Most people are familiar with identity theft, which happens when someone pretends to be someone else to make purchases, apply for credit or even get their tax refund.
However, an increasing number of criminals are doing the same thing, but stealing business data.
Business identity theft was up 46 percent year-over-year in 2017, the latest numbers available, according to data and analytics company Dun & Bradstreet.
Cyber-criminals “actually take on their client lists or the special sauce that makes that company operate and compete with them directly. In other instances, they’re pretending to be that business,” said Steven Shapiro, a unit chief at the FBI, told CNBC in a recent interview.
At stake are businesses’ brand, reputation and trade secrets. One recent case cost the company $1 billion in market share and hundreds of jobs, according to the FBI.
“Criminals have a perception that it’s easier to find a business’s data than it is for individuals. There’s also a perception that businesses have deeper pockets than an individual would in an identity theft situation,” said Shapiro.
Any business could be at risk, according to Brian Vecci, a “technical evangelist” at Varonis, which specializes in data protection.
“A lot of the information that you would need to impersonate a businesses is publicly available,” Vecci told CNBC, including names of corporate officers, email addresses and phone numbers.
In addition, the threat came come from inside, he added. “Insiders are incredibly difficult to protect against. First of all, they know more about your organization. If they really want to do some damage, they can do it very quickly and very efficiently,” Vecci said.
To protect yourself, Vecci said data should be restricted only to workers who need it, and advised companies to cut off employees when they leave the firm. They should also keep a close eye on credit reports, bank accounts, social media, and web search results, he added.
If you believe you are a victim of business identity theft, report it to the FBI at www.ic3.gov.