Please note that this website will be undergoing maintenance on 9/5/2010, between 12:00 AM and 3:00 AM EDT. The site may be unavailable during this time.

Thieves scamming Colorado businesses

Using state Web site to get fraudulent credit
July 20, 2010

Colorado officials are warning the state’s roughly 800,000 registered businesses that scammers are changing and forging Colorado business identities to make large fraudulent purchases in the businesses’ names from a range of national retailers.

The Colorado Bureau of Investigation says that at least 35 state businesses have had their corporate identities that are registered with the state misused to open fraudulent credit accounts at retailers such as Home Depot, Lowe’s, Office Depot and Apple, according to a Computerworld report. The fraudsters have so far made at least $750,000 in purchases from Home Depot alone after opening up lines of credit there using forged corporate identities, state officials said.

State officials said the fraudsters have been able to perpetrate the scam because of a weakness in the state’s online system for registered businesses.

As with all states, Colorado requires businesses to register with the state, and to provide business details such as address, registered agent and other information that is public record. But Colorado’s system not only allows anyone to view that information, it also allows anyone to alter the information. The state’s Web site does not require users to input a username or password to change a company’s registration information.

The identity thieves apparently used this weakness to alter the contact and other registration information for a number of companies. The fraudsters then had the credit application information sent to the address of “virtual” offices they had set up.

Richard Coolidge, a spokesman for Colorado Secretary of State Bernie Buescher, said the state's decision not to use passwords and usernames to control access to the registration data goes back more than 10 years. It was designed to make the system easy to use and was put in place at a time when identity theft was not a rampant problem, Coolidge said.

Perhaps surprisingly, Colorado officials said they have no immediate plans to change how the state’s Web site works.

State officials said making such changes would require budget changes that have yet to be approved by the Colorado Legislature, which doesn’t reconvene until January.

State officials encouraged state businesses to sign up for an automatic e-mail notification that is sent any time changes are made to their registration data. That would allow businesses to immediately know whether their information had been altered, state officials said.

©2003-2010 Identity Theft 911, LLC. All rights reserved.

.
.