TechnologyAccounting SoftwareIdentity fraud: Who’s being you?

Identity fraud: Who's being you?

Identity theft, the use of someone else's details without their knowledge, is a growing problem. The advent of the internet has meant that a massive amount of personal and corporate information is now available online, which in turn means that the unscrupulous can take advantage.

Identity theft is not yet a crime under UK law, although the increasing problem means the government is consulting on whether it should become so. What is against the law is using the identity to obtain money.

It is difficult to get an exact figure on the levels of identity fraud in the UK as such crimes are hidden in the statistics for crimes of deception or theft.

But figures compiled by the Credit Industry Fraud Avoidance System, known as CIFAS, show that identity fraud saw a 461% increase in 2000 followed by a 122% increase in 2001 and a further rise of 54% in 2002 with 42,029 identified cases.

CIFAS monitors identity fraud separately from crimes of deception or theft.

Identity theft is a major headache for the financial services industry.

Apart from its use for personal gain, we are now seeing the theft of corporate identities.

It is quite common for fraudsters to obtain company details from publicly available records, such as directors’ names and bank details. Simply writing a letter asking for a brochure will elicit a response on company letterhead, which can then be used to notify the bank of a company’s change of address and to redirect all mail to the new address.

This letter is usually faxed to the bank to disguise the fact that the letter has been ‘cut and pasted’ together and contains forged signatures. The bank, in some cases, may accept this and then re-direct bank statements and/or chequebooks. The fraudster will wait until he knows that the bank account contains sizeable funds. He will then either forge a cheque or issue instructions to the bank via another faxed letter to transfer funds to another account, which he will then clear out. That account has usually also been set up using false details.

Fraudsters target companies in other ways too: by creating a new identity to shed their past.

In one investigation, the client called us in to find out why they were losing so much money.

The MD was sure that an employee was responsible, but could not pinpoint the individual. We were able to focus our work on the previous 12 months when the losses appeared to commence. One of the first steps was to see what changes in personnel there had been. There were 10 new starters, two of them in the finance department. We reviewed those individuals’ personnel files and at first glance everything appeared fine.

They seemed to have the right qualifications and references. But, a closer look showed that the addresses of one of the individuals did not tally with the electoral roll – the postcode was slightly out as CR0 and should have been CR1 – a mistake that prompted us to start delving deeper.

The individual finally admitted to the fraud, explaining his use of someone else’s identity to conceal the fact that he previously served three years in jail on being found guilty of theft and false accounting. After trying unsuccessfully for various positions, he had decided to steal someone’s identity.

He had been lucky to find someone with relevant details on the web and had been able to obtain information on the person’s previous employers and qualifications to construct an identity and a detailed CV.

When he was offered a job, he was able to complete an application form that enabled the company to request references from previous employers and confirm academic qualifications. His only slip up – over postcodes – only came to light when we started our investigation.

Corporate fraud is slightly more complex. ‘Long firm fraud’ (creating a company trading history that allows the fraudster to increase the level of purchases and then eventually disappear) has been around for a long time.

To overcome this, companies have been increasing the level of due diligence on potential customers to check up on the authenticity of the directors and the history of the company. Fraudsters are therefore reluctant to show themselves as directors of these companies as any checks will show that they are not to be trusted.

So they either use the details of an unsuspecting individual chosen at random, or those of a bona fide director from another company.

In one case, fraudsters obtained the details of an upstanding member of a local community – a church verger – from a church notice board and phone directory. The first thing the clergyman knew about it was when the police knocked on his door to ask him to ‘help them in their enquiries’.

But, if identity fraudsters want somewhere that will provide a fountain of new opportunities, they need look no further than the internet. It is relatively cheap and quick to create an online presence that looks and feels the same as a bona fide website. Online shopping has also meant that consumers have become used to handing over personal details on the web. Double identity frauds can therefore easily take place.

It works like this. An online shopper looking for www.abc.com may inadvertently log onto www.abc.co.uk that has been designed by a fraudster to look like the.com original for the sole purpose of obtaining personal details.

The shopper browses this parallel website and finds the products he or she is looking for. They are then asked to give their name, address and credit card details, which the fraudster uses to obtain goods on other sites or over the telephone. These details can also be used to clone credit cards. This all only comes to light when the individual receives their credit card statement and is shocked by what they see.

But it is not all doom and gloom as there are a number of ways that companies and individuals can protect themselves from the identity fraudster. But act now to ensure you don’t become their next victim.

  • Andrew Durant is head of the fraud investigation and recovery services team at BDO Stoy Hayward.

Related Articles

Accountancy in the digital age: Flexibility, agility, efficiency

Accounting Software Accountancy in the digital age: Flexibility, agility, efficiency

2w Pegasus Software | Sponsored
Sage purchases Intacct in its largest ever acquisition

Accounting Software Sage purchases Intacct in its largest ever acquisition

5m Alia Shoaib, Reporter
5 tips for SMEs to protect cash flow

Accounting Software 5 tips for SMEs to protect cash flow

5m Alia Shoaib, Reporter
UK behind foreign markets in digital accounting, but gap is narrowing

Accounting Software UK behind foreign markets in digital accounting, but gap is narrowing

7m Alia Shoaib, Reporter
The rise of the progressive accountant

Accounting Software The rise of the progressive accountant

7m Emma Smith, Managing Editor
Making Tax Digital: Revolution or revolt?

Accounting Software Making Tax Digital: Revolution or revolt?

8m Emma Smith, Managing Editor
Making Tax Digital: Is HMRC’s recent system fault a cause for concern?

Accounting Software Making Tax Digital: Is HMRC’s recent system fault a cause for concern?

8m Emma Smith, Managing Editor
Four reasons why SME owners should switch to cloud accounting

Accounting Software Four reasons why SME owners should switch to cloud accounting

9m Emma Smith, Managing Editor