Protecting yourself from identity theft

AVOIDING IDENTITY THEFT

  1. Do not disclose your full nine-digit Social Security number unless absolutely necessary, and never use it as an identifier or password. Question those who ask for it.
  2. Avoid paper billing by requesting secure electronic statements instead. If you require hard copies, you can print and store them safely without risking mail theft.
  3. Lock your mailbox if it's lockable.
  4. Shred documents containing personal information (name, account numbers, social security number, birth date) before throwing them away. 
  5. Configure your computer and/or smartphone to require a password for use, and set another password for sensitive files. Use unique passwords that include a combination of letters, numbers, and symbols. Do not use your birth date, a close relative's birth date, or a combination of letters and numbers on Splashdata's annual list of the most stolen passwords.
  6. Avoid using the same password for different accounts, and change your passwords once or twice per year.
  7. Install and update antivirus, anti-malware, and security programs on all computers, tablets, and smartphones.
  8. Don’t disclose information commonly used to verify your identity on social networking sites, such as date of birth, city of birth, mother’s maiden name, name of high school, etc. If you do, don't use that information to verify your identity.
  9. Avoid using credit or debit cards or conducting online banking transactions or making purchases, paying bills, or sending sensitive information over unsecured WiFi networks (e.g., any network without a password log-in, such as on trains, at airports, coffee shops, or hotels).
  10. Disable Bluetooth connections on devices when not in use.
  11. Watch out for “phishing” and other “social engineering” scams. Phishing is when identity thieves request personal information by pretending to be a legitimate entity, such as a bank or the IRS. Ignore unsolicited requests for personal information by email or over the phone, and only contact entities by means you know to be authentic. Do not contact an entity by clicking a link sent as part of an email requesting personal information, because phishers often link to authentic-looking, fake webpages. You can also call the phone number on the back of a card previously issued to you, or call the phone number on an old statement from that issuer. 
  12. Fight “skimmers.” Do not give your debit card to a restaurant server or anyone who could have a hand-held skimming device out of sight. When using an ATM, look for suspicious cameras and holes, and touch to confirm that extra parts (loose or slightly different colors) have not been installed over the card reader. Always cover your hand while hand typing a PIN, and avoid using ATMs in secluded locations.
  13. When accessing financial information on your smartphone, only use apps authorized by your bank or published by reputable app makers. Apps that show thousands of downloads are probably safe. Do not access apps on public open wi-fi.
  14. Place security, or credit freezes, on your credit report. Our separate “security freeze” tips explain how to guarantee peace of mind against new account identity theft by freezing your credit reports, then thawing them only when you are in the credit markets. A creditor will deny credit to an imposter who applies for credit using the name and Social Security Number of a consumer who has placed a freeze.

DETECTING IDENTITY THEFT

  1. Check your monthly statements for unauthorized charges. Be suspicious of phone calls about surprise debts.
  2. Sign up to receive email and/or text notifications of account activity and changes to account information.
  3. Instead of paying for over-priced subscription credit monitoring, use your free annual credit reports by law as your own credit monitoring service. Every 12 months, federal law gives you the right to receive one free credit report from each of the three main consumer reporting agencies, Equifax, Experian and TransUnion. Instead of requesting three at the same time, request one credit report from one of the bureaus every four months. Verify that the information is correct, and an account has not been opened without your knowledge. Free credit reports are available online at AnnualCreditReport.com or by calling 1-877-322-8228. Seven states – Colorado, Georgia, Maine, Massachusetts, Maryland, New Jersey and Vermont also provide an additional free report by state law, available by contacting each bureau directly.

Types of Identity Theft:

Federal law recognizes two sorts of identity theft—existing account fraud and new account (account takeover) identity theft.

Existing Account Fraud: Victims of data breaches where only their account numbers were taken are well-protected by law, although victims of lost debit card numbers may face bounced checks and cash flow problems until the bank replaces their funds. The Electronic Funds Transfer Act (EFTA) provides for no liability if you notify the financial institution within 60 days if only your debit card numbers are stolen. However, if you actually llose a debit card or other device that can access your bank account, your liability could be up to $500 if you fail to notify the bank within 2 days of finding out about the loss and could increase even higher if you fail to notify the bank within 60 days. Under the separate Truth In Lending Act, credit card customers are always well protected by law, never facing liability of greater than $50 for fraudulent use of a card.

