No Image Available

Annie Hayes

Sift

Editor

LinkedIn
Email
Pocket
Facebook
WhatsApp

Feature: Focus on ‘Identity theft’

pp_default1

Credit Cards

By Geoff Webster, CEO at FAST Corporate services

It is estimated that identity theft accounts for nearly 40% of all white collar crime in the UK and evidence suggests that there are few signs that the problem will go away; Geoff Webster discusses the issues outlining what to be wary of together with some suggestions of how to reduce the chances of becoming a victim.


Identity theft is defined as wrongfully obtaining and using a business’ or person’s personal data for fraud or deception, generally for financial gain. That data can include anything from a businesses bank details to personal credit card information. Use of the internet is undoubtedly a factor in the rise of this type of crime and online criminals are harder to trace.

HR departments have access to a wide range of personal and company data and regularly reference and use information for their everyday business. So the responsibility of protecting employees and business information rests heavily on this part of a business.

But are you aware of all the dangers that you might face concerning various forms of identity theft and how can you protect yourself and your business from falling victim to this growing problem?

Identity theft: the facts
In the UK, identity theft soared to a record £29.7m in 2003, according to the Association of Payment and Clearing Services (Apacs). It has been estimated that at the end of 2003, identity fraud in all its forms cost governments, businesses and individuals world-wide US$221 billion. This figure is estimated to triple to $2 trillion by the end of 2005.

The Identity Theft Resource Centre (ITRC) based in America conducted a recent survey that stated the average time spent by each victim to rectify the problems associated with the theft of their personal information was 600 hours.

What should you advise your staff to look out for?

• “Shoulder surfing”: beware of those around you and who may be listening nearby. For example be vigilant when making a business call on the train, or in a hotel lobby.

• Rubbish sifting: rummaging through rubbish bins to find copies of cheques, bank or credit card statements, or any documentation that bears information about you or your business is an easy way for others to glean information.

• Spam: what looks like a legitimate corporate email but requests certain key information from the recipient is usually a scam. These are likely to be in the form of an email impersonating a bank and may include links to a spoofed website or HTML code designed to look similar to the real thing. The customer is requested to enter various pieces of data often banking information. This information is then used for the purposes of fraud and ID theft.

• Dishonest employees: those that have access to personal records may either provide this data to thieves or use it themselves. The HR department is prone to this problem because of the vast amounts of data that it stores and is able to access. It would also be wise to be particularly vigilant when employing temporary or part-timers.

• Business deception: another problem to be aware of concerning fraudulent employees is that some may simply use invoices or company stationery to obtain goods and services or even create an entirely false trading history. Conversely criminals may copy a business website and trick customers into handing over payment details or money.

• Physical theft: the old fashioned way! This could be in an intentional form such as mugging, or the fault of the owner through misplacing belongings for instance.

• Hackers, crackers and key loggers: potential evil lurks behind every web page, e-mail and online transaction.

Taking precautions

Ensure appropriate policies and procedures are in place to increase staff awareness of the risks and to educate and train employees to recognise the signs of identity theft. Policies may include:

• Establishing a clear reporting procedure for any such incidences or suspicions

• Shredding any important papers especially anything containing names or banking information

• Carrying out internal checks. It is an unfortunate fact that a majority of serious fraud emanates from employees and management. Businesses must perform checks on all employees with access to personal information, including any temporary and part-time employees.

• Keep hard copies of personnel information in locked files.

• No one should provide any information without verifying exactly why the data is being requested.

• Implement regular auditing of fraud and risk management for all departments. Analysing any risks could highlight areas for concern or improvement in current procedures.

• Employees shouldn’t use personal or company credit cards to make internet purchases unless you have gone directly to the vendor’s site, and confirmed they have a secure connection. This is indicated by the prefix “https” at the beginning of the location or address line of your browser.

• Advise employees to request a copy of their credit rating at least once a year from a credit reference agency. They must review it carefully and immediately address any anomalies. Both the company and its staff should always monitor monthly bank and credit card statements.

Want more insight like this? 

Get the best of people-focused HR content delivered to your inbox.
No Image Available
Annie Hayes

Editor

Read more from Annie Hayes