Believe it or not, identity theft happens incredibly often in the car industry. In the U.S., the number of reported consumer complaints of crimes that fall into this category has had a staggering increase in 2017, and it was only the beginning.
How to Prevent Identity Theft in Auto Industry
Identity theft in the auto industry can happen in a variety of ways and is somewhat of a minefield for most companies to navigate. One single breach could mean a call to an identity theft lawyer to attempt to remedy the situation.
As for the United States of America, various forms of car industry identity theft increased in 2017 by 43% (compared to 2016). According to online sources, there were nearly 10,000 reported cases, and we know that, as with most crimes, there are probably many more that have gone unreported or even unknown.
In that year alone, this was the 6th most common crime related to identity theft in the U.S., according to the Federal Trade Commission.
But Why the Sudden Rise in 2017?
Identity theft in the auto industry has been on the rise since 2017 and it seems that it may be because identity theft has mostly (or is believed to) transferred to social engineering and cyber technology.
It appears there is increasingly less regard for the actual real-time physical theft, counterfeiting, and fraud as our society as a whole is focusing on cyber technology and data protection rather than physical identity theft. It is for this reason that these types of crime have been skyrocketing in recent years, especially in companies of a more bureaucratic nature.
This is precisely why auto dealerships are targeted. According to reports, 68% of mid-size or small auto businesses in the U.S. have reported one or more cases of identity security breaches.
Businesses in this industry have become an easy target for this type of crime, and here’s why:
● Auto dealerships are considered “goldmines” of personal info as they usually require large amounts of personal information to close a deal.
● Some of the documents that are used in day to day business transactions include social security numbers, drivers licenses, credit cards, personal addresses, proof of address, bank statements, and even passports.
● A lot of this information is kept via hard copies (not digitized)
● Crowded workplaces are easily accessible to criminals
If you go to a car dealership right now, chances are you will see multiple customers and not enough employees to service them all. This means sensitive info and work stations are often left unattended for prolonged periods. Also, many car dealerships still use paper documents, which include the most sensitive information such as loan applications, purchase agreements, leasing contracts, and other financial statements.
All a criminal needs to do is stroll down to a crowded dealership, under the guise of a customer most likely, and wait for an opportunity to get access to many of these documents that are a real goldmine of personal information. Then, all they need to do is to copy the paper documents, and the crime is undetected until it is too late, and the consequences are severe.
However, car dealerships are fighting this heavily because it is in their interest to protect their customers’ sensitive data, not just because of their business but because it is demanded so by state and federal law. Let’s take a look at some things that both the customers and dealerships can do to protect themselves and the consumer:
Choose Secure Car Dealerships
Use a ‘One-in-One’ Rule
The “one-in-one” rule states that you should get rid of original documents as soon as you can get a more recent version. This goes for customers, but even more so for dealers. It will help them keep a tidy workplace and everything neat and easy to check.
Implement A Clean Desk Policy
Companies in the auto industry should all strive to direct their employees, from top to bottom, owner to the sales associate, to keep their work areas, stations, and desks clean at all times. This means no papers or electronic documents with personal and sensitive information left unattended at any time. In fact, any information that is no longer needed and that has fulfilled its use is to be properly disposed of in accordance with data protection laws.