In this article:
Identity theft and fraud protection for your finances, personal info, and devices.
Is Someone Using Your Identity?
When Jessica Roy’s wallet was stolen from a San Francisco bar, the criminals didn’t just take her credit card and cash — they stole her identity. Over the next few years, scammers used her identity to steal a Tesla, buy a new iPhone, and write bad checks totaling over $13,000 [*].
Unfortunately, Jessica’s story is far from unique. According to the Federal Trade Commission (FTC) [*]:
Reports of identity theft have more than doubled in the past two years, making it the fastest growing crime in America.
What makes identity theft so dangerous is that it can be hard to spot before it’s too late.
In this guide, we’ll show you how to check if someone is using your identity and what to do if you see the warning signs of identity theft.
How To Know If Someone Is Using Your Identity
- Errors on your credit report
- Suspicious transactions on your bank statements
- Your health insurance benefits are used up
- Your tax return is rejected
- You’re locked out of your online accounts
- You start to receive more spam
- Missing or unexpected physical mail
- Lost (or stolen) IDs
- You receive strange employment documents
- Notifications from a data breach
- You receive password reset requests
- Alerts from an identity theft protection tool
Left unnoticed for too long, identity theft can seriously damage your credit, financial security, and reputation. Follow these steps to see if someone is using your identity:
1. Errors or fraudulent accounts on your credit report
Three of the top four most-reported types of identity theft in 2022 were financial crimes (loan, bank, and credit card fraud). One of the surest signs that your identity has been stolen is if criminals are trying to take out loans or open new financial accounts in your name.
You can check for suspicious or fraudulent activity on your credit report — such as new accounts or lines of credit in your name or a sudden drop in your credit score.
How to check your credit report for signs of identity theft:
You can access free copies of your credit report from each of the three major credit bureaus at AnnualCreditReport.com. It’s important to check all three reports (Experian, Equifax, and TransUnion) as lenders sometimes only report to one or two of the credit reporting agencies. This means you could miss the early warning signs of fraud if you only check one.
When checking your credit reports, look for:
- Fraudulent accounts. Check for new credit cards or other accounts you don’t recognize or that have co-signers you didn’t authorize.
- Inaccurate personal information. Identity thieves may change your address or phone number to hide their tracks. Make sure all of your contact details are up to date and accurate.
- Incorrect employment history. Some fraudsters may use your stolen identity to illegally obtain work — which will show up in the employment section of your credit score.
- Hard inquiries you didn’t request. If scammers try to take out loans in your name, they can show up as hard inquiries on your credit report.
Zoom out: It’s nearly impossible to keep constant tabs on all of your credit reports. With Identity Guard, you get three-bureau credit monitoring with near real-time fraud alerts. Save up to 33% when you sign up for Identity Guard today and protect your finances.
💡 Related: Was Your SSN Found on the Dark Web? Do This →
2. Suspicious transactions on your bank and credit card statements
Along with your credit report, your monthly credit card and bank account statements can also contain warning signs that your identity has been stolen. It’s important that you check your bank statements as soon as possible — or better yet, sign up for a service that monitors them for you and can alert you to suspicious activity like over-limit transactions or withdrawals.
Here’s what to do:
- Set a time each week/month to go over your statements. Check your bank, investment, and credit card accounts for unfamiliar transactions. Flag anything and follow up with either the vendor or your bank or credit card company.
- Don’t ignore small transactions. Identity thieves may make small purchases to test if a card or account number works before moving on to larger ones.
- Watch out for calls, letters, or emails from debt collectors. If scammers have taken out loans or credit cards in your name, the debts could end up going to a collection agency. By law, debt collectors have to give you information about the amount owing — such as who the original lender was and when it took place. This info can help you dispute fraudulent debts as part of your recovery plan.
3. Your health insurance benefits are used up
Medical identity theft occurs when scammers use your health insurance information to receive medical care or use up your benefits.
Fraudulently obtained health information is 20–50x more valuable on the black market than other stolen data [*].
If you suddenly find that your health care benefits have been all used up when you know they shouldn’t be or there’s incorrect information in your health file, it can be a sign that your identity was stolen.
Here’s what you should do:
- Look for signs of medical identity theft. For example, if you’re denied health insurance coverage, receive bills for unfamiliar medical procedures, equipment, or prescription drugs, or have inaccurate information in your medical history.
