IDENTITY THEFT FAQ
Frequently Asked Questions
What is identity theft?
Identity theft is the misuse of another person’s identifying information. In true identity theft, an identity thief uses another person’s Social Security number and other identifying information to fraudulently open new accounts for financial gain. Victims may be unaware of the fraud for an extended period of time, which can allow the criminal to continue the ruse for months or even years. The criminal can use the victim’s identity to work, receive medical care and commit other types of fraud. Account-takeover and credit-related fraud are common problems associated with identity theft. Some examples of the many ways criminals use stolen identity information are to:
- Obtain credit fraudulently from banks and retailers
- Steal money from the victim’s existing accounts
- Apply for loans
- Establish accounts with utility companies
- Rent an apartment
- Obtain a job
- Receive medical care
- Achieve other financial gain using the victim’s name
What is account takeover?
Account takeover occurs when an identity thief acquires a person’s existing credit or bank account information and either withdraws money or makes purchases. Victims usually learn of account takeover when they check their account statements online or receive their monthly credit card or bank account statements.
What can I do to protect my identity?
To reduce your chance of becoming a victim, check out our Consumer Tips. Find out how to protect your Social Security card, mail, checks, passwords, online activities, and much more.
What can I do to protect my computer and data?
There are three main threats to the data on your computer: malicious software, network intrusion by hackers, and physical theft.
To protect your computer against viruses, spyware, worms, and Trojan Horse programs (which let hackers control your computer), you must use antivirus, anti-spyware and anti-malware software—and keep those applications up-to-date. To keep intruders out, connect to the Internet through a properly configured firewall, keep administrative names and passwords updated, set wireless networks to “no broadcast” and be sure to power down your computer when not in use. Never open an email spam or other emails from unknown sources and avoid using public computers for online banking, email account access, or other sensitive exchanges of information, as keystroke loggers, web “cookies,” or cached pages may be capturing your data.
Limit access to your computer to those you truly trust, and use restrictive permission levels to protect sensitive files. Whenever possible, encrypt files containing sensitive information, including backup files. And don’t forget to protect your computer against physical theft—”password protection” sounds daunting but is actually easy for a tech-savvy criminal to defeat.
Finally, beware of “phishing” and “pharming” scams, which use fake corporate email, redirected web addresses, and “cloned” corporate web pages to plant viruses and con users into providing sensitive information. Never provide identity or account information in response to an email or if you have doubts about a website’s authenticity. To learn more, check out our Consumer Tips.
What methods do identity thieves employ?
Theft of wallets and purses was once the most common way to obtain identity documents and account information. Today, identity thieves attack virtually every area of an individual’s life, wherever personal information is stored or sent. An identity thief needs only a few strategic bits of your personal information to commit identity theft and fraud. The more accounts the criminals are able to open, the more “evidence” they have that your identity belongs to them. Some of the most common methods include:
- Dumpster diving in trash bins for credit card statements, loan applications, and other documents containing names, addresses, account information, and SSNs
- Stealing mail from unlocked mailboxes to get preapproved credit offers, credit cards, utility bills, bank and credit card statements, investment reports, insurance statements, benefits documents, and tax information
- Impersonating a loan officer, employer, or landlord to obtain access to credit files
- Taking advantage of “insider” access to names, addresses, birth dates, and SSNs in personnel or customer files
- Shoulder surfing when people are using laptops in public places or watching ATM transactions and public phones to capture PINs
- “Skimming” of credit and debit card information at point-of-sale by copying the card or using a small electronic “skimmer” device
- Tapping online sources of personal data, such as public records, fee-based information sites, and personal networking sites
- Hacking into an organization’s database to steal sensitive information
- Purchasing fraudulent identities on the Internet or through a secondary market
What is debt tagging?
Debt Tagging is a term used to describe when collectors target the wrong person for a debt and append that debt to their credit files.
After years of trying to collect on a debt, collection agencies are often left with old outdated contact information. If you have a common name or one that is similar to who they are looking, your risk is higher and you could be tagged with another person’s debts.
