We hear a lot about data breaches and just about everyone has a story of having a credit card number stolen. At this point, many of us assume that we’ll be victims of identity fraud one way or another, whether someone steals a card number or a fraudster opens a completely new account.
But what about business identity fraud? Most of us don’t even realize that we have a separate business credit report. I certainly didn’t think about it.
The idea that my business identity could be stolen wasn’t even on my radar — until my family members started receiving aggressive collections calls from a creditor.
The Credit Card I Didn’t Know Existed
I’m used to regularly checking in with my consumer credit reports to check for fraudulent accounts, as well as scanning bank and credit card accounts for out-of-place charges. However, it never occurred to me to check my business credit report.
One day, though, my brother called me. Apparently, I had been ignoring messages from unknown numbers and my sister-in-law had been contacted and asked to tell me to get in touch about an “urgent business matter.” My brother gave me the attendant number.
However, I was reluctant to call the number. My relatives reported that a credit issuer was mentioned, but that they were afraid it might be shady. I had a consumer credit card with this company, so I called them using the name on my card. After some digging, the representative found that there was a credit card in the name of my business.
Whoever had opened this credit card had been making charges for several months, and hadn’t paid the bill in more than six months. I insisted that I hadn’t opened a card in the name of business, told them the account was fraudulent, and they assured me the issue would be addressed.
Unfortunately, that’s not exactly how it worked. Whether the fact that I began working on the consumer side instead of the business side or there was some other issue at stake, this creditor spent the next four months calling everyone they could find associated with me.
My siblings, my parents, and my ex-husband’s parents all got calls. At one point, my ex-husband’s brother’s wife got a call on her cell phone. Meanwhile, I was speaking with the creditor and telling them the account was fraudulent. Everyone had to threaten to report the creditor before they’d stop the harassment.
Eventually, the issue was resolved, the fraudulent account closed, and my business credit report wasn’t impacted by the incident. But it was a long several months, and I learned some valuable lessons.
What to Do if Your Business Identity is Stolen
If your business identity is stolen, it’s important to act quickly — just as it is when you notice consumer fraud. Unpaid credit card bills can drag on your business credit history, making it harder to get loans and credit cards later.
You might not think you need access to business credit right now, but you might be surprised at how important it is if you need extra capital to expand operations.
Here are four steps to take if you discover your business identity has been stolen.
1. Collect Information about the Situation
Find out everything you can. In my case, I needed information about when the fraudulent credit card account was opened and when they stopped paying the credit card bills. It’s also a good idea to document when collection calls are made. My creditor was making calls even after I had contacted them. My relatives and former relatives kept track of calls, particularly if they persisted after being told to stop.
Don’t forget to trace your steps to see where the information might have gotten out. In some cases, if information about your business name and address are made public on a Secretary of State website, there’s not much that can be done. But if a security breach led to a fraudster getting a hold of your EIN or other information, it’s important to know — and beef up security.
2. Report the Fraudulent Account
File reports about the breach with the Federal Trade Commission and with your local police department. When you’re working to get the account closed — and you want to avoid responsibility for it — being able to show that you’ve filed reports with law enforcement bolsters your case.
3. Let the Business Credit Bureaus Know
Notify Dun & Bradstreet, Equifax, and Experian about the breach. These are the three major business credit bureaus and they can help you address the problem. Additionally, letting them know about a fraudulent account will put them on the alert and can even help you receive a notification when someone attempts to open a line of credit in your business name.
4. Close Any Other Affected Accounts
If you suspect other accounts have been compromised, you might need to close those accounts. Of course, it goes without saying that you have the fraudulent account closed even as you fight to have it removed from your report.
Protect Yourself from Future Business Identity Fraud
One of my biggest mistakes was assuming that I didn’t need to worry about my business credit report. That mistake came back to haunt me in a major way. While you do need to take common measures, such as being careful about where you share your information and making sure you practice good cybersecurity hygiene, and reviewing your bank and credit card purchases, you also need to stay vigilant about what’s in your business credit report.
Make it a point to check your business credit report regularly. A service like Nav can help you see your business report and your personal report in the same place, allowing you to monitor the situation from one dashboard.
Don’t be like me. Don’t find out about a fraudulent account only when the creditors come knocking. While everything turned out fine in the end, I (as well as people connected with me) could have avoided a lot of frustration if I’d been just as vigilant about my business report as I was about my consumer report.
This article was originally written on April 17, 2019 and updated on January 26, 2021.
I wish it were that simple to report & receive assistance when your business identity has been stolen. Unfortunately, this is not my experience. The owner of our company was injured as a first responder in another country & a long term friend stepped in to help ship products until he recovered. During that time his “friend” took almost forty thousand dollars in unauthorized atm transactions, opened accounts in the company name for personal use & stole inventory. He was fired & removed from the company almost two years ago & that has not stopped him from creating more fraud using out business identity. He continues to open new accounts in the company name & use them until they are canceled for non payment. He also gains access to old accounts, changing passwords using the owners identity to over ride security and charge debt. The police refused to take a police report for the $40k he took. We contacted the district attorneys office for help & a report was taken & never assigned to a detective. 3 months ago Pitney Bowes notified us of fraudulant transactions he had created in an account he opened under our name with his home address. We tried to report that too without success. UPS notified us last month that he has gained access to our account online & is sending packages using the owners identity. He has changed the billing address to his home address. Now he has opened a company in the same name as ours to hide his fraud. We are a Caifornia Corporation with a trademark filed & nothing is protecting us. We cannot afford an Attorney. The minimum retainer is a $10k deposit. Even if we win in civil court we will not be able to collect a judgement from him because his only income is social security retirement which cannot be garnished. Noboy cares. Nobody will help. We are being victimized over and over and all we can do is pay the bills he creates or risk losing the ability to have credit.
What a terrible experience! Has he tried reaching out to the ID Theft Resource Center? It’s a nonprofit and they do awesome work. Perhaps they can advise.