New Account Identity Theft: A thief who obtains your Social Security Number may attempt to open new accounts in your name. This form of identity theft is difficult to clear up. A thief who obtains your email address may contact you in a phishing scam to try and trick you into providing your SSN and birth date, which are the keys to new account identity theft. Thieves apply for credit with your name, your SSN and their own address. The creditor then obtains a credit report and issues credit to the thief.

Be Wary of New Types of Identity Theft: Note that online tax preparers and the IRS itself have been hacked, resulting in tax refund fraud. Health insurance data breaches may result in medical services theft. A federal agency, the Office of Personnel Management (OPM), has recently been breached. Detailed security clearance dossiers that were taken provide thieves with the opportunity to commit new account identity theft and could subject victims to reputational risk and emotional harms, since information on possible marital affairs, drug and alcohol abuse treatment, previous arrests even without convictions, may have been taken.

WHAT TO DO WHEN YOU DETECT NEW ACCOUNT IDENTITY THEFT

Step 1: Notify your financial institutions.

If you discover that your wallet, checkbook, credit card or other sensitive information has been lost or stolen, immediately notify the issuing bank, credit card issuer, or relevant institution to close all existing accounts. 

Step 2: Get an Identify Theft Affidavit.

If you suspect identity theft, report it to the Federal Trade Commission using the online complaint form or by calling 1-877-ID-THEFT. When making the report, you will be given an option to receive an Identity Theft Affidavit. This document, together with the police report, will be critical to minimizing the damage.

Step 3: File a police report.

If you believe you are a victim of identity theft, file a report with your local police department. When you make the report, bring a copy of the Identity Theft Affidavit. The police report will be important for insurance purposes. Keep copies of the police report and Identity Theft Affidavit.

Step 4: Contact the three major credit reporting companies and place a fraud alert on your accounts. If you haven’t already, it’s time to place a security freeze.

An important next step is to place a fraud alert and a security freeze on your credit report. Placing a fraud alert tells businesses checking your credit rating that there may be fraud involved in the account. The fraud alert must be renewed after 90 days, and it entitles you to receive one free credit report from each of the main agencies. The security freeze stops anyone from seeing your credit report without your permission. Alerts and freezes can be placed by contacting the toll-free fraud number of any of the three consumer reporting companies noted below. Initiating a credit freeze does not impact your credit score.

  • TransUnion: 1-800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790
  • Equifax: 1-800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
  • Experian: 1-888-EXPERIAN (397-3742); www.experian.com; P.O. Box 9554, Allen, TX 75013

Step 5: If your social security number was stolen, contact the Social Security Administration.

File a report and access resources at www.idtheft.gov. You can also call 1-800-772-1213.

MORE IDENTITY THEFT RESOURCES


 

Issue updates

News Release | U.S. PIRG | Consumer Protection

Joint Statement Opposing Exceptions to CFPB Payday Rule

We've joined 10 other leading consumer, community, religious and civil rights organizations to oppose exemptions to a strong CFPB payday and auto title lending rule and to reiterate our opposition to an exception that has already been considered and rejected that would allow lenders to make longer-term installment loans without considering a borrower’s ability to repay so long as the payment did not exceed five percent of a borrowers’ income.

> Keep Reading
Blog Post | Consumer Protection

You might not know this about overdraft fees | Kathryn Lee

Did your bank sell you on the idea that it’s embarrassing for you to have your debit card declined for a $3 cup of coffee, and that you should pay them $35 each time for “overdraft protection”? Those big fees are what’s embarrassing. Unless you say yes to allow fees, you cannot be charged for over-drafting your debit card.

> Keep Reading
News Release | U.S.PIRG Education Fund | Consumer Protection, Make VW Pay, Transportation

Framework for VW Settlement Announced

Statement by Mike Litt, Consumer Program Advocate at U.S. PIRG Education Fund, on todays announced VW settlement. For more details on what a strong settlement agreement ought to look like, please see the open letter that we released earlier this week with other consumer and environmental groups.

> Keep Reading

Open Letter Calling on Procter & Gamble to be Toxic-Free

An Open Letter to the CEO of Procter & Gamble calling on the company to Pledge to be Toxic-Free

> Keep Reading
News Release | U.S.PIRG Education Fund | Consumer Protection, Make VW Pay

Leading Groups Send Criteria for Evaluating VW Settlement

Four leading consumer, environmental, and public health organizations wrote an open letter in advance of the April 21st deadline set by U.S. District Judge Charles R. Breyer for a proposal that deals with Volkswagen’s emission scandal.

