Home Page

Identity Theft

Main Menu

Identity Theft

What Can You Do To Protect Your Name And Credit?

Please keep in mind that these Identity Theft Tips are to be used for information and reference only. Federal and state laws are changing rapidly to stem the tide of rising identity theft. Check with the Federal Trade Commission, your state's attorney general's office, or a legal professional for help concerning existing laws, as well as concerns about future changes in the law. Also, contact any financial institution, such as banks and credit card companies, as to their policies and procedures, if you have any questions. Policies and time periods may vary from those listed below.

Tip Sheet

Always A Good Practice

New Checking Account Banking Procedures

Mail and Phone Practices

Cordless and Cell Phone Security

Credit Cards


Mail Order Fraud

A Very Important Number

When Someone Dies
Web and Computer Safety

Stolen or Misused Checks

Tips for Job Seekers

Order Credit Report

When Fraud Occurs

Credit Bureaus and Banks

Identity Theft Insurance

Federal and State Laws

Web Resources

Medical Records Identity Theft Alert

In the past several years, identity thieves have started to use an individual's medical records, along with other personal information, to receive medical services, treatment, or obtain prescriptions in someone else's name. This is a fast growing area of identity theft. Profits for black market drugs and the use of a person's medical records are feeding this type of identity theft. False claims to an insurance company or government programs are a common type of fraud.

Correcting any false information that has been placed in your record can be very difficult. Also, any false information in a medical record can cause genuine harm to that patient, as well as making it hard for a medical profession to prescribe the correct treatment. For more information, visit World Privacy Forum.

  1. Always a good practice.

    • Shred all documents that have important numbers, such as Social Security numbers; credit card and bank receipts, checks, and statements; investment account statements; and employment pay stubs when they are no longer needed. Credit card offers, as well as expired credit cards, should also be destroyed. Shred anything that carries your address or phone number or any identifying number, such as those used on mail-order catalogs. A crosscut shredder is the best choice for this job.

    • Do not give out your Social Security number unless it is needed for a legitimate reason. It should be used for preparing your taxes or reporting income, for applying for a job, asking for a credit report, or applying for a driver's license in Massachusetts. A Social Security number should never be used for identification. Try to remove your Social Security number from your paycheck stub and other documents that you receive in the mail or workplace, if it is not needed.

    • Obtain a copy of your credit report every year from all three credit reporting agencies. Massachusetts residents are already allowed one free credit report from each one of these agencies each year. See the section Order Copies of Your Credit Report Each Year on this tip sheet for phone numbers and what you will need to do. However, as of September 1, 2005, you must use the Annual Credit Report website, call 1-877-322-8228, or fill out a special request form, which can be obtained on that website. You will need an Adobe viewer on your computer to print the form. This form is to be sent to

      Annual Credit Report Request Service
      P.O. Box 105281
      Atlanta, GA 30348-5281

      When using this website, you will not have to contact each of the three Credit Reporting Agencies separately.

      Be very careful when typing the address (www.annualcreditreport.com) in your web browser. If you have any suspicions that you have NOT been sent to the real Annual Credit Report web site, DO NOT enter any identifying information into the web site even if it looks as if it is secure.

    • The Easthampton Massachusetts Police Department is now suggesting that you use a credit monitoring service. These services will check the three credit reporting agencies for any changes or suspicious activity that might occur. Make sure the service that you select checks all three credit reporting agencies. These services do charge fees. Caution should be used when picking one of these services. Every service will offer different levels of information they will monitor for you; however, the most important part of any of these services is the speed that they will notify you of any strange activity. Also, be sure it is a company that you would want to have your personal information. Ask for recommendations from your bank, a credit card company, a business you trust, your local Better Business Bureau, or your state's Attorney General's Office.


      Never answer any email messages that seem to come from your bank or credit card company, or any company that asks for your account information, mother's maiden name or passwords. These emails can look to be very real. Your bank or credit card company will never send an email to ask for this information. However, if you are called, ask the person on the phone if you may call them at the business' main number. Check to make sure that the main number matches what you know to be the correct number. Credit card companies have been calling to check if you did make a certain purchase, so do not be surprised if you do receive a call. It is for your protection!

    • Lock up important information at home. Too many identity theft cases have been traced to family members or someone you trust whom you have invited into your home. Put those checks, Social Security cards, or important documents in a locked space.

    • If your children have Social Security numbers, you will need to request a yearly credit report for them, as you do for yourself. Young children are now having their identities stolen too. If you start receiving credit card offers or other financial ads in the mail, request a credit report immediately. If you see any strange activity on their report, place a fraud alert.