- Thoroughly review all medical statements and explanations of benefits (EOB). Look at the services you’re being billed for and make sure you actually received them. Are the dates correct? If you see any red flags, contact your insurance company.
- See if your stolen health information is for sale on the Dark Web. Unfortunately, a free Dark Web scanner most likely won’t be able to tell you if your medical identity has been compromised. Instead, you’ll want to opt for an identity theft protection service with Dark Web monitoring, like Identity Guard.
💡 Related: How To Protect Your Personal Information Online and In Real Life →
4. Your tax return is rejected
Another common sign that someone is using your identity is if your tax return is rejected or you receive unexpected letters from the Internal Revenue Service (IRS). Scammers may use your identity to file fraudulent tax returns and steal the refund.
The number of tax-related fraud cases increased by 91% last year, according to the IRS [*].
If scammers use your information for tax purposes, your tax return will either be denied (because someone has already filed one in your name), or you’ll be told you’re being audited due to inconsistencies with your refund.
Here’s what to do:
- Check for unfamiliar tax documents. Scammers may not change your home address, meaning you could receive tax documents that you didn’t request. Be especially cautious if you receive a strange W-2, 1099, tax transcript, or Employer Identification Numbers (EINs) that you never requested. .
- Log in to your IRS.gov account and look at your refund status. You can check your tax records, what you owe, and the status of your tax refund online at IRS.gov. Also, beware if you receive a notification for an IRS.gov account that you didn’t open.
- Thoroughly vet any tax preparer you’re working with. Fraudsters sometimes work as tax preparers and modify your returns to scam you out of your refund. If a tax preparer doesn’t sign your return or can’t explain discrepancies on your return, they could be a scammer.
Zoom out: Claim your IRS.gov account (if you haven’t already done so). This gives you an easy way to see if anyone else is trying to file taxes in your name. You’ll need photo identification to verify your identity.
5. You’re locked out of your online accounts
Your online account credentials are often more valuable to scammers than your SSN. With access to your email address, scammers can request password resets that allow them to access your bank or investment accounts, scam your friends and family over social media, and find sensitive information and photos to use to blackmail you.
Here’s what to do:
- Look for signs that you’ve been hacked. For example, if your passwords no longer work, an online account looks suddenly different, or there are strange messages in your “sent” folder.
- Audit your online accounts, and delete unused ones. The average American has 150 online accounts — making everyone vulnerable to the thousands of data breaches that happen every year [*]. Try to keep track of accounts you currently have, and delete old ones — especially e-commerce sites where you store your credit card information.
- Use strong passwords and a secure password manager. Use passwords that are at least 10 characters long and include a combination of upper and lowercase letters, symbols, and numbers. For added security, store all of your credentials in a password manager. This tool not only securely stores all your passwords – it can also warn you if your accounts have been compromised or if you’re using a weak password that could easily be hacked.
💡 Related: Social Media Security Tips & Best Practices →
6. You start to receive more spam emails, texts, and mail
The average American receives 31 spam calls and 20 spam texts per month [*] (not to mention their share of the hundreds of billions of spam emails sent every day). But while we’ve all come to accept spam as a part of our lives, these messages can often be a sign that someone is using your identity.
If scammers gain access to your personal information, they could use it to sign up for services, apply for new credit accounts, or open new online accounts. So, while a credit card offer in the mail might seem like junk mail, it could be a sign that you’re the victim of fraud.
Here’s what to do:
- Don’t ignore spam calls, texts, or emails. An increase in fake text messages and scam calls could mean that your phone number is being used by a scammer.
- Check the name and information on junk mail before throwing it away. Look for credit offers or new cards for accounts that you didn’t open. If in doubt, call the bank or financial institution and inquire about the account.
- Regularly check your spam folder for emails about accounts you don’t recognize. Spam filters do a great job of protecting your inbox, but they could also cause you to miss red flags indicating identity theft. Regularly check for messages about accounts you didn’t open — but never click on links in spam emails. These could infect your device with malware or send you to phishing sites.
💡 Related: What Happens if You Open a Phishing Email? →
7. Missing or unexpected physical mail
Mail theft is still one of the most common ways that scammers gain access to your sensitive information. Credit card statements, payslips, or tax documents can give con artists everything they need to steal your identity.
