In recognition of National Small Business Week last week, Michigan Attorney General Dana Nessel reissued her consumer alert on business identity theft. Business identity theft occurs when criminals pose as owners, officers, or employees to illegally transact business and establish lines of credit with banks and vendors. It is the unauthorized use of a business name or identity for financial gain.
“While identity theft can happen to any organization, small businesses are especially vulnerable,” said Nessel. “By the time owners realize something is wrong, it may already be too late. Knowing the warning signs can go a long way in protecting companies from bad actors.”
Identity thieves commit fraud by gaining access to business’ bank accounts and credit cards or by stealing sensitive company information. The thieves open up lines of credit or get business loans based on the business’ identity and creditworthiness. Typically, thieves cash out quickly and go unnoticed until the bills and collection notices arrive at the door of the victimized business, leaving behind debt, damaged credit, and a destroyed reputation.
In addition to the costs associated with any direct incidences of business identity theft, many businesses may also have to deal with legal ramifications, such as defending their trademarks, copyrights, patents, or other property in court.
There are different forms of business identity theft to look out for:
1. LLC Fraud - In some cases, thieves will create an LLC with a similar name or the same name as a business and register it in Michigan or another state. They then reroute company payments and mailings to the fraudulent LLC address. This results in large financial losses and security issues.
2. Financial Fraud - hijacking a business through fraudulent filings, including LLC filings changing registered agent, trustee, or other personnel information on the LLC. Here thieves open new lines of credit, loans, or credit cards in the business’s name and file fraudulent uniform commercial code (UCC) financial statements.
3. Web Defacement - impersonating a business with a fake website or social media account. Thieves may manipulate a business’s website to redirect traffic to another website and steal customer data. Bad actors may also create a similar website that appears legitimate and pay the fee for their website to appear at the top of search results.
4. Trademark Ransom - imitating an existing business by obtaining a similar mailing address. Here thieves register a business’s name or logo as an official trademark and demand a ransom to release them from the trademark.
5. Tax Fraud - masquerading as a business by using a federal employer identification number. This includes filing fraudulent returns using tax subsidies and obtaining refunds through the federal or state governments.
Nessel encourages business owners to be proactive and take steps to educate themselves and their staff to avoid falling victim to business identity theft.
1. Check and monitor the commercial credit report for their business.
2. Sign up for electronic notifications with their bank and other creditors or service providers.
3. Review bills and account statements upon receipt and immediately report any suspicious activity to the originating company.
4. Monitor their business’s public record on file with the Michigan Department of Licensing and Regulatory Affairs (LARA) - Corporations Division and make sure all corporate entities are in good
standing.
5. Keep business records and documents secure, and protect their EIN (employer identification number), account numbers, and other personal information.
6. Educate staff on best cybersecurity practices.
7. Don’t share sensitive information over email or any web-based service.
8. Invest in cybersecurity insurance.
Those who believe they are a victim of business identity theft should:
1. Tell their bank, credit card providers, and other creditors that they may be a business identity theft victim and ask if they have received any recent or unusual charges or orders from someone claiming to be doing business in their name. Request copies of documents or emails that were used by the thieves to fraudulently open or access accounts.
2. Confirm their business filings with LARA are current and correct.
3. Notify local and/or state law enforcement officials.
4. Talk to their business insurer and an attorney about their legal remedies.
5. Report the issue to the small business credit reporting agencies of Dun & Bradstreet, Equifax, Experian; and ask about placing fraud alerts on their business’ bank and merchant accounts – Dun & Bradstreet offers free support to a business whose identity has been stolen.
6. Notify the Internal Revenue Service (IRS) if they believe that their Employer Identification Number has been used fraudulently and respond to any notices from the IRS.
7. Contact Attorney General’s Michigan Identity Theft Support Team (MITS).
Nessel also recently issued a consumer alert after third-party entities requested access to businesses through LARA’s MiBusiness Registry Portal. The portal is the online system businesses use to submit filings to the LARA Corporations, Securities and Commercial Licensing Bureau (CSCL). While no documents were submitted without permission, Attorney General Nessel encourages portal users to:
• Have an updated email address for the entity’s resident agent on file with LARA CSCL to receive timely notifications.
• Check files in the portal at least once every three months.
• Review each filing to make sure everything is correct.
• If you see filings you did not approve contact LARA at 517-241-9223 or via email. Read all emails you receive from LARA.
• Check your spam folder for any emails from LARA. If your emails from LARA are being directed to the spam folder, mark them as a safe sender to ensure they’re sent to the main mailbox.
For additional information on Business Identity Theft and awareness, contact The National Cybersecurity Society (https://nationalcybersecuritysociety.org/who-we-are), a non-profit organization focused on providing cybersecurity education, awareness, and advocacy to small businesses and the Michigan Cyber Command Center (www.michigan.gov/msp/divisions/intel-ops/cyber/mc3), which investigates the criminal aspect of network intrusions for cyber incidents involving Michigan businesses, non-profit organizations, and public entities.
To file a complaint with the attorney general, or get additional information, contact:
Consumer Protection Team
P.O. Box 30213
Lansing, MI 48909
517-335-7599
Fax: 517-241-3771
Toll-free: 877-765-8388
Online complaint form at https://secure.ag.state.mi.us/complaints/consumer.aspx
“While identity theft can happen to any organization, small businesses are especially vulnerable,” said Nessel. “By the time owners realize something is wrong, it may already be too late. Knowing the warning signs can go a long way in protecting companies from bad actors.”
