There are several steps you should take after discovering your identity has been stolen such as getting a copy of your credit reports, contacting your credit card issuers and banks, reporting the theft to the FTC and placing a security freeze on your credit.
Read on to learn more about identity theft and what you can do to mitigate the risks of having your identity stolen in the future.
Signs Your Identity Has Been Stolen
Here are a few signs to look out for if you suspect that you’ve been a victim of identity theft.
Unfamiliar charges on your credit card statements
You should always be aware of the charges that appear on your statements and take the time to look through them closely. If you notice a charge that wasn’t made by you, it’s possible that your identity may have been stolen. Double check that you were not the one who made the charge before you begin taking the necessary steps to reporting identity theft.
New inquiries on your credit report
An inquiry refers to a credit check that was done using your name which has appeared on your credit report. If you were not the one who authorized a credit inquiry, it’s likely that your identity was stolen and is being used to take out credit under your name. You should take action immediately whenever you notice a new inquiry that you did not authorize.
Different addresses on your credit report
While it’s normal that your credit report includes current and previous addresses, including work addresses and P.O. boxes, if one of the addresses does not match any you have been associated with, there’s a chance your identity has been stolen and you should report it immediately.
How Identity Theft Happens
There are many circumstances that can lead to your identity being stolen. Here are some to look out for.
You were recently involved in a data breach
Companies you have accounts with store all of your sensitive data and information including, but not limited to, payment details. If one of the companies you have an account with experiences a data breach, it’s possible that the perpetrator may have gotten away with your personal data, making it easier for them to steal your identity.
You fell for a phishing scam
Phishing is a social engineering attack that aims to persuade you into revealing sensitive information by making it sound urgent. Phishing scams can occur in many forms including emails, text messages and phone calls. If you think you’ve fallen for a phishing scam, it’s possible your identity may have been stolen, depending on the information you shared.
8 Steps to Take After Discovering Your Identity Has Been Stolen
If you discover that you’re a victim of identity theft, the steps and time it takes to recover can differ depending on the type of identity theft.
Here are a few steps to take after discovering you’re a victim of identity theft.
1. Report it to the FTC
The Federal Trade Commission (FTC) is a federal agency that helps compile information about identity theft cases. While the FTC cannot pursue criminal charges, they can help compile information that may be used to report the identity theft to authorities and track down the perpetrator.
To report an identity theft to the FTC, visit www.identitytheft.gov. They’ll ask you to provide as much information as you can about the identity theft and provide you with a recovery plan and pre-filled forms, as well as letters you can use throughout your recovery process.
2. Contact your credit card issuers and banks
Contact your banks and credit card issuers so they can shut your credit cards down before the thief gets away with any of your money. If the thief has already spent or withdrawn money from your accounts, notifying your bank makes them aware that those are fraudulent charges and can work towards recovering your financial losses.
3. Freeze your credit
For extra protection, you can freeze your credit by contacting each of the three credit bureaus:
Experian, TransUnion and Equifax. You must contact each bureau separately. Freezing your credit with one bureau and not the others can put your credit at risk since lenders use different credit scoring models. Freezing your credit will block access to your credit reports and prevent anyone from accessing it until you lift the freeze. Meaning, if the identity thief attempts to open a new line of credit and your credit is frozen, they won’t be able to get approval for it.
You can unfreeze your credit at any time, you’ll just need to go through a verification process before the freeze can be lifted.
4. File a police report
It’s only necessary to file a police report for identity theft in certain circumstances, such as:
- You know the person who stole your identity.
- Your identity was used to commit a crime, also known as criminal identity theft.
- Your financial institutions require you to provide a police report to resolve disputes.
- You know information about the thief that the police can use to find that person. For example, an address in the same city you’re in.
5. Change the passwords for your online accounts
It’s possible that your identity could have been stolen through breached accounts, so make sure you take the necessary steps to secure your online accounts by changing your passwords to ones that are strong and unique to each account.
You can change your passwords quickly with the help of a password manager. Keeper Password Manager offers a free 30-day trial so you can start securing your accounts right away. Make sure you also enable Two-Factor Authentication (2FA) as an extra layer of security. When 2FA is enabled, it requires you to verify your identity with an additional method before logging in by delivering a code via email, SMS text message or authentication app.
6. Request an IRS Identity Protection PIN (IP PIN)
An IP PIN is a six-digit number that the IRS assigns to you to help prevent the misuse of your social security number or Individual Taxpayer Identification Number (ITIN) on your federal income tax return.
You can apply for an IP PIN by going to www.IRS.gov/getanippin. Once you go through the verification process, you’ll be provided with an IP PIN immediately and you’ll get a new IP PIN every year. Once you’re enrolled, there is no way to opt out.
7. Report or replace identification cards
In some cases of identity theft, it may be necessary to replace lost or stolen identification cards such as your driver’s license, Social Security card and passport.
Social Security card – you can apply for a new social security card online on the U.S. Social Security Administration website.
Driver’s license – if you believe your driver’s license has been lost or stolen, you can report it to your local DMV and request a replacement.
Passport – you can report a lost or stolen passport online or through the mail. You can find more information about how to get a replacement passport on the U.S. Department of State website.
8. Inform debt collectors you’ve been a victim of identity theft
When your identity is stolen, you may start receiving calls from debt collectors telling you that you owe money. Make sure you notify debt collectors you’re a victim of identity theft and those debts were not authorized by you, so they should stop contacting you. The FTC also has a sample letter you can use to send to debt collectors to inform them about your identity theft.
Ways to Mitigate the Risk of Identity Theft in the Future
There are several ways you can lessen the risk of having your identity stolen in the future. Here are a few.
Actively monitor your accounts for suspicious activity
Keeping an eye on your accounts is always important because noticing suspicious charges or logins can lessen the risk of having your identity stolen. This is because the sooner you notice, the sooner you’ll be able to act before it escalates further.
Secure your sensitive data and documents
The best and most secure way to store your passwords, as well as sensitive data, documents and files is by storing them in an encrypted cloud-based vault such as a password manager. Keeper Password Manager has an add-on called Secure File Storage which allows you to store files such as documents and pictures. Keeper’s zero-knowledge security architecture ensures that only you can access and decrypt your stored files, no one else.
Use strong, unique passwords for each of your accounts
To keep your accounts secure, along with your identity, you should always follow password best practices when creating your accounts. Password best practices include:
- Creating passwords that are at least 16 characters long
- Not reusing passwords across multiple accounts
- Using a combination of uppercase and lowercase letters, numbers and symbols
- Enabling 2FA/MFA when given the opportunity
- Using a password manager to store your passwords
Learn how to spot phishing
In a world where phishing is becoming increasingly common, it can be hard to tell who you can trust and who you cannot trust. Phishing is a sophisticated social engineering attack that attempts to persuade the victim into disclosing sensitive information. Phishing attacks can be disguised as emails, phone calls and text messages, which is why it’s important you learn how to spot them.
When it comes to spotting phishing attacks, be aware of emails or text messages asking for sensitive information unsolicitedly and with urgency. If you’re not the one who initiated contact, this should come as a red flag since companies typically won’t ask you to reveal sensitive information or click on links and attachments.
Shred your mail before throwing it away
Mail often contains sensitive information that can be used to steal your identity. This is why it’s important to always shred your mail before throwing it away.
To simplify this process, you can opt-in for paperless statements on your banking accounts, so you never receive your physical banking statements through the mail. Most banking institutions have an option to go paperless in your account settings.
Stay Protected From Identity Theft
Identity theft can not only affect you financially, but it can also take an emotional toll. Learning the signs of identity theft can help you spot it before the threat escalates any further.