Here’s what to do:
- Be suspicious if your mail disappears or stops coming. Some fraudsters use a change-of-address scam to alter your address to one they control — rerouting your sensitive mail right to their doors. If you think this is the case, call your local post office to confirm your address.
- Secure your mailbox and sign up for USPS informed delivery. Informed Delivery® is a free service that lets you preview your incoming mail each day and track letters and packages. This way, you’ll know if anything is missing.
- Shred documents before throwing them away. Shred anything that contains account numbers, your SSN, or even your full name, birth date, and phone number.
💡 Related: What Documents Do You Need To Shred (Besides Tax Documents)? →
8. Lost (or stolen) identification documents
A missing wallet, purse, or ID can quickly lead to identity theft. If you’re missing any government-issued ID (especially a driver’s license or passport), you are at high risk of identity fraud.
Here’s what to do:
- Keep a checklist of what cards you keep in your wallet or purse. A list will help you check if something is missing. Make sure you regularly go through your wallet or purse to see if anything is gone.
- Don’t carry sensitive IDs, such as your Social Security card, with you. Keep your Social Security card, Medicare card, and extra credit cards at home in a secure place. The fewer cards you carry with you, the less chance there is of one going missing.
- Beware of “shoulder surfers.” Scammers wait in public places to spy on you as you use your credit cards or other documents either in stores or online.
💡 Related: Lost Your ID? Here Are The Risks (and How To Protect Yourself) →
9. You receive strange employment or benefits documents
If scammers steal your SSN, they can use it to apply for government benefits or get jobs for which they otherwise wouldn’t qualify. Unfortunately, finding out if someone is using your SSN isn’t easy.
Even worse, with the amount of information leaked in data breaches over the past few years, many cybersecurity experts warn that it’s almost guaranteed that your SSN is for sale on the Dark Web [*].
Here’s what to do:
- Beware of any mail regarding an unemployment (or other) benefits claim that you didn’t make — especially if it’s from a different state. You should also look out for signs that someone has applied for benefits in your name, such as receiving an IRS form 1099-G reflecting benefits that you weren’t expecting to receive.
- Sign up for a “mySocial Security” account. The Social Security administration’s free online service allows you to fill out online applications and estimate benefits. But it also will alert you if someone tries to open a duplicate account (using your SSN), logs in to your account, or tries to receive benefits in your name.
- Don’t give out your SSN over the phone. Scammers often call pretending to be from a government agency and ask you to “verify” your SSN. This is almost always a scam.
💡 Related: Facebook Messenger Scams: What Are They & How To Avoid Them →
10. Notifications from a data breach or Dark Web monitoring tool
These days, most scammers rely on leaked data on the Dark Web to run their scams. Fraudsters sell account passwords, bank account and credit card numbers, or even SSNs for as little $2 on the Dark Web [*].
While there’s little you can do to remove your personal information from the Dark Web, a Dark Web monitoring service can help alert you to what's been compromised, which can help you protect yourself against identity theft.
💡 Related: What To Do If a Scammer Has Your Social Security Number →
11. You receive password reset requests or 2FA codes you didn’t request
Once scammers have access to some of your personal information or online accounts, ID theft can quickly escalate.
One sign that criminals are trying to gain access to more of your digital life is if you start to receive unprompted password resets or two-factor authentication (2FA) codes. This usually means that scammers already have some of your passwords and are trying to access more sensitive online accounts — such as your bank or email.
Here’s what to do:
- Never share passwords, PINs, or 2FA codes. If anyone asks you for this sensitive information, they’re trying to scam you.
- Make sure you’re using unique passwords for all of your accounts. If you reuse passwords, a single breach can compromise all of your accounts. Be especially careful with any account that you’re receiving password requests for.
- Beware of giving third-party apps too much access to your data. Many apps allow you to “Sign in with Google/Facebook/etc.” However, scammers may use this as a way to access your sensitive data. Be cautious when signing up for new services and instead use a strong and unique password.
💡 Related: Is Your Google Account Hacked? How To Tell & What To Do →
12. Alerts from an identity theft protection solution
No matter how much time or energy you put in, it’s impossible to constantly check if someone is using your identity. That’s where identity theft protection services come in.
For a small monthly fee, services like Identity Guard will monitor your most sensitive information across public records and databases, websites, and the Dark Web. You’ll be alerted if anyone is using your PII, trying to access your credit history, or opening new accounts in your name.
