Arrow DownIcon of an arrow pointing downwardsArrow LeftIcon of an arrow pointing to the leftArrow RightIcon of an arrow pointing to the rightArrow UpIcon of an arrow pointing upwardsBank IconIcon of a bank buildingCheck IconIcon of a bank checkCheckmark IconIcon of a checkmarkCredit-Card IconIcon of a credit-cardFunds IconIcon of hands holding a bag of moneyAlert IconIcon of an exclaimation markIdea IconIcon of a bright light bulbKey IconIcon of a keyLock IconIcon of a padlockMail IconIcon of an envelopeMobile Banking IconIcon of a mobile phone with a dollar sign in a speech bubbleMoney in Home IconIcon of a dollar sign inside of a housePhone IconIcon of a phone handsetPlanning IconIcon of a compassReload IconIcon of two arrows pointing head to tail in a circleSearch IconIcon of a magnifying glassFacebook IconIcon of the Facebook logoLinkedIn IconIcon of the LinkedIn LogoXX Symbol, typically used to close a menu
Skip to nav Skip to content

Risk of Identity Theft is a Costly Proposition for SMBs

Much like individuals, businesses can be victims of identity theft. However, unlike personal identity theft, it is often unclear how a Small and Medium-Sized Business (SMB) can recover from the financial and reputational impact. Business identity theft occurs when criminals impersonate a company to target its funds, file fraudulent tax returns, take out loans, or apply for lines of credit — all for financial gain.

Business identifiers, such as Employer Identification Number (EIN), Creditsafe Safe Number, D-U-N-S Number, or corporate credit card number, are often obtained as the result of a data breach, whether directly or via a third-party — meaning your business data was stolen when someone you do business with was breached. More than half of all SMBs have experienced at least one data breach in the last 12 months, and 60% of SMBs suffering a security incident close their doors within 6 months. And while no one can fully prevent a data breach, it is crucial to recognize the signs that your business identity is at risk, and from there, take the appropriate steps to protect what you’ve built so that a compromise doesn’t result in an even more devastating outcome.

Signs and Consequences of Business Identity Theft

In addition to data breaches, criminals target your sensitive business information through scams such as phishing emails, W-2 scams, delinquent utilities, office supply scams and more. Identity thieves are continually revising their methods to get their hands on this data, as the payoff from business identity theft is much greater than individual-focused scams.

SMBs make attractive targets because of their large account balances and higher credit limits, and the networks they are a part of which provide a gateway to the data of larger companies. They are seen by fraudsters as easy prey, as SMBs often have a minimum of data security and lack of resources to investigate such incidents. As a small business owner, the financial impact of identity crime may result in not being able to fund payroll or pay your taxes, bills, and suppliers — all of which can negatively impact your business’ credit score. Beyond an SMB's own financial accounts, business identity theft can result in reputational damage, operational disruption and regulatory actions.

There are five major signs that may signal that your business has been targeted by identity thieves:

  1. You receive a rejection notice from the IRS claiming a return was filed using the same Employer Identification Number (EIN), or receive an unexpected tax transcript.
  2. You notice unusual charges made to your business account or receive bills for items your business never purchased.
  3. You find records of bank accounts and credit cards opened under your business’ name in your credit file.
  4. You receive notices from debt collectors for unknown purchases.
  5. You no longer receive expected business bills or other mail.

Seven Steps for Recovering from Business Identity Crime

Act fast and consider the following when recovering your business assets:

  1. Notify your financial institution and credit bureaus to freeze your business accounts immediately, deterring additional fraud from occurring.
  2. Notify the appropriate government agencies, such as the IRS, BBB, FTC, and file a police report stating that your business is a victim of identity theft.
  3. Keep a record of all fraudulent activity and reports.
  4. Notify your vendors and suppliers if they are affected.
  5. Monitor your bank account statements and credit report for suspicious activity.
  6. Close any accounts that have been opened or tampered with as a result of identity theft.
  7. Arm your business with Small Business Protection to defend your company and your employees from the fallout of identity theft.

Identity theft can be a stressor for any small business, especially if you are unsure how to recover its identity.

Tips to Protect Your Business Identity

  1. Update your security measures. From your antivirus software to business passwords, make appropriate updates to ensure all devices and accounts are protected.
  2. Encrypt your data. By using encryption, if fraudsters get a hold of sensitive personal or business information, it will be rendered useless.
  3. Remain vigilant in monitoring your accounts. Even after a case has been resolved, your business identity is still at risk. Continue to monitor your financial and credit accounts.
  4. Safeguard your employees. If your SMB is compromised, it can affect everyone attached to the company. Offering identity theft protection as an employee benefit will help alleviate the stress and loss of productivity.


This article was written by Heidi Daitch from Business2Community and was legally licensed through the NewsCred publisher network. Please direct all licensing questions to

Subscribe for Ideas