EMINUTES places cookies on your device to give you the best user experience. By using our website, you agree to the placement of these cookies. Please read our updated Privacy and Cookie Policy.

Jun
10 • 2026
Share
Article

Monitoring Your Corporate Identity to Prevent Business Identity Theft

We’ve written before about the problem of business identity theft, including why it’s important to keep the IRS updated on your business entity’s “responsible party” to fight the specific problem of identity theft tax refund fraud.[1] Business identity theft is a much broader issue than that, however.[2] A widespread concern is the “increasing number of business identity fraud cases involving unauthorized changes to business records on file with Secretary of State offices.”[3] The National Association of Secretaries of State has explained how this particular version of business identify theft works:

State trends make it very clear that criminals are looking to exploit state filing systems and business registration websites for financial gain. Typically, they try to file bogus reports with Secretary of State offices or manipulate online business records in order to steal sizeable amounts of cash and property using fraudulently obtained lines of credit. These fraudsters attempt to change the registered business address, appoint new officers, or change registered agent information on file with the state. Using altered records, which appear to indicate that they have the authority to act on behalf of a victim entity, the criminals can then apply for credit accounts with various retailers.[4]

California’s Secretary of State has likewise noted that one common business identity theft scheme involves criminals “[f]iling bogus documents with the Secretary of State’s office in order to change the business’[s] registered address or the names of directors, officers or managers of the company, which can later help thieves establish lines of credit with banks and retailers.”[5]

Business identity theft can be devastating to the small and mid-sized businesses that tend to be targeted by identity thieves.[6] As far back as 2010, Colorado officials began warning business owners about the “sharp increase in business identity thefts involving altered business records that were accessible online as part of the Secretary of State office’s business registration system.”[7] The state reported that, at that time, more than 300 businesses had been victimized by identity thieves, with total losses of more than $3.5 million (in 2010 dollars).[8] In a number of those cases, the criminals had altered the businesses’ registration information on file with the state, and then used the altered information to apply for credit from various retailers.[9] Around that time, Georgia similarly reported business identity theft cases in which the state’s online business records had been altered and used to open fraudulent lines of credit. The Georgia cases impacted hundreds of businesses and resulted in millions of dollars of losses.[10]

Stopping determined criminals from engaging in fraud can be challenging. But one step businesses can take to combat identity theft is to monitor their online records to make sure no information has been changed without their knowledge or authorization. The California Secretary of State recommends that businesses check their filings with the Secretary of State “[a]t a minimum … at least once a year.”[11] This is especially important in “off” years in states, like California, which require certain types of business entities to file information with the secretary of state only every other year.[12]

 

[1]See eMinutes, Keep the IRS Updated on Your Business Entity’s “Responsible Party” to Fight Identity Theft Tax Refund Fraud (Jan. 15, 2022); see also eMinutes, Why Identity Thieves Want You to Let Your Corporation Die on the Vine (Oct. 22, 2018).

[2]See Nat’l Ass’n of Secretaries of State, Developing State Solutions to Business Identity Theft: Assistance, Prevention, and Detection Efforts by Secretary of State Offices (Jan. 2012) [“NASS White Paper”].

[3]Id. at 2.

[4]Id. at 6.

[5]Cal. Sec’y of State, Secretary of State Business Identity Theft Resources.

[6]See NASS White Paper, supra note 2, at 6 (“Criminals tend to target small and mid-sized businesses with strong credit ratings, which can be easily identified through credit agencies.”).

[7]Id. at 7.

[8]Id.

[9]Id.

[10]Id.

[11]Cal. Sec’y of State, Secretary of State Business Identity Theft Resources.

[12]See Cal. Corp. Code § 17702.09 (requiring domestic and foreign limited liability companies to file a statement of information with the Secretary of State biennially).