With Identity Guard, you get:
- $1 million in identity theft insurance to cover eligible losses and costs associated with identity theft.
- 24/7 U.S.-based fraud resolution specialists who are ready to answer your questions via phone or email and help you deal with the fallout of fraud.
- Award-winning identity theft protection that monitors your personal information online, in public records, and on the Dark Web.
- Three-bureau credit monitoring with near real-time fraud alerts.
- Bank account, 401k and investment account, and high-risk transaction monitoring to keep your personal finances and assets safe.
- Online and device safety features such as a secure password manager and Safe Browsing tools.
How Does Identity Theft Happen?
Identity theft happens whenever scammers or hackers use your personally identifiable information (PII) without your permission. This includes your name, address, phone number, Social Security number (SSN), and other sensitive data.
Fraudsters have found a nearly unlimited number of ways to get their hands on this information — from phishing emails posing as government agencies to fake websites and scam phone calls.
But in many cases, they don’t even need to steal your personal information from you. In the past few years, data breaches at major companies have leaked billions of pieces of personal information to the Dark Web — including SSNs, email addresses, passwords, and credit card numbers.
While most identity thieves are after financial information, scammers have evolved their schemes to target their victims in other ways, such as:
- Medical identity theft: Scammers use your health information to steal your benefits, order medical equipment and prescription drugs, or receive care in your name.
- Tax identity theft: Fraudsters file taxes in your name in order to steal your refund.
- Criminal identity theft: Con artists use your identity during traffic stops or when arrested for crimes — putting your name on a police record (or worse).
- Account takeover fraud: Hackers break into your online accounts to steal your money, scam your friends and family on social media, or find sensitive information in your email inbox.
- Government benefits fraud: Bad actors use your PII to apply for government benefits, such as unemployment or COVID-19 relief funds.
- Employment identity theft: Scammers use your identity to apply for jobs they otherwise wouldn’t be able to get due to background checks or work eligibility issues.
The numerous types of identity theft make it hard to always know if you’ve been a victim. So, how can you check if someone is using your identity?
💡 Related: What Information Do Cyber Criminals Steal? →
What To Do If You’re the Victim of Identity Theft
- Lock or freeze your credit file immediately. A credit freeze (or lock) prevents scammers from opening new accounts with lenders or taking out loans in your name. You should also take this opportunity to request a free credit report from the major credit bureaus to check for signs of fraud.
- File an official identity theft report with the FTC at IdentityTheft.gov. An FTC report is essential for disputing fraudulent transactions and proving you were the victim of identity theft.
- Call your bank and other financial institutions. Talk to the fraud department and explain what happened. They’ll most likely close your accounts and cancel your debit and credit cards (and provide you with new ones).
- Update your online accounts with new, unique, and secure passwords. Use a password manager to store your new passwords in a safe place so they’re always ready for you — but untouchable by scammers.
- Set up two-factor authentication (2FA) whenever possible. This is an additional security measure that requires a special code or biometric authentication to access your accounts. Try to use an authenticator app instead of SMS for receiving your 2FA codes.
- File a police report if you have information that could lead to an arrest. Bring all of your documentation (including your FTC report) when you speak with the police. If the crime took place in a different city or state, you’ll also need to file a police report with local law enforcement in the municipality where the crime took place.
- Contact any other impacted government agencies. For example, contact the IRS for tax fraud or the DMV if your driver’s license was stolen. If you were a victim of tax-related fraud, complete the Identity Theft Affidavit (Form 14039), or call 800-908-4490.
- Notify the Social Security Administration (SSA). If you believe your Social Security number was compromised, contact their fraud hotline at 1-800-269-0271, or submit a report online.
- Protect your devices and networks with a VPN and antivirus software. A VPN (virtual private network) encrypts your data so that hackers can’t spy on you, while antivirus stops scammers from infecting your devices with malware.
- Consider identity theft protection. A credit monitoring service alone isn’t enough. You need a comprehensive identity theft protection service to ensure true peace of mind.
💡 Related: 11 Steps To Take Immediately If Your Identity Has Been Stolen →
The Bottom Line: Protect Yourself From Identity Theft
Identity theft has become the latest crime epidemic to sweep the nation.
Unfortunately, it’s nearly impossible to constantly look for all of the warning signs that indicate someone is using your identity. Instead, join the over 38 million people who have trusted Identity Guard to keep them safe from scammers and fraudsters.