The 9 things you should do if you become a victim of identity theft 2023
We may earn a small fee from the companies mentioned in this post.
Discovering you have become a victim of identity theft can be a shock to your system. It can also cause stress as you attempt to understand how this could happen and what tasks you need to perform to minimise the impact.
Identity theft can be described as someone that uses your personal information without your permission in order to commit fraud or other crimes. This can include using your credit card to make unauthorised purchases, opening new accounts in your name, or taking out loans that you are responsible for. However identity theft is described the impact can be significant to the victim.
If you suspect you have become a victim of identity theft then you should read this article. It is important you follow the 9 steps detailed within this blog and take action as quickly as possible to minimise the impact of this crime.
If you become a victim of identify theft you should take immediate corrective action to prevent financial loss and reverse the damage as quickly, and as painlessly, as possible.
The first question you may ask yourself is ‘how to check if someone is using my identity’ and ‘what can I do about it’.
If you are a victim of identity theft then you will probably discover this through a fraudulent letter from a debt collection agency. If you do receive one of these letters research the collection agency to ensure the letter is legitimate. Some scammers use fake letters to seek personal information, they attempt to build trust with their victims before stealing data or money.
Once you establish the company and the letters are legitimate, you should inform the collections agency that you have become a victim of fraud and identity theft (more on this later).
Checkout our informative article on what a cyber attack means
The 9 things you should do if you become a victim of identity theft
1. Don’t Panic
Whilst it is completely normal to panic, you need a clear head to handle the situation methodically. The earlier you are able to take corrective action the better your chance of reversing the situation.
2. Contact Action Fraud (UK)
So what is step one if someone steals your identity? Well if you live in the UK you should report the incident to Action Fraud, which is the UK’s national fraud and Internet crime reporting centre. They’ll advise on the steps you need to take and any other organisations you should contact. Other countries will have their own respective agencies.
3. Contact Financial Institutions
Next, contact all your financial institutions such as banks and investment companies to inform them about the identity theft. You can also request copies of recent activity on any accounts that may be affected. To address identity fraud It will also help if you have access to your credit reports at this time.
4. Contact the Credit Reference Agencies
You should then contact one of the three major credit agencies (TransUnion, Experian and Equifax) to place a fraud alert on your credit report. This will notify creditors that you suspect someone has stolen your identity.
5. Check your credit report
If you’ve been a victim of identity theft, then it is very important to see the full picture. This means accessing your credit report from the credit reference agencies (Experian, Equifax and TransUnion).
Once you have your report, which can be accessed online in a few minutes, you can see if there are any new searches taken out in your name or accounts opened that you did not apply for.
You can then immediately contact the lenders alerting them that you have become a victim of identity fraud and with the help of the credit agencies, start to address the issues.
Each of the credit agencies will have dedicated and knowledgeable support teams available to help victims clear up their credit reports, deal with lenders and help tackle your identity fraud.
You must first check your credit report either online or via a report sent in the post (online is quicker and speed is of the essence here). If you are not comfortable with using the Internet to view your credit report, you may wish to seek the assistance of someone you trust who is more technically inclined.
The credit agencies fraud teams will be able to assist you clearing up your credit report. This can include:
Disputing all fraudulent information with lenders
Discussing additional security options such as Cifas or a credit report password
Future report check-ins by our fraud team
Once your information has been disputed and confirmed as fraudulent, the lender will remove this from your report.
6. Add a Notice of Correction
If you’ve recently been a victim of identity theft, then adding a notice of correction password to your report might be a good idea.
Credit reference agencies recommend this if you’ve been a victim or suffered a house burglary or robbery where important identification documents may have been stolen.
A Notice of Correction allows you to add a password onto your credit agency account to help prevent any further attempts of fraud. The result is that the lender has a legal obligation to manually look at your file, rather than a credit request going through an automated process. This will identify you have recently become a victim of identity theft
7. Contact lenders if you’ve received any bills, statements or demand notices
If you’ve received any suspicious communications either through the door like statements or bills, then you should contact each specific lender directly, informing them that you didn’t open the account.
The lenders will initiate their own investigation and it would be advantageous to have your credit report available at this time. The lender may also request a police incident number as well, which you should have when you reported the crime.
The lender should have their own dedicated team and processes to assist you, they would almost certainly have encountered issues similar to yours so fully understand what actions they and you need to take.
8. Ensure your computers are secure and malware free
One of the most common causes of identity theft is malware infiltration on home computers. It would be worthwhile checking all your computers and smart devices are full updated with the latest operating system updates and ensure all your computers have updated anti-virus.
9. Ensure you keep records of all your actions
It is important to clearly document the actions you have taken when addressing the impact of identity theft. It is highly possible you may need to clearly demonstrate to your bank or financial institution the steps you have taken once you suspected identify theft.
You should use an electronic spreadsheet or a word document detailing every action you take and response. Keep any emails and take the names of the officials you speak with.
A documented timeline of events can demonstrate you are not to blame and have taken responsible steps to limit the damage.
Dealing with the emotional impact of identity theft
It can be difficult to deal with the emotional impact of identity theft. You may feel betrayed, frustrated, or even scared about what might happen next.
