Small businesses need to do more to ensure they do not become victims of ID fraud, according to research conducted for National Identity Fraud Prevention Week.

The survey found that 92% of employees believed the identity of employees and clients could be stolen by a fraudster and 75% thought their organisation could do more to prevent such fraud.

Over half (56%) thought sensitive documents could be stolen from people's desks, 53% said papers could be taken from filing cabinets and 72% believed dishonest employees could deliberately leak information.

And 63% thought information could be stolen from the company's computer system while 56% said both employees' and customers' identities could be stolen from company bins. One in 10 staff even admits to putting sensitive documents straight into the bin while still intact.

"Businesses should be aware of the myriad of different ways in which their corporate identity can be used and abused; from theft of internet domain names to phishing or spam emails that pose as a legitimate business and damage their reputation," said Mike Cherry, home affairs chairman at the Federation of Small Businesses.

"Dealing with the aftermath of an event can be a costly headache. We urge businesses to think foremost about prevention, and training for staff that handle sensitive business information and that of their customers and clients."

Businesses are urged to implement the following precautions to minimise their risk of falling victim to identity fraud:

• Keep personal and confidential documents secure

• Always shred, using a cross cut shredder, before disposing of documentation

• Regularly check your bank and credit card accounts for unusual transactions

• Regularly obtain a copy of your credit report from credit reference agencies such as Callcredit, Equifax or Experian, and monitor it for discrepancies

• Never give out any personal information to unidentified individuals or organisations who contact you by phone, email or face-to-face

• Never respond to emails asking for personal or financial information. Be especially careful when sending personal information over the internet

• If you receive an email that warns, with little or no notice, that an account will be shut down unless you reconfirm billing or security information, you should not reply or click on the link in the email. Instead, contact the institution cited in the email using a telephone number or website address you know to be genuine

• Use up-to-date anti-virus software and a personal firewall and, if your computer uses the Microsoft Windows operating system, keep it updated from the Microsoft website. Be extra careful if using internet cafés or any PC which is not your own and over which you have no control

• Avoid emailing personal and financial information. Before submitting financial information through a web site, look for the ‘lock' icon on the browser's status bar. It signals that personal information is secure during transmission

• Never give personal information to people calling from companies you have not dealt with before. Always check the identity of these people by calling them back.Obtain their office number from directory enquiries and then confirm their position with the switchboard before speaking to them

• If you have been a victim of identity fraud involving the use of plastic cards, online banking or cheques, the matter should be reported direct to the financial institution concerned. They will then be responsible for further investigation and, where appropriate, onward reporting to the police. Other incidents should be reported to the relevant organisation and, dependent on their advice, to your local police station