If you are contacted and do not believe the debt is yours, ask for proof of the debt. Debt collection agencies are required under the Fair Debt Collection Practices Act to provide debtors with proof of the debt they are attempting to collect.
Next, check to see if you are covered with Identity Theft Protection by your homeowners, auto or other insurance policies. Also check with your bank, credit union or financial services or employee benefits. If you are covered, call their claims/customer service departments.
What is child identity theft?
Child identity theft is true identity theft in which the victim is a minor child. Because a child (or parent acting on behalf of the child) is unlikely to request credit reports or to try to obtain credit, the theft can go undetected for a long time. In fact, the theft may not be detected until the child becomes an adult and applies for credit. If no credit report exists in your child’s name, that is a good indication that your child has not been a victim. However, if you receive collection calls, statements and/or pre-approved credit offers in your child’s name, your child may be a victim of identity theft.
What is medical identity theft?
Medical identity theft is the misuse of a person’s identity to obtain health care goods and services. It is a growing crime as the trend towards electronic medical records gains momentum. Often the first time a victim gets wind of medical identity theft is when he or she receives a statement from an insurance company for services rendered. To help detect this type of theft, read all Explanation of Benefits statements you receive from your insurance company and contact the provider immediately if you see descriptions of services unrelated to your own health care. Also, watch for any unpaid medical claims on your credit report.
What is synthetic identity theft?
In synthetic identity theft, instead of stealing an actual person’s identity, a thief creates a fictional identity by taking pieces of information from a number of people. The thief usually starts with one victim’s Social Security number and then composes a fictional identity associated with that number. Synthetic identity theft is often harder to detect than true identity theft, because accounts and other credit that is falsely obtained typically do not show up on the credit report of the victim whose Social Security number has been stolen. Since the thieves have created fictional identities instead of stealing real consumers’ identities, it is most often banks that are the real victims of this type of theft because they are stuck with the bills. Beware of so-called credit repair companies that use synthetic identity theft to “erase” your credit file and create a synthetic (or fictional) identity for you. While this tactic appears to solve your credit problem, it is illegal and could create new ones down the road.
What is a data breach?
A data breach is a situation in which information is either lost by or stolen from an organization or individual. Financial information, medical records, customer information, and student data are all examples of information that has been accessed as a result of data breaches. The incidents can occur under a number of different scenarios. Hacked databases and stolen laptops, PDAs, USB flash drives containing sensitive information account for many breaches. More than 75% of states now legally require organizations to contact affected individuals when a data breach occurs. To stay abreast of recent data breaches, click here.
What are credit and fraud monitoring?
Credit monitoring involves monitoring your credit history for suspicious activity. The three credit bureaus offer credit monitoring for a modest fee, providing services such as allowing you to check your credit files every day for any fraudulent usage of your identity. To find out more about this service, see links for the three credit bureaus on our Resources section.
Fraud monitoring allows you to monitor public record databases for suspicious activity. Public record databases can show if someone has broken the law using your identity.
Beware of companies that guarantee they can prevent identity theft. While you can mitigate your risk of becoming a victim and the damage after a compromise, no one can give you a 100% guarantee that you can escape. Even if you do everything right, you might still be on the wrong database at the wrong moment. Never forget, the bad guys are getting better and better at what they do and are often far ahead of the good guys.
What is a fraud alert?
A fraud alert is a warning that you can place on your credit report by contacting the three major credit bureaus. It signals to potential creditors that you may be, or are at risk of being, a victim of identity theft. A fraud alert can take one of three forms—an initial alert, an extended alert and a military fraud alert:
Initial Fraud Alert — An initial alert lasts for at least 90 days. It is a precaution that can be taken in situations where you think you are at heightened risk for identity theft or that someone is currently stealing your identity, e.g., if your purse has been stolen. Placing an initial alert on your credit report requires potential creditors to use “reasonable policies and procedures” to confirm the legitimacy of your identity when it is used for credit applications. These “reasonable policies and procedures” may not always adequately protect you, however, so be sure to monitor your credit report carefully even if you’ve placed an initial fraud alert.