Victims of identity theft often feel completely overwhelmed by the events that can appear out of their control. This can also cause a psychological pain of loss, anger, betrayal, and even embarrassment. There can also be an uncontrollable feeling of helplessness and isolation.
The embarrassment aspect can stem from feeling ashamed that you have done something wrong, or you have been naïve and gullible. Even though in reality identity theft can affect anyone and at any time.
Some people even believe this is a punishment or they deserved to have this happen to them as they didn’t do more to protect themselves, or their family. It is very important that you remember that no one deserves to be a victim of identity theft, and whilst you may question every decision you have made, this really isn’t your fault, you have been a victim of a crime that was not your fault.
Nevertheless this crime can trigger a deep feeling of financial insecurity, and perhaps the safety of your family. It may also affect your ability to trust again.
These feelings are completely normal, and a natural reaction to crime to which you have become a victim. What is very important is that you take the actions outlined within this blog and improve and learn from the experience.
It is also very important for you to regain your emotional balance as quickly as possible, recognising and accepting your fears, frustrations and apprehensions.
Never lose sight that you are the innocent victim, so be honest with your family who can remove some of the weight from your shoulders. There is every possibility that your closest friends and loved ones will offer encouragement and the support you need at this time.
Some victims may even lose the ability to function and cope with everyday activities. This can be a sign of depression. Symptoms including exhaustion, anxiety, drinking, forgetfulness, or an unwillingness to leave home or even their bed. You should seek the assistance of a health professional who will be able to assess you.
Even if you don’t feel overwhelmed, talking to a trained professional who specialises in crime victims can be very helpful. You are not in this alone, there is help out there if you require it, always remember this. There are many options to assist with identity theft victim assistance. Read and follow the advice within this article and seek help from the bodies listed at the end of this blog.
CIFAS
CIFAS is UK’s leading fraud prevention service, the Credit Industry Fraud Avoidance System. It is a service that enables organisations to share data about suspected fraudulent activity, in order to help prevent further fraud from taking place.
CIFAS provides a protection service for individuals whose identities are at heightened risk. The service works by prompting CIFAS members to carry out extra checks to prove your identity to prevent further fraud.
This can mean that genuine applications take slightly longer to process while checks are carried out. The CIFAS Protective Registration will remain in place for 24 months, unless you request its removal. You will not receive an email notification when the registration is due to expire.
If your identity is stolen what are you liable for
If your identity is stolen, you ‘could’ be liable for any financial losses that occur as a result of the theft. This could include fraudulent credit card charges, unauthorised loans taken out in your name, or other types of financial fraud.
If money has been taken from your bank account without permission, there are certain steps you should take. This is whether your identity has been stolen, your card cloned, there’s been an unrecognised bank transfer or you’ve been the victim of a scam.
If someone has used your card in a store or online, you’re covered under the Payment Services Regulations.
The regulations state you must be refunded immediately if you’ve had money taken from your account without your permission.
If your debit card has been used without your permission you must report any unauthorised payments immediately. This is because you’re liable for any losses before it has been reported, this is up to a maximum of £50 (UK). However, this is often waived if you report the fraud quickly. Importantly, the onus is on the credit card company to prove you were negligent.
If a fraudster makes an unauthorised payment on your credit card, you’re covered under the Consumer Credit Act (UK).
It is more likely that a fraudster will attempt to open bank accounts, or apply for credit cards and loans in your name. If this happens, contact your bank, or respective finance company immediately and ensure you keep all correspondence.
If you’ve done nothing to compromise the security of your account, you should get your money back. But this isn’t guaranteed.
A refund may be delayed if your bank has ‘reasonable’ grounds and can prove you have been negligent with the security of your account. If the bank’s investigators can prove you were negligent, you might be liable for the losses.
Negligence can mean poor online security, informing a fraudster of your pin or password or even leaving personal documents in an open public area. The Bank must prove you were negligent however, so it is important to document every action. If your bank rejects your claim then you can then take your complaint to the Financial Ombudsman Service (UK).
To reiterate, speed is key. A bank may refuse to provide a refund if you tell them about an unauthorised payment 6, 9 or 12 months after the money has left your account. You need to take action as soon as possible.
Also contact the credit reference agencies if someone has applied for a loan or credit card in your name.
You may also be liable for any legal fees or costs associated with clearing up your credit report and restoring your identity. It is important to note that this advice is dependant on the laws in your specific country.
More information can be found on the Information Commissioners Office
Protect yourself from becoming a victim of identity theft
Protect yourself from Phishing
A very popular scam is typically known as Phishing where fraudsters (or scammers) will contact you in an attempt to extract information for malicious purposes.
Read my article to protect yourself from a Phishing attack
Always remain cautious when contacted, you can always call the person back later if you’re concerned. Never click links within emails or SMSs asking you to log in, and never download attachments from unknown or unsolicited emails.
Place a lock on your credit report
To place a lock on your credit report, you will need to contact each of the three major credit reporting bureaus (Equifax, Experian, and TransUnion) and request that they put a security freeze on your account.
