The number of identity theft cases reported to the Southern African Fraud Prevention Service (SAFPS) by end April 2014 had increased by 16% year-on-year to 1,370 and could exceed 4,000 by the end of the year if the trend continues.
According to Gianmarco Lorenzi, managing director of Cleardata, those operating in the educational, construction, mining and financial services industries are most at risk.
Lorenzi points to the Protection of Personal Information (POPI) Act which stipulates the requirements for safe record keeping for any documents containing personal details. "This Act does not only demand a safe record keeping system, but extends to include the secure destruction of records containing personal information."
The latest trends in corporate identity theft involve consumers receiving letters with official company letterheads stating that account details for their monthly instalments have changed and they must make payments to new account details.
"The consumer, thinking this is an authentic business letter, changes their payment arrangements to go into the fraudulent account. The scam comes to light when the business contacts the consumer to establish why payments are not being made, instigating reputational, legal or financial damage for the business as the customer wonders how their details were obtained by the fraudster in the first place," says Lorenzi.
Businesses need to realise that one of the easiest ways for criminals to conduct corporate identity theft is by going through a company's rubbish. "Most computers also have desktop publishing technology, which has made it far easier for fraudsters to scan and duplicate a variety of corporate documents - such as purchase orders, invoices, bank statements, cash and credit card receipts or even stock certificates - containing company logos."
Lorenzi says business records of any kind should never be put into a general waste or recycling bin, where it may be accessed by criminal's intent on identity theft. Instead, all business records that are no longer needed should be shredded.
Small businesses, especially those located in rural areas, may be at more risk, as they are often under the misperception that only larger organisations situated in urban areas are targets for corporate identity theft. "This is actually not the case. Businesses of all sizes and in all locations can be exploited and must therefore employ effective document destruction practices," he concludes.