Extended Fraud Alert — An extended alert remains on your credit report for seven years. You are eligible to place this type of alert on your account if you have been the victim of identity theft and provide the credit bureaus with an identity theft report such as the one found on the FTC website.
Active Duty Military Fraud Alert — An active duty alert helps protect military personnel from identity theft. If you are a member of the military and away from your usual duty station, you may place an “active duty alert” on your credit report to help minimize the risk of identity theft while you are deployed. If you place an active duty alert, businesses must verify your identity before issuing credit in your name, which makes it harder for identity thieves to use your information to apply for credit. Active duty alerts on your report last for one year unless you request that the alert be removed sooner. If your deployment lasts longer, you may place another alert on your report.
What is a security freeze? Is it right for me?
A security freeze (or credit freeze) gives consumers the option to “freeze” or lock access to their credit file against anyone trying to open up a new account or to get new credit in their name. When a security freeze is in place at all three major credit bureaus, an identity thief cannot open a new account because the potential creditor will not be able to check the credit file (this is only the case if the creditor checks the credit file before extending credit). When the consumer is applying for credit, he or she can lift the freeze temporarily using a PIN so legitimate applications for credit or services can be processed. Currently 47 states and the District of Columbia have joined the legislative surge against identity theft, enacting laws that empower consumers to freeze their files.
A security freeze shouldn’t be enacted without careful consideration. Before ordering a security freeze, first make sure no legitimate parties are going to require timely access to your credit (these could include cell phone companies, utility providers, or landlords, to name a few examples). Additionally, if any change is made to your personal information during a security freeze, e.g., if your address changes, the companies that would normally report this to the credit bureaus will not be able to do this—you are responsible for contacting the credit bureau and conveying any changes to your personal information. So, if you are in immediate need of credit, e.g., you are about to apply for a mortgage or need to apply for a car loan, first determine whether you will be able to handle delays resulting from the security freeze. For additional information on security freezes, visit the Consumers Union’s Guide to Security Freeze Protection.
How can I monitor my own credit?
You can monitor your credit by checking your credit report from all three agencies at least twice a year. Under FACTA, every consumer has the right to get a copy of his or her credit report free from each of the credit reporting agencies. Instead of getting a report from all three credit reporting agencies at once, get one from each bureau every four months (providing you with a different snapshot three times per year). To obtain your three free reports annually, do not contact the reporting agencies as you normally would. Instead, go to this website, which was set up specifically to allow consumers to receive free credit reports:www.annualcreditreport.com.
You can also monitor fraud in your medical files, on your Social Security statement, insurance claims, or in public records. To find out how to get these reports, see the links on our Resources section.
Are there laws against identity theft?
Yes. In 1998 Congress passed the Identity Theft and Assumption Deterrence Act (918 U.S.C.1028), which makes it a federal felony to use another person’s identification with the intent to commit unlawful activity. Federal agencies such as the Secret Service, the FBI, and the U.S. Postal Inspection Service investigate suspected violations of this law; the Department of Justice handles prosecutions. Visit the FTC’s website to find out more about federal and state laws governing identity theft, consumer credit and privacy and information.
Each of the three credit bureaus uses their own version of the FICO scoring method
|Equifax Scores||TransUnion Scores||Experian Sco|
VantageScores rate consumers in the range of 501 to 990 and categorizes them into letter categories from A to F. The VantageScore is based solely on credit information inside your credit report. Unlike the FICO scores, VantageScore uses the same algorithms for every credit bureau, so differences in scores are due to differences in the information contained in each report, not in the math itself.
Another scoring system that is sometimes used is called the NextGen Score. Though not as popular as the entrenched FICO formulas, this score is used by some lenders when determining credit worthiness.
Plus Score or Expansion Score
PLUS scores have also gained in popularity over the past few years. PLUS Scores, or Expansion Scores, take into account factors not generally recorded on your credit report such as checking account performance or payment histories from non-reporting lenders
Individual Lending Institution
Each lending institution may develop their own consumer credit score using proprietary algorithms based on their line of business, risk factors, and customer’s consolidated accounts. In making a credit decision, the institution may use their consumer credit score in combination with FICO or other bureau score.
