Javascript is currently disabled. This site requires Javascript to function correctly. Please enable Javascript in your browser!

Education / Business ID Theft Scams / Other Schemes to Defraud

Other Schemes to Defraud

Other Schemes to Defraud | Business Identity Theft

Other Business Identity Theft Schemes to Defraud

Business ID theft provides criminals with more options and potential targets

Criminals%20use%20business%20identity%20theft%20as%20a%20multi-purpose%20tool%20for%20a%20wide%20array%20of%20consumer%20and%20business%20identity%20fraud%20schemes. Bookmark and Share

 

Swiss army knifeA crime for all seasons

For criminals, business identity theft can be a multi-purpose tool to perpetrate, or perpetuate, a wide array of identity fraud schemes. The impersonation of a legitimate business not only significantly broadens the types of fraud that can be pursued, but also broadens the list of potential victims.

In some cases, the impersonated business may not be the direct target of the scheme, but is simply the unknowing cover under which the scheme is conducted. However, in each case, the victimized business' good name and reputation may be damaged, and the business can face an uphill battle trying to unravel and resolve the fraud.

The following describes some of the additional criminal schemes for which business ID theft is often used a means to an end.

 

Impersonating the business through email and websites

Phishing is the common name given to a prolific scam wherein a fraudster or scam artist sends an e-mail purporting to be from a financial institution or other organization. The message includes a claim that due to “security concerns”, “too many attempted log-ins”, an urgent need to “comply with anti-terrorist financing provisions under the USA Patriot Act”, or other such reasons, the recipient must confirm their personal and account information immediately to avoid some negative consequence - such as imminent account closure. In other cases, the email may be positioned as an order confirmation, designed to prompt the recipient to confirm shipping and billing details.

The e-mails look and sound official, and often contain graphics stolen from the company or organization from which the message claims to originate. Cyber criminals typically send out thousands of these phishing emails at once, knowing that some percentage of unsuspecting recipients will “take the bait”.

Criminals also routinely use deceptive websites to commit their fraud schemes and lure in unsuspecting victims. Whether through an intentionally similar website name, or through brand hijacking (the blatant copying and misuse of company logos and website content), thieves can impersonate a business' online presence and deceive unsuspecting visitors who believe they are visiting the real organization's website.



Phishing scams in action...

The Anti-Phishing Workgroup's "APWG Phishing Activity Trends Report" reported that in the first 6 months of 2011, it received 140,331 reports of new and unique phishing scams - an average of over 23,388 new phishing scams per month. The group also detected 195,901 new and unique phishing websites during the same time period.




Popular in Business ID Theft Schemes:
Other Popular Content:

 

Business Owner RisksPersonal Risks for Business Owners
Business identity theft poses increased personal risks that can turn your business dream into a nightmare.

 

Personal credit protectionPersonal Credit Protection
7 essential tools to protect your personal credit

 

Business Identity Theft PreventionBusiness Identity Theft Prevention Guide
What you need to do to protect your business and yourself from identity thieves

 

News and AlertsNews and Alerts
The latest business identity theft articles, recent news, and alerts

Victim Checklist Business ID Theft Victim Checklist
Know what to do if you are a victim

 

State Resources
State Business Identity Theft Resources Find business ID theft resources, victim assistance information, and instructions for your state or U.S. territory

 

Federal Resources
Federal government resources U.S. Federal Government agencies and resources for identity theft and business identity theft victims

 

Forms and GuidesForms and Reports
Find forms, guides, videos, and other helpful resources

 

Professional Resources
Professional ResourcesFind professional assistance, employee training, personal and business services, and other solutions



Impersonating the business to create fraudulent merchant accounts to conduct credit / debit card fraud

When criminals steal or purchase stolen credit or debit card information, their objective is to use the information to obtain cash or to purchase goods that are quickly and easily re-sold for cash. There are a variety of ways in which this can occur; including, but not limited to:

  • They can use the information themselves to make fraudulent online purchases, quickly maxing out the available credit or depleting the account balance.
  • They can create cloned (duplicate) physical cards which can be used for online, point-of-sale, and ATM transactions 
  • Rather than use the information themselves, they sell the information (singly or in bulk) to other criminals who then use it

When the stolen payment card information is used at a business to purchase goods or services, the target business may incur compounded losses through chargeback fees, loss of income from reversal of the fraudulent purchase, and loss of the goods or services delivered.