A security freeze will prevent creditors from viewing your credit report without your authorisation. You may be required to provide certain personal information to verify your identity with each bureau before the freeze can be placed. Some agencies allow this action via their App.
A credit lock can help stop new applications for credit cards, loans, mortgages, store cards or other credit products.
Note: A vendor with a current relationship with you may chose to periodically check your credit rating especially if for example an insurance renewal is due. The security lock will not affect this routine process as it is not deemed a risk.
Be aware of the data you are freely disclosing online
The best way to protect yourself from sharing personal data on social media is to be careful about what you post and share.
Keep in mind that anything you post publicly can be seen by anyone, so never post any sensitive or confidential information such as credit card numbers, passwords, addresses or phone numbers.
When setting up your social media profiles, make sure that your privacy settings are set to the most restrictive option, meaning only people you know can view and comment on your posts.
You should also avoid accepting friend requests from people you don’t know, as this could open the door for potential identity theft or other scams.
Be mindful of how much personal information you share online and always think twice before posting something. Your posts should never reveal too much about yourself so that criminals won’t have the opportunity to use it against you.
Destroy mail and paper documents
An important way to prevent identity theft is to destroy or shred mail and documents that contain your personal information, such as credit card statements, bank statements, pre-approved credit offers, and tax documents.
This helps to keep your financial data secure since it prevents criminals from accessing your information through the mail. The best way to destroy this type of mail is to use a cross-cut shredder rather than tearing them up by hand.
Be sure to also shred any old receipts that may have your account or credit card numbers on them, as well as expired credit cards. Make it a habit to go through your mailbox regularly and destroy any sensitive material immediately.
Additionally, be sure not to discard these types of documents in public recycling bins where they can be easily accessed by criminals. With proper disposal methods, you can help protect yourself from identity theft.
Initiate good cyber hygiene
Good cyber hygiene is essential for keeping your devices and information secure and prevent your data failing into the hands of fraudsters and cybercriminals. Here are some steps you can take to promote good cyber hygiene:
1. Use strong passwords that contain a mix of uppercase, lowercase letters, numbers, and special characters. Avoid using the same password across multiple accounts or personalizing it with easily guessed words like birthdays or names. Look to use the three random words approach – Read my article on creating secure passwords
2. Keep all software on your computer up-to-date by enabling automatic updates whenever possible. This will help protect against malicious software and hackers who frequently target outdated systems.
3. Be wary of suspicious links and emails, especially those purporting to be from banks or other financial institutions asking for personal or account information—these are usually phishing scams designed to steal your data.
4. Always log out of shared computers and make sure that physical access to your devices is restricted when not in use. Following these tips will go a long way in helping you develop better cyber hygiene habits and protect yourself from potential threats online!
Securing letter/mail boxes
One of the most common attack methods used to steal your identity is through illegally accessing your mail through an insecure letter/mail box. It is therefore considered important when preventing identity theft by adding additional security to your letter boxes.
This can be done by ensuring that your letter box is locked at all times, as this will deter criminals from trying to access your personal information.
Additionally, you should consider installing a mailbox with a security camera so that you can keep an eye on who is coming and going.
Read my article on the Best Home Security Cameras
By taking these precautions, you can help to keep your personal information safe and secure.
Conclusion
Being a victim of identity theft can be very stressful but by following the steps outlined within this article, you can help protect yourself from any further damage caused by identity theft and start rebuilding your credit history again.
Being a victim of identity theft can be a very traumatic experience that can impact you financially and emotionally.
Whilst this experience can be painful and seem daunting it can be resolved. You can come through this stronger and more protected.
This article has been written to help you understand the importance of your credit reports, credit file, and working with a credit reporting agency fraud team. It will ensure you have the information and the support you need to get through this.
However, credit reports are only part of the process to address identity fraud. You need to work with the police, the banks and financial institutions to ensure you repair your credit file as soon as possible.
Whilst becoming a victim of criminal identity theft is not always avoidable, fighting back and limiting the impact is achievable if you take immediate action.
With over three decades of experience in the heart of London’s financial sector, I have dedicated my career to the pursuit of robust cybersecurity practices and IT leadership. As a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Chief Information Security Officer (C|CISO), Certified Ethical Hacker (CEH), and Computer Hacking Forensic Investigator (CHFI), I bring a wealth of knowledge and expertise to the table.
My journey in the field of cybersecurity has not only been about personal growth but also about sharing my insights with others. As an international speaker, I have had the privilege of addressing audiences worldwide, discussing the importance of cybersecurity in today’s digital age. My passion for knowledge sharing extends to my work as an author and blogger, where I delve into the complexities of cybersecurity, offering practical advice and thought leadership.
In my role as a CISO and Head of IT, I have overseen the development and implementation of comprehensive information security and IT strategies. My focus has always been on creating resilient systems capable of withstanding the evolving landscape of cyber threats.
My Master’s degree in Cybersecurity has provided a solid academic foundation, which, when combined with my practical experience, allows me to approach cybersecurity from a holistic perspective.
I am always open to connecting with other professionals in the field, sharing knowledge, and exploring new opportunities. Let’s secure the digital world together.