mutual friend, with insider trading for $5.6 million in illicit profits based on nonpublic information that the clerk obtained by accessing confidential documents in law firm’s computer system.

Wall Street investment banker on February 21, 2014 – SEC charged an investment banker with making nearly $1 million in illicit profits by insider trading in a former girlfriend’s brokerage account to pay child support.

Chicago-based accountant – SEC charged an accountant with insider trading ahead of the release of financial results by the company where he worked. The individual made more than $250k in illicit profits.

May 14th, 2014|Fraud|

SEC’s whistleblower program gains momentum

On November 15, 2013, the SEC released its third annual Whistleblower Report to Congress. According to the report, In the fiscal year 2013, the SEC paid four major awards, one of which was for over $14 million for information leading to an enforcement action that recovered substantial investor funds. Three other payments totaling $832k were made for information regarding a bogus hedge fund.

The report states that the number of complaints and tips increased from 3,001 in the 2012 fiscal year to 3,238 in 2013. The three most common complaints or tips were about corporate disclosures and financials, offerings fraud, and manipulation.  The number of FCPA-related tips also rose, from 115 to 149.

December 9th, 2013|Fraud|

13 Things to Know About Investing

The Securities & Exchange Commission (the “SEC”) recently released an educational bulletin to help investors make informed financial decisions and avoid common scams. Its 13 points include:

  1. Check the investment professional’s background.
    Details about experience and qualifications are available through the Investment Adviser Public Disclosure website and FINRA BrokerCheck.
  2. Be mindful of fees associated with buying, owning, and selling an investment product.
    Expenses vary from product to product, and even small differences in these costs can translate into large differences in earnings over time. An investment with high costs must perform better than a low-cost investment to generate the same returns.
  3. Diversification can help reduce the overall risk of an investment portfolio.
    By picking the right mix, you may be able to limit losses and reduce the fluctuations of investment returns without sacrificing too much in potential gains. Some investors find that it is easier to achieve diversification through ownership of mutual funds or exchange-traded funds rather than through ownership of individual stocks or bonds.
  4. Paying off high-interest debt may be the best “investment” strategy.
    Few investments pay off as well as, or with less risk than, eliminating high-interest debt on credit cards or other loans.
  5. Promises of high returns, with little or no associated risk, are classic warning signs of fraud.
    Every investment carries some degree of risk and the potential for greater returns comes with greater risk. Ignore the so-called “can’t miss” investment opportunities or those promising guaranteed returns or, better yet, report them to the SEC.
  6. Any offer or sale of securities must be either registered with the SEC or exempt from registration.
    Otherwise, it is illegal. Registration is important because it provides investors with access to key information about the company’s management, products, services, and finances.
  7. Do not invest in a company about which little or no information is publicly available.
    Always check whether an offering is registered with the SEC by using the SEC’s EDGAR database or contacting the SEC’s toll-free investor assistance line at (800) 732-0330.
  8. Investing heavily in shares of any individual stock can be risky.
    In particular, think twice before investing heavily in shares of your employer’s stock. If the value declines significantly, or the company goes bankrupt, you may lose money and there’s a chance you might lose your job, too.
  9. Active trading and some other common investing behaviors actually undermine investment performance.
    According to researchers, other common investing mistakes include focusing on past performance, favoring investments from your own country, region, state or company, and holding on to losing investments for too long and selling winning investments too soon.
  10. Con-artists are experts at the art of persuasion, often using a variety of influence tactics tailored to the vulnerabilities of their victims.
    Common tactics include phantom riches (dangling the prospect of wealth, enticing with something you want but can’t have), source credibility (trying to build credibility by claiming to be with a reputable firm or to have a special credential or experience), social consensus (leading you to believe that other savvy investors have already invested), reciprocity (offering to do a small favor for you in return for a big favor) and scarcity (creating a false sense of urgency by claiming limited supply).
  11. Some investments provide tax advantages.
    For example, employer-sponsored retirement plans and individual retirement accounts generally provide tax advantages for retirement savings, and 529 college savings plans also offer tax benefits.
  12. Mutual funds, like other investments, are not guaranteed or insured by the FDIC or any other government agency.
    This is true even if you buy through a bank and the fund carries the bank’s name.
  13. The key to avoiding investment fraud is using independent information to evaluate financial opportunities.
    Many investors may have avoided trouble and losses if they had asked questions from the start and verified the answers with sources outside of their family, community, or group. Whether checking the background of an investment professional, researching an investment, or learning about new products or scams, unbiased information is a significant advantage for investing wisely. 
February 13th, 2013|Educational Series, Fraud|

Highlights of ACFE’s 2012 report on occupational fraud

The Association of Certified Fraud Examiners (ACFE) recently released its Report to the Nations on Occupational Fraud and Abuse – 2012 Global Fraud Study. The ACFE states that the Report is based on data from 94 countries compiled from studies of 1,388 occupational fraud cases that occurred between January 2010 and December 2011, and were investigated by certified fraud examiners. The ACFE conducts global occupational fraud studies every two years. According to the Report, a typical organization loses 5% of its revenues to fraud each year, which translates to more than $3.5 trillion if applied to the estimated 2011 Gross World Product. As in its prior studies, the Report shows that the industries most commonly affected by occupational fraud are banking and financial services, government and public administration, and manufacturing. Small organizations suffered the largest median losses. The Report indicates that asset misappropriation continued to be the most frequently committed fraud, yet least costly, with a median loss of $120,000, while financial statement fraud remained the least frequent but the most costly, with a median loss of $1,000,000. Below are the Report’s findings about the fraud perpetrators:

  • Perpetrators with higher authority levels tend to cause much larger losses. The median loss among frauds committed by owner/executive was $573,000, by managers it was $180,000, and by employees, $60,000.
  • Vast majority (77%) of all frauds were committed by individuals working in one of six departments: accounting, operations, sales, executive/upper management, customer service or purchasing.
  • In 81% of cases, the fraudster displayed one or more behavioral red flags that are often associated with fraudulent conduct: living beyond means (36%), financial difficulties (27%), close association with vendors or customers (19%) and excessive control issues (18%).
  • Approximately 87% of the fraudsters had never been charged or convicted of a fraud-related crime, and 84% had never been punished or terminated for fraud-related conduct.

The Report further notes that the most frequent method of detection continued to be by tip, which occurred in 43.3% of the cases, followed by management review and then by internal audit detection. For entities with fraud hotlines, the likelihood that the fraud would be found by tip was 50.1% whereas for entities without a fraud hotline, that likelihood decreased to 35%, according to the Report. Overall, the median duration of a fraud before being discovered remained consistent with the ACFE’s 2010 study, at 18 months. Nearly half of victim organizations do not recover any losses suffered from a fraud.

The Report confirms that the nature and threat of occupational fraud is universal. Though its research noted some regional differences in the methods used to commit fraud – as well as organizational approaches to preventing and detecting it – many trends and characteristics are similar regardless of where the fraud occurred. The Report recommends that management should continually assess the organization’s specific risks and establish or revise compliance and fraud prevention programs accordingly.

June 1st, 2012|Criminal Activity, Fraud|

Social media evolving as new platform for investment scams

The Securities and Exchange Commission (SEC) today charged an Illinois-based investment adviser with offering to sell fictitious securities through social media sites. According to the SEC’s Division of Enforcement, Anthony Fields of Lyons, IL, offered more than $500 billion in fictitious securities, and in some instances, used LinkedIn discussions to promote fraudulent “bank guarantees” and “medium-term notes.”

The SEC’s order instituting administrative proceedings against Fields charges that he made multiple fraudulent offers through his two sole proprietorships – Anthony Fields & Associates (AFA) and Platinum Securities Brokers. Fields allegedly provided false and misleading information concerning AFA’s assets under management, clients, and operational history to the public through its website and in SEC filings. Fields also failed to maintain required books and records, did not implement adequate compliance policies and procedures, and promoted himself as a broker-dealer while he was not registered with the SEC.
Also today, in recognition that fraudsters are now turning to new and evolving platforms to peddle their scams, the SEC issued two alerts to highlight the risks investors and advisory firms face when using social media.

One of these alerts, a National Examination Risk Alert titled “Investment Adviser Use of Social Media,” provides staff observations based on reviews of investment advisers of varying sizes and strategies that use social media. The bulletin addresses issues that may arise from social media usage by firms and their associated persons, and offers suggestions for managing the antifraud, compliance, and recordkeeping provisions of the federal securities laws. The alert notes that firms need to consider how to implement new compliance programs or revisit their existing ones to align with the rapidly changing technology.

In the SEC’s second bulletin, an Investor Alert titled “Social Media and Investing: Avoiding Fraud” prepared by the Office of Investor Education and Advocacy, the aim is to help investors be aware of fraudulent investment schemes that use social media, and provide tips for checking the backgrounds of advisers and brokers.

January 4th, 2012|Fraud, Social Media|

Maryland resident charged with making false statements on federal job applications

The Department of Justice reported yesterday that Karen M. Lancaster, of Upper Marlboro, MD, has been charged with four counts of making false statements, three counts of submitting false documents and one count of engaging in a concealment scheme in connection with her multiple job applications to U.S. federal government agencies.

According to the indictment, Lancaster was employed in various positions with the U.S. Department of Defense (DoD) from 1991 until March 2005. She subsequently was notified by DoD that she was being fired due to performance failures. In October 2006, according to the indictment, Lancaster reached a settlement with DoD whereby she was allowed to resign, retroactive to March 2005.

Between 2006 and 2008, Lancaster applied for jobs at the U.S. Departments of State, Commerce and Defense, as well as with the SEC. The indictment states that as part of the application processes, Lancaster allegedly submitted documents that falsified and concealed information about her criminal history, employment history and suitability for employment with the federal government. Specifically, Lancaster allegedly concealed and falsified informatabout her prior arrests, charges, convictions and prison terms, the unfavorable circumstances under which she had resigned from prior federal employment, the roles and responsibilities she had at previous federal jobs; and her salary history.Lancaster will be arraigned on March 25, 2011, in U.S. District Court in Alexandria. The maximum penalty for each count of making a false statement, submitting a false document and engaging in a concealment scheme is five years in prison. Lancaster also faces a maximum fine of $250,000 per count.

The Department of Justice notes that an indictment is merely an accusation, and a defendant is presumed innocent unless proven guilty in a court of law.

March 17th, 2011|Employment Decisions, Fraud|
Go to Top