Phishing for Data or a Real Verification Request?


Ring. Ring.


You: Hello. This is <Name>. How may I help you?


Unknown Person: Yes. I’m trying to verify the employment of <Employee>.


How many times, before you respond to a verification request, have you thought, ‘I sure hope this person isn’t a bad actor.’ Or, how many times, upon receiving a fax/email request, have you thought the same thing?


I enjoy fishing (especially fly fishing), but I think it’s safe to say that we all have a healthy fear of phishing.


I was talking to one of our clients the other day who happened to receive an email verification request on Sunday night (This was prior to them becoming a Verifent client.). As the owner of his company, he had the same thought, but had no legitimate way of identifying the identity of the individual making this request. And, to add to his suspicion, does a legitimate person really make a request like this on a Sunday night? This is a bad spot to be in.


On one hand, you don’t want to hold up your employee’s activity in the marketplace. On the other hand, you don’t want to release their information to someone not worthy of receiving that information. What do you do?


You could call your employee and ensure that the requesting verifier is legitimate…but that doesn’t solve your risk and liability issues. Nor is it efficient.


I had a different conversation with an organization in Tennessee who was receiving multiple verification requests from the same ‘company’ in a rather short period of time. This alerted their suspicion radar and they promptly ceased responding to the requests. It’s never fun to fly blind, especially when dealing with employee data that, when provided to the wrong person, can be used for identity theft.


Verifent is the compliant, safe, and efficient solution that gives you peace of mind. Through the Verifent portal, you will know that all verification requests are coming from a legitimate business with a legitimate business reason to ask for this data. With Verifent, there is no need to worry about phishing anymore.