Identity thieves commit fraud by gaining access to business’ bank accounts and credit cards or by stealing sensitive company information. The thieves open up lines of credit or get business loans based on the business’ identity and creditworthiness. Typically, thieves cash out quickly and go unnoticed until the bills and collection notices arrive at the door of the victimized business, leaving behind debt, damaged credit, and a destroyed reputation.
In addition to the costs associated with any direct incidences of business identity theft, many businesses may also have to deal with legal ramifications, such as defending their trademarks, copyrights, patents, or other property in court.
There are different forms of business identity theft to look out for:
1. LLC Fraud - In some cases, thieves will create an LLC with a similar name or the same name as a business and register it in Michigan or another state. They then reroute company payments and mailings to the fraudulent LLC address. This results in large financial losses and security issues.
2. Financial Fraud - hijacking a business through fraudulent filings, including LLC filings changing registered agent, trustee, or other personnel information on the LLC. Here thieves open new lines of credit, loans, or credit cards in the business’s name and file fraudulent uniform commercial code (UCC) financial statements.
3. Web Defacement - impersonating a business with a fake website or social media account. Thieves may manipulate a business’s website to redirect traffic to another website and steal customer data. Bad actors may also create a similar website that appears legitimate and pay the fee for their website to appear at the top of search results.
4. Trademark Ransom - imitating an existing business by obtaining a similar mailing address. Here thieves register a business’s name or logo as an official trademark and demand a ransom to release them from the trademark.
5. Tax Fraud - masquerading as a business by using a federal employer identification number. This includes filing fraudulent returns using tax subsidies and obtaining refunds through the federal or state governments.
Nessel encourages business owners to be proactive and take steps to educate themselves and their staff to avoid falling victim to business identity theft.
1. Check and monitor the commercial credit report for their business.
2. Sign up for electronic notifications with their bank and other creditors or service providers.
3. Review bills and account statements upon receipt and immediately report any suspicious activity to the originating company.
4. Monitor their business’s public record on file with the Michigan Department of Licensing and Regulatory Affairs (LARA) - Corporations Division and make sure all corporate entities are in good
standing.
5. Keep business records and documents secure, and protect their EIN (employer identification number), account numbers, and other personal information.
6. Educate staff on best cybersecurity practices.
7. Don’t share sensitive information over email or any web-based service.
8. Invest in cybersecurity insurance.
Those who believe they are a victim of business identity theft should:
1. Tell their bank, credit card providers, and other creditors that they may be a business identity theft victim and ask if they have received any recent or unusual charges or orders from someone claiming to be doing business in their name. Request copies of documents or emails that were used by the thieves to fraudulently open or access accounts.
2. Confirm their business filings with LARA are current and correct.
3. Notify local and/or state law enforcement officials.
4. Talk to their business insurer and an attorney about their legal remedies.
5. Report the issue to the small business credit reporting agencies of Dun & Bradstreet, Equifax, Experian; and ask about placing fraud alerts on their business’ bank and merchant accounts – Dun & Bradstreet offers free support to a business whose identity has been stolen.
6. Notify the Internal Revenue Service (IRS) if they believe that their Employer Identification Number has been used fraudulently and respond to any notices from the IRS.
7. Contact Attorney General’s Michigan Identity Theft Support Team (MITS).
Nessel also recently issued a consumer alert after third-party entities requested access to businesses through LARA’s MiBusiness Registry Portal. The portal is the online system businesses use to submit filings to the LARA Corporations, Securities and Commercial Licensing Bureau (CSCL). While no documents were submitted without permission, Attorney General Nessel encourages portal users to:
• Have an updated email address for the entity’s resident agent on file with LARA CSCL to receive timely notifications.
• Check files in the portal at least once every three months.
• Review each filing to make sure everything is correct.
• If you see filings you did not approve contact LARA at 517-241-9223 or via email. Read all emails you receive from LARA.
• Check your spam folder for any emails from LARA. If your emails from LARA are being directed to the spam folder, mark them as a safe sender to ensure they’re sent to the main mailbox.
For additional information on Business Identity Theft and awareness, contact The National Cybersecurity Society (https://nationalcybersecuritysociety.org/who-we-are), a non-profit organization focused on providing cybersecurity education, awareness, and advocacy to small businesses and the Michigan Cyber Command Center (www.michigan.gov/msp/divisions/intel-ops/cyber/mc3), which investigates the criminal aspect of network intrusions for cyber incidents involving Michigan businesses, non-profit organizations, and public entities.
To file a complaint with the attorney general, or get additional information, contact:
Consumer Protection Team
P.O. Box 30213
Lansing, MI 48909
517-335-7599
Fax: 517-241-3771
Toll-free: 877-765-8388
Online complaint form at https://secure.ag.state.mi.us/complaints/consumer.aspx
––––––––––––––––––––
Subscribe to the Legal News!
https://www.legalnews.com/Home/Subscription
Full access to public notices, articles, columns, archives, statistics, calendar and more
Day Pass Only $4.95!
One-County $80/year
Three-County & Full Pass also available