> Keep Reading

Pages

The biggest credit card complaint: your bill

Billing disputes, interest rate issues and fraud concerns are the most frequent complaints filed by credit card users, according to a new report issued this week by the Public Interest Research Group. The consumer advocacy organization examined all 175,000 complaints filed with the Consumer Financial Protection Bureau (CFPB) since it began taking complaints in 2011, including 29,000 filed against credit card issuers, to determine the ranking.

> Keep Reading
News Release | U.S. PIRG Education Fund | Consumer Protection

Report: Capital One Most-Complained-About Credit Card Company

WASHINGTON – Consumers file more complaints about Capital One than any other credit card company, according to a report released today by U.S. PIRG Education Fund. The report, which looked at data from the Consumer Financial Protection Bureau’s (CFPB) public Consumer Complaints Database, also found that consumers in the District of Columbia and Delaware are most likely to file credit card complaints.

> Keep Reading

An error in your credit report? Complain to the feds

A mistake in your credit report can have serious consequences. It can hurt your ability to get a credit card, qualify for a loan, rent an apartment or even be hired for a job.
Find an error in your file and you want it corrected – quickly. But that doesn’t always happen. What do you do then? Complain to the Consumer Financial Protection Bureau (CFPB).

> Keep Reading
News Release | U.S. PIRG | Consumer Protection

Advocates Decry Harm Done to Consumers by Forced Arbitration

On date of CFPB field hearing in Dallas to release report on forced arbitration clauses in consumer contracts, U.S. PIRG, Americans for Financial Reform, National Consumer Law Center, National Association of Consumer Advocates and Public Citizen issue joint release. From the release: “Unfair arbitration clauses encourage unfair corporate practices and sloppy customer service,” said Ed Mierzwinski of U.S. PIRG. “If your customers cannot take you to court, why should you care about their complaints? We urge the CFPB to act quickly to ban forced arbitration clauses in financial products and services contracts.”

> Keep Reading
News Release | U.S. PIRG Education Fund | Consumer Protection

New Report Analyzes Complaints About Credit Bureaus

WASHINGTON— According to new analysis from the U.S. PIRG Education Fund, thousands of consumers with errors on their credit reports are getting relief through the Consumer Financial Protection Bureau (CFPB). The report also found that credit reporting agencies vary widely in how they respond to consumer complaints: Equifax responded to over half with relief, while Experian responded with relief to only 5 percent. 

> Keep Reading

Pages

Blog Post | Public Health, Consumer Protection

Preventing the Chobani Mold Problem

The constant stream of food recalls has made one thing clear: more needs to be done to protect Americans from the risk of unsafe food. Instead we’re seeing important rules, standards, and inspections that could significantly improve food safety getting blocked, underfunded, or delayed, allowing the drumbeat of recalls to continue.

> Keep Reading
Blog Post | Consumer Protection

FTC to hotels: Nuisance add-on fees deceptive | Ed Mierzwinski

The FTC has warned 22 hotel chains that add-on fees, such as resort fees, may be deceptive. Meanwhile, air passenger groups are asking consumers to petition the White House to require that the Department of Transportation's FAA require full disclosure of airline fees.

> Keep Reading
Blog Post | Consumer Protection

Bank fee report challenges conventional wisdom on fees | Ed Mierzwinski

Our latest Big Banks, Bigger Fees report, released today, finds that the conventional wisdom that "free checking is dead" is false. Find out more.

> Keep Reading
Blog Post | Consumer Protection

FTC recovers over $500 million from "get rich" and "lose weight in 3 minute abs workout" scammers | Ed Mierzwinski

The FTC today announced a $25 million settlement with the marketers of the Ab Circle Pro, an exercise machine that promises you can lose weight and get ripped abs in "just 3 minutes a day;" meanwhile, a federal judge has also approved a $478 million settlement in the FTC's case against a "get rich quick" infomercial king. A good day for consumers.

> Keep Reading
Blog Post | Consumer Protection

Bumbo, CPSC Recall Baby Seat Linked To Skull Fractures | Ed Mierzwinski

The U.S. Consumer Product Safety Commission (CPSC) and Bumbo, maker of a baby seat linked to at least 21 skull fractures, have announced a repair recall to install a free safety belt. U.S. PIRG and other consumer groups had pressured them to act.

> Keep Reading

Pages

View AllRSS Feed

Support us

Your tax-deductible donation supports U.S. PIRG Education Fund’s work to educate consumers on the issues that matter, and the powerful interests that are blocking progress.

Learn More

You can also support U.S. PIRG Education Fund’s work through bequests, contributions from life insurance or retirement plans, securities contributions and vehicle donations.