In other cases, more sophisticated and enterprising criminals may impersonate a business, using the business' information and identifiers, to establish credit card processing accounts through which they are able to make and process fraudulent transactions using the stolen credit/debit card information - for themselves and even as a service for other criminals. Depending upon the severity of the impersonation, the unsuspecting business may suddenly find its own merchant account terminated as a result, or suddenly receive a deluge of telephone calls from victims demanding to know why the company made fraudulent charges to their credit or debit card.

 

Fraudulent merchant account scams in action...

The scammers mimicked legitimate companies - taking real federal tax I.D. numbers - and then setting up more than 100 fake businesses with nearly identical names. Using virtual office services, they were able to give their fictional companies addresses that were very close to the companies whose tax IDs they were stealing. Armed with this information, the thieves were able to set up 116 fake merchant accounts.

Operating undetected for over 4 years, the FTC says the fraudsters charged 1.35 million credit cards micro charges between 0.25 and $9.00, for a total of $9.5 million.

Source: McMillan, Robert. "FTC says scammers stole millions, using virtual companies", ComputerWorld.com, June 27, 2010

 

Impersonating the business for tax fraud and tax refund scams

Also see Stolen Business EINs used for Tax Fraud

 

With the economic downturn, criminals are devising new schemes and tactics to take advantage of business reporting processes and weak protections for businesses. One such new fraud trend involves fraudulent wage reporting to commit tax fraud. There has been a great deal of focus on the high number of incidents of consumer tax refund fraud, in which thieves file fraudulent tax returns and obtain the personal tax refunds of their victims. But there is another side to the story that has been largely ignored by the media - and businesses are the victims.

Using a business' EIN (employer identification number), thieves can create bogus W-2s which are used to report fictitious income to the Internal Revenue Service, thus allowing criminals and their accomplices to pose as employees in order to file fraudulent federal income tax returns and receive tax refunds. The false W-2 forms not only report fictitious income, but also fictitious tax withholding which is the basis for the fraudulent refund claim. When this happens, the amounts paid by the employer for its legitimate employees don't match what the IRS and state tax agencies calculate should have been paid due to the additional bogus reporting, leaving a deficiency seemingly owed by the unsuspecting business. In some cases, the deficiency can be tens or even hundreds of thousands of dollars.

Because wage reporting is usually taken at face value by the IRS and state tax agencies as it is received, the target business is completely unaware of the fraud until it is notified of a deficiency in the employment taxes the business has paid, and receives a demand for payment. Suddenly, the business owner now faces a prolonged and difficult challenge of an investigation by state and federal tax agencies and must attempt to prove to these agencies that a fraud has occured.

Employment tax fraud scams in action...

Fraudsters targeted a seafood restaraunt franchise in Atlanta, Georgia. Using the business' EIN, they created more than 100 fake W-2 forms to report in excess of $4 million in non-existent salaries to state and federal agencies. In the end, the business owner was left owing more than $800,000 in payroll taxes. The case is still under investigation.

Source: Ibata, David. "ID theft stings Captain D's franchisee", The Atlanta Journal-Constitution, March 2, 2012.


Law enforcement officials say gang members are increasingly focusing on financial crimes because they are more safe and lucrative than selling drugs. Detective Craig Catlin of the North Miami Beach Police Department Gang Unit goes so far as to call it an “epidemic” among the city’s street gangs. “Why sling dope on the corner of an apartment building, when you can rent a room at a hotel nearby and have a tax return party? You can make up to $40,000 or $50,000 in one night,” he says.

Source: Rogers, Kate. "Why Gang Members Want Your Identity", FoxBusiness.com, April 4, 2013.

Impersonating the business for bogus job offer scams for identity theft

Consumers have been conditioned to provide confidential personal and financial information to businesses when making a purchase or applying for credit. Even more so in the case of employment - which may require divulging Social Security number and date of birth, banking information, or authorizing a credit and/or background check.

Thieves have found that in difficult economic times, with rampant layoffs and high unemployment, impersonating a business and offering bogus job opportunities can be an effective way to con unsuspecting applicants into willingly providing large amounts of personal information in the hopes of obtaining a new job at the impersonated business.

 

Job opportunity scams in action...

"After we got the first few calls, we didn't think anything of it, We just told them they had made a mistake. But as the calls continued to come in day after day, we knew something was up."

What the firm eventually found was the Internet trail of a global identity theft scheme that uses stolen corporate information to try to scam hundreds of thousands of job seekers. The complex con uses bogus websites, bulk e-mails, fake job applications and bank fraud to steal people's money and personal data.

Source: Burnett, Richard. "Orlando-area business uncovers global identity-theft scheme", Orlando Sentinel, September 19, 2010.

 

Learn how to protect your business from business identity theft

Need help? Find resources and assistance

Asset 1