New scam takes advantage of Secretary of State’s business filing system
DENVER – Secretary of State Bernie Buescher and Attorney General John Suthers Thursday announced they’re teaming up fight a new form of impersonation: business identity theft.Both officials explained the decade-old Secretary of State’s business filing system, which has no password or PIN protections, has been exploited criminals changing contact names of at least 25 companies in Colorado, allowing the perpetrators to create and use those companies’ lines of credit and steal more than $750,000.
Suthers and Buescher said the protection system will not be changed; instead, they urged business owners to sign up for automatic alerts already in place that will email them in case of changes to their files.
“I guess it is only a natural evolution that eventually we would see people trying to steal the identity of corporations for the purpose of getting credit lines at businesses and credit lines at banks to borrow money with no intention to repay that money,” Suthers said of what amounts to months of credit filings and bank requests by perpetrators before they are able to take advantage of their new identity.
Ron Sloan, Colorado Bureau of Investigation director, said state officials were alerted to the scam in May after a medium-sized retail company reported that it had been the victim of identity theft. That theft amounted to $250,000.
CBI determined the thieves had accessed the company’s records online and changed the business address and business contact information using the Colorado Secretary of State’s website. This allowed the perpetrators to apply for and receive lines of credit in the name of the business.
Sloan said he did not want to disclose the name of the business as the case was still under investigation. However, he said that other major retailers have been targeted by the same scheme, including Home Depot, Apple Computers and Dell.
Sloan said word travels fast when something is successful in the criminal conspiracy industry, but that moving fast to shut it down will likely deter other from trying the same scam.
“It is an interesting industry, the criminal conspiracy industry,” Sloan said.
Of the cases being pursued, one is being run in conjunction with the Los Angeles County Sheriff’s Office and the U.S. Secret Service. Sloan explained that in that case five suspects have been identified and arrests have been made.
Buescher told the Colorado Independent that this type of criminal activity has been going on in the state for the last six to eight months. However, it is not known whether all of the cases are the result of one group of individuals or a number of lone wolves. Buescher said the cases all appear to be varied in their methods.
Buescher added that the system to sign and change business information on the site was first developed 10 years ago, and that to change it to create passwords and PIN numbers now would require five to seven new employees. The money is hard to find for a measure that he said likely would have little effect in stopping criminal activity in the short term. He said with more than 800,000 companies in the state and 70,000 transactions a month, the state simply couldn’t get it done in time and still maintain the budget. Buescher also said that in other states hackers have simply bypassed such protections.
Instead of passwords, both Buescher and Suthers are asking business owners to sign up with the Secretary of State Office’s notification system that will inform the owner whenever information is changed on their forms. Buescher said businesses have been alerted earlier this week through a number of associations.
He added they have also created a new website at www.protectyourbusiness.us that will provide information about corporate identity theft and links to law enforcement and the Secretary of States Office.
“What we need to do is put a significant speed bump in the way of criminals who are trying to do this,” Buescher said.