Every Monday seems to mark the beginning of a new awareness drive and this week’s theme has particular importance to small businesses and IT - National Identity Fraud Prevention Week.

Accordingly, the FSB has joined a variety of public and private sector partners including the Metropolitan Police, Experian, Royal Mail and the Passport Service to warn consumers and businesses of the dangers of identity fraud, a crime which costs the UK economy over £1bn annually.

In a survey of over 1,000 businesses across several sectors released for the campaign today, 92% of employees confessed that the identity of staff and customers of their company could be stolen by a fraudster, 75% believe that their organisation should be doing more to prevent ID fraud while 63% believe that information could be stolen from the company’s computer system. Clearly, business has a significant role to play in helping to protect the identities of their customers and employees.

Fraud and online crime is a growing concern for small businesses. In volume terms, instances of low level crime against a business, such as criminal damage or vandalism are more frequent, however, the issue with fraud and online crime is that one event can be highly disruptive and even force a business to close.

Phishing attacks are a regular annoyance for small businesses, whether it’s a ‘special’ offer, a fake bank account in Nigeria or a scammer posing as the bank asking for your sort code and password. Businesses are becoming savvier and are now able to recognise them and press delete, but the scammers are also becoming more sophisticated.

The diversity of the small business community means that they are victim to fraud across the board from fraud via online banking, unauthorised direct debits/standing orders, the sale of eBay fake goods and scams through Skype and Paypal. A particular concern is the huge issue of theft of domain names, bought or used fraudulently by criminals and competitors. Spam emails are also sent using a legitimate business email address to seek out information from clients or simply to tarnish the reputation of the business.

The list is endless and includes fraudulent use of mailbox address and registrations at Companies House, using company name and addresses from websites to falsely recruit someone and obtain their personal details; fake Mortgage application; competitors using company names as tags through search engines to direct the customers elsewhere; impersonating companies and opening an account on eBay to sell fictional items using company name but false email address, business then gets billed...

Card-not-present fraud (when card details are fraudulently used over the phone, fax or internet) is also an increasing problem for retailers and small businesses relying on the Internet to sell products to national and international markets. Secure methods of obtaining payments such as Mastercard Securecode, Verified by Visa and PayPal are effective, but a lack of awareness means that customers can be put off when asked to register before completing the transaction, fearing a scam. Additionally, businesses are still charged for using the service, even if the transaction is fraudulent.

Taking preventative steps can help save a business such as implementing a secure Internet system and appropriately disposing of sensitive information, but this can only work if there is enough awareness of types of fraud and ways of protecting yourself.

Small businesses complain about the lack of reporting mechanisms, follow up and support available, particularly from the police, even where fraud worth thousands of pounds is involved. Businesses report that the police seem reluctant to get involved and criminals know they will get away with it. Better communication between police and businesses is necessary to catch repeat offenders:

There is clearly a role for little-known Regional Fraud Forums to reach out to small businesses and make information about prevention accessible, meanwhile Internet Service Providers must also take a more active role particularly over issuing domain names similar to existing companies and money being transferred online and perhaps banks should take more responsibility for credit card fraud rather than letting businesses bear the costs.

Of course businesses have a role to play such as using up to date anti-virus software and protecting their own, employee and customers’ personal and financial details. This week is a chance for all these organisations to work together and defeat this peril for the other 51 weeks of the year.

When identity cards first came to the attention of the public, many of us were concerned about EVEN MORE centralised information being in the hands of our government.– and now the validity of such concerns is clear to all : 25 million records including financial details, apparently routinely transferred, unencrypted, by junior officials onto standard CDs and put in the post, unregistered, unprotected except for passwords that schoolkids could break.

It almost sounds like an April Fool’s joke, it’s that inconceivable – except that this isn’t April and it’s no joke.  Data we trust our government to preserve is now, more than likely, in the hands of criminals – and what a bonanza. If the people of Britain don’t treat this disaster as a major wakeup call then heaven help us. Seems to me that the government is very good at apologising for getting it wrong but disastrous at not getting it wrong in the first place.  Between this and recent revelations of the TV companies ripping us all off, one could be forgiven for wondering if we’ve lost the plot somehow.

Many of you will know that a few weeks ago we had National Identity Fraud Prevention Week and clearly the FSB, with over 200,000 members has something to say on this. My own personal view is that identity theft, (which is one of the fastest growing crimes in the UK) is something we need to take very seriously. It seems that many of our smaller businesses are hanging onto sensitive documents instead of destroying them once done with - and worse still they're not doing enough to check on their customers and suppliers. 

Considering that the livelihoods of over 12 million employees are at risk this is something we should all be taking very seriously. I'm long past the point of trusting complete strangers who ring, fax or email and taking that attitude has saved me months of paperwork-chasing.  Your identity can be stolen in so many different ways, from email 'phishing' attacks  - for example FSBs members still respond to emails pretending to be from Barclays bank asking customers to update their personal details - to someone intercepting your post or even more complex scams where fraudsters can even manage to take over financial bonds in your name and open bank accounts.  One place I often point to for advice is www.stop-idfraud.co.uk which gives more advice and info to businesses about how to protect themselves. 

Businesses need to protect sensitive information not just about themselves but of their customers and clients too - sadly, research indicates that this isn't happening.