Preventing Identity Theft in Your Business: How to Protect Your Business, Customers, and Employees


Identity theft in your business stops here

"This book strongly makes the case that identity theft is a very serious workplace problem today. It provides valuable guidance to business and industry HR practitioners on how to address the identity theft problem using I/O psychology. Beyond personnel selection, this book also describes the role of socialization and training programs for new employees, appraisal and feedback related to adherence to security procedures, and risk assessment of work processes in reducing ...

See more details below
$35.99 price
(Save 9%)$39.95 List Price
Other sellers (Hardcover)
  • All (12) from $1.99   
  • New (4) from $23.24   
  • Used (8) from $1.99   
Sending request ...


Identity theft in your business stops here

"This book strongly makes the case that identity theft is a very serious workplace problem today. It provides valuable guidance to business and industry HR practitioners on how to address the identity theft problem using I/O psychology. Beyond personnel selection, this book also describes the role of socialization and training programs for new employees, appraisal and feedback related to adherence to security procedures, and risk assessment of work processes in reducing identify theft in organizations. The writing is clear, easy to follow, and flows well. Highly recommended."
–Frank L. Schmidt, Distinguished Professor Tippie College of Business University of Iowa

Identified by the FBI as the top crime of the twenty-first century, identity theft is most commonly committed inside the workplace, and the victims are always a company's employees and customers. Executives, managers, and consultants can now use the latest tools and know-how for combating identity theft with the help of Preventing Identity Theft in Your Business.

Preventing Identity Theft in Your Business presents a comprehensive, four-factor model for implementing an effective information security plan and provides step-by-step guidance on employee selection and training. Brimming with exercises to make each approach easy to implement, this breakthrough guide explores how to:

  • Secure personal identification information across four fronts: personnel, processes, proprietary information, and virtual property, such as an e-business Web site
  • Implement a comprehensive security model, including Web site risk assessment
  • Screen and test employees who have access to sensitive information

Rich with real-world case studies illustrating how identity theft is committed and prevented, Preventing Identity Theft in Your Business clearly demonstrates how you and your employees can foster an honest work culture in your workplace.

Read More Show Less

Product Details

  • ISBN-13: 9780471694694
  • Publisher: Wiley
  • Publication date: 2/25/2005
  • Edition number: 1
  • Pages: 245
  • Product dimensions: 6.32 (w) x 9.24 (h) x 0.89 (d)

Meet the Author

JUDITH M. COLLINS, PHD, is Associate Professor of Industrial and Organizational Psychology in the School of Criminal Justice at Michigan State University (MSU), where she teaches information security management. She is also Director of MSU-Business Identity Theft Partnerships in Prevention and the MSU Identity Theft Crime and Research Lab, established in 1999 to work with businesses, law enforcement, and victims of identity theft. She publishes in academic journals, has been a guest on national and local television and radio shows, and is the subject of more than 100 newspaper articles. She is a frequent speaker and conducts law enforcement training throughout the United States.

Read More Show Less

Read an Excerpt

Preventing Identity Theft in Your Business

By Judith M. Collins

John Wiley & Sons

ISBN: 0-471-69469-X

Chapter One


The term "identity" is commonly used arbitrarily and imprecisely in popular media and literature, and the terms "identity theft" and "identity crime" are frequently used interchangeably. Occasional misuses or misinterpretations are not surprising because in the contemporary context, the traditional meanings underlying those concepts have become increasingly known as information and information technology (IT). Formal definitions of identity concepts are therefore in order.


The Oxford English Dictionary defines "identity" as "the set of behavioral or personal characteristics by which an individual is recognized." The traditional use of the word "identity" spoke to one's name, familial membership, and occupation (among other applications). The contemporary meaning of "identity" has, however, assumed a candidly IT connotation that extends traditional meanings to include such things as one's consumer and credit histories, financial accounts, and Social Security number. It is this contemporary usage of "identity" that is at issue when it comes to conceptualizing identity theft and identity crime.

Identity theft is a burgeoning crime of relatively recent origin. To be sure, identity theft is dynamic in nature, as it has evolved over time. As fast as new legislative definitions of identity theft have been framed and novel techniques for enforcing those definitions have emerged, identity predators have abandoned old methods in favor of new and sometimes ingeniously innovative approaches. As the crime has evolved, so also has its descriptions and definitions.

For instance, "identity theft," most commonly thought of as the theft of an individual's personal identifying information, has evolved to include a new twist: business identity theft.

Further, the theft and fraudulent use of Social Security numbers now assigned babies at birth has, most recently, led to child identity theft, much the same way the crime of adult pornography evolved to include those crimes on children. Also similarly, child identity theft is now considered a subset of a more general category of crime: personal identity theft. Additionally, "identity theft" is defined as a felonious crime per se, that is, as an offense in and of itself, wherein one party steals sensitive information from another, either an individual or a business entity.

