Skip to Content

Protecting Your Employees from Identity Theft and Cybercrime

An HR director called me in a panic early Tuesday morning. Someone had phished their payroll login, changed 19 employee bank accounts to their own, and run payroll to the tune of $110,000. Not only had this money been stolen, but the employees’ information had been exposed, including bank account numbers.

“Unfortunately, cybercriminals don’t discriminate. They don’t care what you earn or your net worth; they just want to duplicate your identity to carry out their fraud,” said Mark Panelli, Allstate Identity Protection Director for the Pacific Northwest, a leading identity protection benefits provider. “It’s not a matter of if your identity gets stolen; it’s when and to what extent.”

If it seems like this is happening more since the pandemic started, you’re correct. In fact:

  • There has been a 600% increase in cybercrime during COVID-19.
  • Unemployment fraud skyrocketed by 3,000% during 2020.
  • Identity theft has become the #1 most frequent scam in the U.S. over the past year.

This article focuses on offering your employees identity theft protection as a benefit, but I would be remiss not to mention that you should have cyber liability coverage in place to protect your organization. Here’s an article from our Commercial Insurance Department about that coverage:

So What Can Employers do to Protect Employees?

My client that suffered this recent crime was able to implement identity theft protection and monitoring for their employees within 24 hours of the incident as an additional benefit. These services have been around for a few years, but are more important now than ever to protect employees’ identities, alert them to any risks, and offer additional support for remediation.

What to Look for in an ID-Monitoring Benefit

Here are the key categories and features you should expect in a robust ID theft and monitoring benefit:

Identity Monitoring:

This covers most things you would think about when considering digital health, like monitoring your credit cards, bank account transactions, social media, and other financial transactions. However, it’s also prudent to include things that you might not often check, like your 401(k) and HSA. Many carriers offer reimbursement coverage on these items as well, sometimes as much as $1 million. Dark web and IP address monitoring may not be top of mind, but are also vital. This coverage often extends to all the family under your roof, including any deceased family members – a morbid thought, but important when protecting identities from fraud.

Credit Monitoring:

Another critical leg of the identity theft protection stool is making sure you monitor all three credit bureaus (called tri-bureau monitoring). If you only check one bureau and someone uses your ID on one of the other two, that will eventually be shared with the others, but this takes time, which is crucial when dealing with identity theft. Fraud alerts, credit freezes, annual tri-bureau reports, and monthly score tracking are also important features.

Customer Care/Remediation

As with any benefit, it’s important to consider the user experience should you need to use it. That’s where customer care comes in. Ensure that it features 24/7 access and remediation help. This advocacy will provide significant stress relief for your employees, so it’s good to review and note if remediation services are in-house, located in the U.S., and what kind of certifications/trainings are required. Be aware that most policies will reimburse your out-of-pocket costs, many times up to $1 million, which is some peace of mind and something the customer care can walk you through.

Employee Education:

It’s important to educate employees on their provided benefits and ensure they take advantage of them. Identity theft monitoring companies should have an abundance of education tools, which will be necessary for engagement as it takes some time to enter all the required information.

It is more important now than ever to protect employees identities. Alert them to any risks and offer additional support for remediation

Who’s Paying?

This benefit, like many others, can be offered as employer-paid, which features better pricing, or as a voluntary benefit paid by the employee. Based on your organization’s size and the chosen services package, prices range – think basic cable TV versus platinum packages with HBO. For example, a top identity theft company offered employer-paid rates for companies of 250 or less at $5.25 for an employee or $7.25 for the entire family per month, compared to $9.95 for an individual employee and $17.95 for the family when employee-paid. Prices also go down based on the organization’s size for the employer-paid benefit due to the spread of risk across a bigger group.

“It was important for us to protect our employees’ identities and is in line with our mission to protect our greatest assets– our people,” said the affected HR director.

Much like a virus, identity theft has spread to the point that it seems nearly inevitable that we will all be infected. Still, this low-cost employee benefit can act as a vaccine for your workforce’s digital fingerprint. Keeping them and their family protected, in addition to keeping them productive with remediation aid, make it a worthwhile benefit to consider, so much so that some in the industry have even begun to call identity and cybercrime protection benefits “digital health and wellness.”

Contact Parker, Smith & Feek’s Benefits Department to learn more about this and other strategic benefits that can help support your organization.

References and Resources

  1. Top UN official warns malicious emails on rise in pandemic, The Associated Press.
  2. Unemployment Benefits Fraud Jumped Nearly 3,000% Last Year. Here’s Why, Forbes Media LLC.
  3. Consumer Sentinel Network Data Book 2020, Federal Trade Commission.

The views and opinions expressed within are those of the author(s) and do not necessarily reflect the official policy or position of Parker, Smith & Feek. While every effort has been taken in compiling this information to ensure that its contents are totally accurate, neither the publisher nor the author can accept liability for any inaccuracies or changed circumstances of any information herein or for the consequences of any reliance placed upon it.

Return to Articles index