What are the different elements used in distinguishing between FICO and VantageScore?
Primary distinctions are that FICO uses 5 components vs. VantageScore uses 6; and different percentage of weight in calculating score. Matrix below provides the components, percentage and benefits.
|1. Payment history (35%)This includes late payments and other negative records such as bankruptcy and foreclosure.||1. Payment history (32%)|
|2. Amounts owed (30 %) This indicates what is owed on all credit accounts and the proportion of balances to credit limits.||2. Account balances (15%)|
|3. Length of credit history (15%) This shows when accounts were opened and amount of time since activity on each.||3. Depth of credit (13%) The length of credit history and the types of accounts owned|
|4. New credit (10%) This factor demonstrates consumers’ recent account openings and inquiries into new accounts.||4. Recent credit (10%) Recent inquiries and accounts opened|
|5. Types of credit used (10%) This details the type of accounts on a consumer’s file, such as credit cards, auto loans and mortgages.||5. Utilization (23%)|
|6. Available credit (7%)|
|FICO points to its history as the industry standard in credit scoring, as well as its 74 percent market share of the industry.||VantageScore says its model is beneficial to consumers and lenders because it provides scores for consumers — such as those with limited credit histories — that are not eligible for FICO scores.|
|Additionally, TransUnion, Equifax and Experian assert that VantageScore is relatively consistent across the three bureaus, reducing consumer confusion.|
What is a credit bureau?
Credit bureaus, or credit reporting agencies, are clearinghouses for information about consumers’ credit. When you apply for credit, they provide this information to the creditors. There are three main credit bureaus: Equifax, Experian, and TransUnion.
How do the credit bureaus obtain information?
Credit bureaus collect information from banks, savings and loans, credit unions, finance companies, and retailers about your credit, which they store in a computer database.
Do all three credit bureaus have the same information on file?
No, due to the fact that different lenders send information to some bureaus and not the others. Credit reports are available from three main reporting agencies: Equifax, Experian, and TransUnion, and these bureaus do not exchange information with each other. Therefore each of them may have different information, depending on whom and what was reported to them. What is on one report may differ from another.
What is a credit score?
A credit score, calculated from variables in your credit report and other factors determined by the lending institution, is a rating tool used by lenders to gauge an individual’s creditworthiness.
What is a bad credit score for those models that have a 300 to 850 range?
The average score in the US is approximately 680. Anything below a 680 is considered “sub-prime” and needs improvement. However, each of the three major credit bureaus records your score slightly different. In general, the higher your credit score, the better it is.
What is a good credit score for those models that have a 300 to 850 range?
The average U.S. score is approximately 680. Credit scores in the mid 700’s to 800’s are the most desirable.
Why is this credit score different than the FICO score?
Each credit bureau offers two scores: a FICO score and a consumer credit score. The credit bureaus will calculate consumer credit scores by their own formula, while FICO scores are calculated by the Fair Isaac Corporation. If one of the credit bureaus is reporting an error, your score for that agency’s report may be significantly different from your other scores.
Will the change in score impact my ability to get credit?
Lenders know that each credit reporting agency will often assign you a different score. If you are attempting to borrow a substantial amount, your lender is likely to pull all three of your credit scores.
How does my credit score affect me?
Credit scores, calculated from such information in your credit file as total debt, types of accounts, number of late payments, age of accounts, and number of inquiries, give lenders a subjective rating of your creditworthiness. Lenders then consider this rating when deciding whether or not to extend you credit. It’s in your best interest, therefore, to keep your credit as robust as possible so you can secure favorable rates and terms. If your credit score is low, you can often strengthen it by minimizing outstanding debt, avoiding overextension, and limiting new credit applications.
How often does my credit score change?
Credit scores fluctuate as often as information in your credit file changes.
Do late payments affect my credit score?
Late payments will negatively affect your score – paying your bills on time is the single most important contributor to a good credit score.