Identity theft, however, is to be distinguished from identity crimes-those offenses committed using the stolen personal or business identifying information-or "identities." Thus, the conceptual relationship between identity theft and identity crime is that the former facilitates the latter. In short, stolen identities often are used to commit many other crimes, which is why identity theft also can be viewed as an all-encompassing or overarching megacrime. Legislation, investigations, and the prevention of identity theft can take different approaches, depending on the type of identity stolen. Thus, to mitigate and prevent identity thefts requires that each type of identity be clearly delineated: personal, business, and overarching.


Personal identity theft is the unauthorized acquisition of another individual's personally sensitive identifying information; personal identity crime is the use of such information to obtain credit, goods, services, money, or property, or to commit a felony or a misdemeanor. "Personally sensitive identifying information" means a person's name, address, telephone number, driver's license number, Social Security number, place of employment, employee identification number, demand deposit account number, savings or checking account number, credit card number, or mother's maiden name-information needed to obtain an original birth certification for a complete identity takeover. With a birth certificate, mother's maiden name, and a Social Security number, for example, other governmental documents and records can be accessed; a passport and visas successfully applied for; and driver's licenses, court records, and other information fraudulently obtained and used to commit identity crimes.

Perpetrators use stolen personal identities to drain checking, savings, and retirement accounts; create bogus checks; open new credit card and bank accounts; take over existing accounts; apply for telecommunication and utility services; obtain home, automobile, college-tuition and other loans; open retail accounts; purchase airline, rail, and other transportation accommodations; rent hotel/motel rooms; rent or purchase automobiles; pay for medical supplies, prescriptions, and healthcare services; obtain employment; engage in money laundering, drug trafficking, and other organized crime; and commit acts of terror against the United States. Some, but not all, of these crimes also are committed using stolen business identities, which are to be distinguished from personal identities.


Business identity theft is the unauthorized acquisition of a business's "business identifying information." Business identity crime is the use of such information to obtain credit, goods, services, money, or property, or to commit a felony or misdemeanor. "Business identifying information" means a business's name, address, telephone number, corporate credit card numbers, banking account numbers, federal employer identification number (FEIN), Treasury Identification Number (TIN), State Treasury Number (TN), electronic filing identification number (EFIN: Internal Revenue Service), electronic transmitter identification number (ETIN: Internal Revenue Service), e-business Web sites, URL addresses, and e-mail addresses.

Business identity theft has become increasingly common for three reasons.

1. Corporate credit card, bank, and other account statements generally have many more entries than the accounts of average individuals and, therefore, are more complex and less easily reconciled.

2. Corporate credit card accounts usually carry higher dollar limits than do individual accounts.

3. Many employees oftentimes are authorized to use a single corporate account. In this case, the theft and fraudulent use of the account number is less easily detected in the corporate credit card statement than in an individual credit statement, which contains fewer account entries.

Alarmingly, the theft of a business's state and federal identifiers has opened the doors to new crimes of business impersonations, such as "subsidiary" fraud. This is the registration, usually with a secretary of state, of a fraudulent subsidiary company using a legitimate business's identifiers. With the payment of a modest registration fee, in some states as little as $25, parasite subsidiary "businesses" can be formed and pose as legitimate businesses, incurring never-to-be-paid expenses for goods and services and obtaining cash through fraudulent business loans and other means. Sometimes these bogus entities defraud legitimate companies by invoicing them for services never rendered or by ordering merchandise that is then sold on the black market.

The most common personal identity crimes are credit card, bank, utilities, telecommunications, and retail (e-business and onsite) fraud. By comparison, the most common forms of business identity crimes are credit card, bank, retail account, and (of most recent origin) subsidiary fraud. These lists are growing. Increasingly, other crimes and new adaptations of crimes are being committed by using stolen identities, both personal and business-which is why the theft of an identity is, in and of itself, an all-encompassing and overarching crime.


Identity theft is the crime of the twenty-first century, because identity theft is a crime overarching and enabling many other types of crime. For example, stolen identities are used to commit credit card and bank fraud; retail account, utilities, and telecommunications fraud; mortgage and loan fraud; employment fraud; mail fraud; wire fraud; drug trafficking; money laundering; government documents and benefits fraud; prize, sweepstakes, and lottery scams; Internet auction fraud; online stalking and harassment; pornography distribution and consumption; human smuggling (women, children, and illegal immigrants); e-business fraud and a host of other cybercrimes; and terrorism.

