In Florida, a small business owner was flooded with calls from job seekers responding to a want ad on the company's website. Only problem was, the company wasn't hiring and had no ads posted. According to the Orlando Sentinal:
What the firm eventually found was the Internet trail of a global identity-theft scheme that uses stolen corporate information to try to scam hundreds of thousands of job seekers. The complex con uses bogus websites, bulk e-mails, fake job applications and bank fraud to steal people's money and personal data.
Meanwhile, in Colorado, thieves are also stealing corporate information, via the company's public records, to create bogus corporate credit accounts. In this case, the security hole appears to be in the government system. An article in the Denver Post stated:
The nation's secretary of state offices-the agencies that usually register corporations and maintain public databases on them-have few protections to stop the Internet-based theft. In Colorado, for example, anyone can access the online databases and make changes since there is no password protection.
The Florida story involved a small business. Many of the victims in Colorado are large corporations.
One would think there'd be an easy fix in Colorado-password protect the databases so that only an appropriate representative of the company can access and change information-but officials there say this would be too expensive. (The companies who had their identity stolen and credit destroyed may disagree.) Right now an e-mail alert system is set up, notifying the company whenever the records are updated. The problem there is companies have to sign up to get the alerts and less than a quarter have done so.
This type of corporate identity theft is still relatively new, but, according to the Denver Post piece, it is likely to spread, especially as other states have lax protections on public records.
Job-hunting scams similar to the one in Florida are on the rise, according to FBI statements, most likely as a result of the recession. But in this case, the identity-theft victim is doing something to strike back. He's suing the thieves, even though he has no idea who they are. The Sentinal article stated:
Design 2 Keys' suit accuses the anonymous defendants of corporate identity theft, computer-related crime, forgery, racketeering, and other forms of fraud. It seeks unspecified damages and restitution.
The actual thieves will likely never be caught and, even if they are, because it appears this particular scam is generated from European counties, there is little the U.S. court system can do. But if nothing else, the business owner hopes the lawsuit will generate more awareness of this scam.