Do inquiries affect my credit score?
It depends on the type of inquiry. Inquiries for marketing purposes do not affect your score. These include consumer requests for a credit report, lenders using credit information to review an account, or a potential employer looking over someone’s credit. Inquiries initiated by the consumer, such as mortgage, auto loan and credit card applications, however, do affect your score because studies have shown that too many are a red flag for credit risk. Inquiries do not weigh as heavily, however, as past payment history or number of delinquent accounts.
Does co-signing a loan affect my credit score?
Any loan or credit card account affects your score.
Who can look at my credit report?
The Fair Credit Reporting Act stipulates that lenders with whom a consumer has applied for a loan can view credit reports – for example, credit card companies and financial institutions supplying auto loans and mortgages. But the list continues: landlords, utility companies, phone companies, hospitals, doctors, dentists, insurance companies, credit unions, finance companies, banks, retailers, department stores, car dealers, mortgagers, investigators, lawyers, courts – most anyone who can give the bureaus just cause can view your credit report.
How long does information stay in my credit report?
Public records and collection items stay on your report for seven years with the exception of bankruptcies, which stay on for ten years. Unpaid tax liens remain for 15 years. Positive information remains indefinitely, although agencies can remove it after seven years. Inquiries remain for two years.
Why should I check my credit report?
Just as you have medical and dental check-ups periodically, so should you check your credit report. Knowing what’s in your credit report can arm you with the information you need – your credit standing – when trying to secure avorable rates for a mortgage or other loan. Also, if you regularly check your credit report, you can guard against credit fraud and identity theft, the fastest-growing federal crimes in the nation.
Credit files are windows into your private life. Lenders look at your credit history to assess your creditworthiness. It is to your advantage to know what your credit report says about you before applying for credit so you can correct any inaccurate data. It is also important for you to understand that with the rise in identity theft and credit card fraud, you may not know that someone has assumed your identity or opened new accounts until they default on loans, or collection agencies start calling you. With our credit monitoring services you will be notified of changes so you can act quickly and call us if you suspect fraud.
What should I look for in my credit report?
It is important to frequently review your credit file to verify the following:
- Social Security number
- Date of Birth
- All accounts listed are your own
- Credit/Charge Accounts
- Outstanding balances/limits on the accounts
- Payment histories
- Derogatory credit information has been deleted after seven years (non-chapter 13 bankruptcies after 10 years)
How do I dispute inaccurate information?
Immediately contact us and we will be able to contact the credit bureau that reported the inaccurate information on your behalf. If you choose to do this yourself, and you certainly have that right, be sure to keep records of all correspondence, phone calls or e-mails. The bureau will then check with the original source. If this inaccuracy persists, they will add a statement to the credit report specifying why the item is wrong. This dispute process can take up to 30 days.
How long does it take for a closed account to be removed from my credit file?
The file will be updated in 30 to 60 days, but reportable information can remain for 7 to 15 years from date of the last activity.
Why Fraud Monitoring goes beyond Credit information?
- Identity thieves target their victims for different purposes: to borrow money fraudulently, to avoid having their real identity associated with crimes they commit, to commit bank fraud, to open new telephone and utility accounts, to acquire government benefits, or to take over existing accounts.
- Early detection of identity theft is one the most important factors in helping to reduce the financial and legal burden that can result from identity theft. The identity thief can acquire a driver’s license, get married or even get arrested using your identity and you would never know this by looking at your credit report alone – so having access to both your public record information, coupled with your credit information, is a very effective way to combat identity theft.
- The changing nature of this crime means that we must seek more comprehensive solutions that provide potential fraud insights beyond credit reports. We are constantly expanding the depth of protection and for consumers by monitoring activity on short-term, high-interest payday and pawn shop loans that do not require credit checks. These debts seldom appear on a credit report and are commonly used by identity thieves.
What are public records?
Public records, by law, are available to the public. Records, such as tax liens, real estate information, criminal records, lawsuit information and court decisions are made available to anyone who contacts the appropriate jurisdiction and requests to view them.