Business Identity Theft


Business Identity Theft Defined:

The Department of Justice’s Office for Victims of Crime, defines business identity theft as a type of identity theft committed with the intent to defraud or hurt a business (e. g. financial business identity, extortion).


Financial Fraud

Obtaining new lines of credit, loans or credit cards in the business’s name; and/or filing fraudulent UCCs.

Tax Fraud

Filing fraudulent returns using tax subsidies and/or obtaining refunds either through the federal and/or state governments.

Website Defacement

Manipulating a business’s identity (website) on the web.

Trademark Ransom

Registering the business name or logo as an official trademark and demanding a ransom for release of the trademarked business name or logo.

How bad is it?

IRS stated in 2017, “Small business identity theft is a big business for identity thieves. Just like individuals, businesses may have their identities stolen and their sensitive information used to open credit card accounts or used to file fraudulent tax returns for bogus refunds.” (Footnote #1)

In November 2014, the IRS Advisory Council raised concerns with business identity theft and issued the following statement:

“Business identity theft can be more complex than individual identity theft and.…. can occur in many ways. A fraudulent business entity tax return can be filed that generates a larger refund than would be obtained on an individual income tax return due to available refundable tax credits, or fraudulent W-2 forms with fictitious withholding may be filed and the information subsequently used to file multiple fraudulent individual income tax returns claiming refunds. Similar to individual identity theft, business identity theft also impacts the banking and business communities. Because of the potentially larger payoffs available, business identity theft is on the rise. (footnote 2)

The FTC’s Identity Theft Clearinghouse collects data on consumer identity theft, but does not collect statistics on business identity theft. In 2016, the FTC reported that the number of complaints for consumer identity theft at 400,000 —- which had declined slightly from previous years — with a cumulative number of identity victims at 17.6 million or 7% of the U.S population.

Background on the Business Identity Theft project

In October 2017, the Identity Theft Resource Center selected the National Cybersecurity Society as one of six sub-grantees, to lead a national coalition under the auspices of the National Identity Theft Victims Assistance Network (NITVAN). NITVAN is a network of coalitions across the country engaged in creating, enhancing and delivering identity theft and identity-related cybercrime victim assistance training and outreach to improve the ability to provide direct victim assistance services. The program provides resources to establish and augment the work of regional, statewide and community-based coalitions, with an emphasis on threats from cyberspace. Funding for this award is derived from the U.S. Department of Justice, Office for Victims of Crime, through the Crime Victims Fund.


In response to this effort, the NCSS developed the Business Identity Theft in the U.S., June 6th, 2018 and can be found here:

Business Identity Theft 2018 Report


Business Identity Theft Defined


Victim Resources


Tips to Protect your Business from Identity Theft




Business Identity Theft Scams