What Should You Do if You Suspect You Are the Victim of Identity Theft?

Identity theft has become a growing concern in modern life. The Federal Trade Commission (FTC) received fraud reports from 2.4 million consumers in 2022, and nearly 1.1 million of them were related to identity theft. By all accounts, that number is set to increase even more for 2023.

Criminals who steal your identity can wreak all sorts of havoc in your life. They can open new credit cards, take control of your accounts and lock you out of them, use your health insurance to get medical procedures in your name and file for government benefits, just to name a few things.

Regaining control of your identity can be a long and laborious process which takes contacting each government or financial institution where your identity was compromised one by one. In the meantime, you could lose thousands of dollars and suffer long term damage to your credit.

In light of all this, it’s crucial not only to understand the signs of identity theft, but also to know how to protect yourself from identity theft in the future. In this article, we’ll look at some possible signs of identity theft, as well as how your identity could have been compromised in the first place. Read on to find out how you should respond if you suspect you are an identity theft victim.

Signs of identity theft

Identity theft can be hard to detect when it initially happens. However, there are some red flags that should arouse your suspicion and warrant further investigation.

If you receive a password reset email that you did not request yourself, it should be an immediate cause for concern. Similarly, if you are unable to access your accounts with your usual login credentials, or encounter two-factor identification where you did not set it up, it could be a sign someone has stolen your personal information and used it to take over your accounts.

Banks and credit card issuers have grown more savvier detecting unusual charges that could indicate your card or card number has been stolen. They will usually call or text you immediately to verify charges they think are suspect. When this happens, it’s easy for the lender or credit card company to put a security freeze on the credit account, refund the charge and issue a new card.

However, because they may not always pick up on fraudulent charges, it’s essential to review your credit card and bank account activity regularly, as well as your bank statements. If you see a charge you do not recognize, your account may have been compromised.

Receiving emails and other notifications of credit cards or accounts you didn’t apply for is another red flag. If you are denied a new credit card when you assumed your credit was sufficient, it’s possible that identity thieves have opened fraudulent accounts in your name and let them go delinquent, lowering your score. Calls from creditors or debt collectors about purchases you never made are a sign of this, as well.

How does identity theft happen?

Thieves can steal your identity in a myriad ways. They can do it in the real world by stealing your wallet or phone, or sifting through your trash for documents with personal identifiable information (PII). They can also do it online through a combination of data breaches, phishing and social media, or over the phone via imposter scams and catfishing.

Below are some of the most common ways your identity could be compromised.

Data breaches

A data breach is when hackers break into an organization’s systems and steal the personal information of their customers en masse. This information may include personal data, social security numbers and bank account and credit card numbers. Organizations of any size can be the target of a data breach: government agencies, businesses large and small, non profits, etc.

The largest data breach of 2023 was the Norton Healthcare Data Breach, which affected approximately 2.5 million people. Although data breaches are often impossible to predict, you can take steps to protect yourself after a data breach and minimize the damage.

Phishing/ imposter scams

Phishing and imposter scams are when criminals pretend to be someone they are not — e.g. representatives of a company or government organization — to gain your trust and fool you into handing over money or personal information. Phishing can happen over email, text, phone or social media.

Generally speaking, you should not comply with anyone soliciting personal information or money over these methods of communication. Unless they can corroborate their identity and who they represent, they are most likely a scammer.

Never respond to unfamiliar emails or texts. Always click on an email’s sender box to reveal the email address it's coming from. You may find that it’s not an actual company account. If you are still unsure, you can always visit the company’s website and get in touch with them directly to verify any correspondence.

Malware

Malware is software that hackers employ to gain unauthorized access to your computer or other devices. Adware, spyware, trojans, worms and viruses are all different types of malware.

Generally, malware arrives in emails or texts as links. Scammers may pose as representatives from a company for which you are a customer and trick you into clicking the link. Then, malicious software is automatically downloaded to your device, which could give them full access to your passwords and other sensitive information.

Lost or stolen wallet, phone, devices, documents

Wallets, purses, digital devices and physical documents contain a treasure trove of personal information that scammers can use to steal your identity. Your wallet alone contains your license and credit cards, or even your social security card — which you should NEVER keep there.

Criminals that gain access to your phone could make purchases, access your email and bank accounts, and obtain personal photos. Moreover, if you are the victim of real world burglary, thieves can obtain your personal information from the documents you have stored in your house, such as tax returns, bank statements and birth certificates.

Credit card skimming

Skimming is when scammers install special devices inside the ATM slot where you insert your debit or credit card. These devices read your card information and enable the scammer to create a clone version of your card. ATMs inside banks or busy stores are less likely to be targeted than those at outdoor locations, like on the street or outside a gas station.

How should you respond to the theft of your identity?

There are a number of things you can do if your identity has been compromised. The following actions can help mitigate the damage that has already been done and get you on the road to regaining control of your identity.

Credit freeze - Contact each of the three major credit bureaus (Transunion, Equifax and Experian) and ask them to freeze your credit report. This will stop scammers from opening new accounts.

Report identity theft to the FTC - Filing an identity theft report with the FTC makes it easier to begin repairing the damage caused by identity theft because it corroborates that your identity has been stolen. The FTC will create a recovery plan where they walk you through the steps and track your progress. You can call the FTC at 1-877-438-4338 or visit IdentityTheft.gov.

Notify your account issuers of fraud - Call your bank and credit card issuers to indicate the accounts where fraud has occurred. They will issue you new ATM, credit or debit cards and, if your account number itself has been compromised, they will close your account and open a new one.

Notify issuers of accounts you cannot access/ change passwords on those you can - If scammers have gained control of your accounts and changed their passwords, contact those companies directly and explain the situation to their fraud department. Once you have proven who you are, you can ask them to reset your login credentials so you can regain control.

In the meantime, change the passwords on any accounts that you can still access. We recommend using one of the best password managers to automatically generate strong passwords.

Notify government agencies and insurance providers - If you’ve lost your social security card, contact the Social Security Administration immediately at 1-800-772-1213. For lost driver’s licenses, contact your local DMV. If your health insurance account has been compromised, contact your health insurance provider.

Install antivirus software - The best antivirus software should be able to locate and remove any malware that is on your device. It can also protect you from future threats.

Summary of Money’s What Should You Do if You Suspect You Are the Victim of Identity Theft

It’s crucial to know the signs of identity theft and be prepared to act swiftly if you see them. Unrecognized charges, password resets you didn’t initiate, and sudden, unexplained drops in your credit score could all be evidence your identity has been compromised.

Depending on the information the scammers have stolen, freezing your credit file, notifying the appropriate accounts and credit reporting agencies of fraud, and regaining control of compromised accounts are all ways of reclaiming your identity.

If you want the best chance of stopping ID theft before it starts, you may want to check out the best identity protection services.