According to federal authorities, identity theft is a key catalyst in funding terrorism. Most, if not all, acts of terror against the United States are thought to have been accomplished by the use of fake or stolen identities, including the bombings of the U.S. embassies in Kenya and Tanzania, of the USS Cole, of the Marine Corps barracks in Lebanon, of the World Trade Center in 1993, and the atrocities of September 11, 2001. The al Qaeda training manual describes "key missions" that consist of "blasting and destroying" places of amusement, bridges into and out of cities, and embassies. Not mentioned is the conversion of commercial airlines into homicidal guided missiles, although we now know that terrorists also financed these and other attacks using authentic (i.e., stolen versus fabricated) identities, impersonating real people with actual birth and credit records.

In fact, when leaving their training camps in Afghanistan or elsewhere, the "brothers" are provided five discrete sets of identities and given explicit instructions on how and when to use them. For example, when using the identity of a given individual, the impersonator is to speak the language of that individual and dress according to the custom of the individual's identity. Lesson 3 in the al Qaeda manual gives these instructions:

The brother who has special work status (commander, communication link ...) should have more than one identity card and passport. He should learn the contents of each, the nature of the (indicated) profession, and the dialect of the residence area listed in the document (p. 22).

In one reported case of identity theft, tens of thousands of foreigners illegally obtained Social Security numbers (SSNs) from the U.S. Social Security Administration. Such an action raises cause for great concern: Once terrorists secure stolen names, addresses, Social Security numbers, and other personal identifiers, they frequently use these identifiers to create bogus passports and driver's licenses, to open bank accounts, to rent automobiles, and to otherwise cover up their nefarious activities. Extremist groups target American businesses and institutions because of the severe financial impact their terrorist acts inflict. Identity theft, therefore, is an overarching crime that enables many other crimes, including terrorism and the devastation it wreaks.

There are no national security standards in place to prevent identity thefts and the resulting wave of identity crimes. Independent businesses are ruined, and, in the aggregate, the financial infrastructure and the very security of our nation are undermined. As will be shown, the effects on people and businesses already have been devastating.


Excerpted from Preventing Identity Theft in Your Business by Judith M. Collins Excerpted by permission.
All rights reserved. No part of this excerpt may be reproduced or reprinted without permission in writing from the publisher.
Excerpts are provided by Dial-A-Book Inc. solely for the personal use of visitors to this web site.

Read More Show Less

Table of Contents

Ch. 1 What is an "identity"? 7
Ch. 2 Identity theft : effects on victims 13
Ch. 3 Identity crime is entrenched 25
Ch. 4 Identity crimes are escalating 31
Ch. 5 Legal requirements for businesses 40
Ch. 6 Caveat Lector : let the reader beware 47
Ch. 7 The BISP plan : tighten your business borders 55
Ch. 8 Begin the exercises : identify your business identities 62
Ch. 9 Securing the people front : the security job analysis 73
Ch. 10 The people front : recruitment for security 85
Ch. 11 The people front : personnel selection for security 89
Ch. 12 The people front : select for motivation 99
Ch. 13 The people front : select for integrity and security 104
Ch. 14 The people front : select for interpersonal skills 112
Ch. 15 The people front : socialization, company culture, and the realistic job preview 118
Ch. 16 The people front : socializing newcomers to the honest company culture 125
Ch. 17 The people front : appraisal and feedback for performance and security 131
Ch. 18 The process front : secure business information processes 144
Ch. 19 The property front : the E-business web site 156
Ch. 20 The customer security program 165
Ch. 21 E-commerce "best practices" for customers 173
Ch. 22 The legislative process 178
Ch. 23 The HIPAA database 188
App. A The security standard checklist 199
App. B Checklist of team prerequisites 203
App. C Structured and formal brainstorming : step-by-step instructions 204
App. D Cause and effect analysis : step-by-step instructions 208
App. E The security focus group interview 211
App. F The security job description 213
App. G Industrial and organizational specialists in test development and validation 216
App. H One company's short- and long-term strategic plan 218
App. I The information process : definition, description, and illustration 220
App. J The Pareto analysis : definition, description, and illustration 226
App. K Forerunners in the support of identity theft legislation 230
Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted July 4, 2006

    Useful Guide on how to implement an identity-theft protection program

    Based on research conducted at Michigan State University, this step-by-step, practitioner¿s guide shows you how to implement an identity-theft protection program. Author Judith M. Collins includes useful background information about the types and frequency of identity thefts and identity crimes. She emphasizes the steps your company can take to prevent and remediate identity theft. She also provides a chapter on 'best practices' for customers and advises companies to include these best practices in their marketing materials. If your company is serious about dealing with identity theft, we recommend this book as an extremely useful guide.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)