    • Ask the state to change your Social Security number on your driver's license to a state ID number. Amending a Massachusetts driver's license will cost $15.00, and a visit to the MA Registry of Motor Vehicle. If you have secure Web access, you can request a new number at the RMV's web site. As of November 1, 2004, residents of Massachusetts can trade in their current driver's license for a new state-of-the-art, tamper-resistant license. There will be a fee for you to trade up to this new type of license; however, the amount has not been determined by the state. For more information, see the RMV's web site.

    • Social Security numbers should never be on your medical insurance cards. A letter to the insurance provider may be needed to change it. Check with your provider to see if this can be done. For those who have a Medicare insurance card, make a copy of the original card without the Social Security number on it. Cover the number up when you make a copy. Carry only that copy and memorize your number, so that you can give it quietly to the person needing it, or write it down on something that you can destroy each time.

    • Never carry your Social Security card in your wallet or purse! Lock up important information at home and work.

    • When you are applying for any financial account that requires your Social Security number, such as a loan from a bank or credit card, ask that your number be truncated or obliterated on the application and also your credit report that is used by the company's personnel to evaluate your request. If it is at all possible, ask to be given the copy of your credit report or make sure that it is destroyed in front of you after the institution has made its decision about your loan request.

    • Question your employer as to how he treats your personal information. Find out what safeguards your employer has put in place to protect this information. Workplace theft of personal information is growing faster than many other ways of obtaining personal information.

    • If possible, change passwords on accounts to less obvious ones. Do not use your mother's maiden name, date of birth, phone number, any part of the Social Security number, pets' names, or any common combinations of numbers, such as 1234. Many companies still do want to use a part of the Social Security number or mother's maiden name, so you may have to insist that they use something less obvious. For the web, use passwords containing eight (8) or more letters. Never use an actual word that is found in a dictionary. Break up a word by inserting numbers, or use the first letters of words found in a rhyme or line of poetry along with numbers, for example, lit35tle or mhal537l.

    • Memorize all PIN numbers and never carry them with you.

    • Guard your ATM/DEBIT card.

    • When making a purchase with a check, never allow the store to use a credit card number to verify your check or for identification.

    • When writing checks or signing important documents, use a pen that contains a gel type ink. This ink is considered to be counterfeit-proof.

    • If you can live without having instant credit, place a fraud alert with the three credit reporting agencies. Remember that if you walk into a store that offers you a discount on all that you purchase that day if you apply for a credit card, or you need to open a new cell phone account or change any service accounts, you should have to return home to call the company to verify that you did request a new account or change. For Credit Reporting Agency phone numbers, see When Fraud Occurs. Even though Fight Identity Theft is a commercial site, it does provide good information about placing a fraud alert. Short term Fraud Alerts are in place for three (3) months with Experian, six (6) months with Equifax, and twelve (12) months with TransUnion. Usually, short term Fraud Alerts are put into effect when you call one of the three credit reporting agencies, who in turn will contact the other two credit reporting agencies within twenty-four (24) hours. For long term Fraud Alerts, you will have to contact the companies in writing, and probably provide documentation that fraudulent activity has occurred. See When Fraud Occurs for phone numbers.

    • For extra protection, some states allow you to put a Security Freeze on your credit file. Be aware that a freeze is not a Fraud Alert, since a fraud alert still lets creditors see your credit report. A Security Freeze prevents any creditor from seeing your credit report without your permission. To see if your state will let you place a Security Freeze, as well as tell you how to place a Security Freeze see Consumers Union's Guide to State Security Freeze Laws. You will need to place the freeze at all three credit reporting agencies. However, be aware that a freeze will not stop any current creditor from checking and reporting information to your account. When you need to apply for any type of new credit, you will need to request a "thaw" or a temporary opening of your account, so that the creditor can check your credit rating. Again, you will have to find out how each state handles the temporary opening of your credit report. There also may be a cost to "thawing" your credit information.

    • As of February 3rd of 2008, the Massachusetts Security Freeze Law goes into effect. If you have been an identity theft victim or the spouse of a victim, you may place a "freeze" on your credit report at no cost. All consumers may freeze their credit report for a fee of five dollars for each credit reporting agency. The credit report will remain frozen until the consumer asks to "thaw" the report for either a short time or for good. Again, a five dollar fee is charged to open the credit report for businesses to see your report. Beware that it does take time to take the "freeze" off of your report, so you will not be able to receive instant credit on the same day that you decide you need to obtain credit. Also, note that a freeze is not a Fraud Alert, since a fraud alert still lets creditors see your credit. Please see a copy of the Massachusetts Security Freeze Law for more information. Also, see a copy of the Massachusetts Instructions to place a freeze on your credit report.

    • Anyone who is on active military duty can place an "Active Duty Alert" on his or her credit report. This will give a member of the armed forces a little extra protection while they are away from home. Creditors will be required to call you or your designated representative, whom you have granted the power of attorney. Or the creditors can positively confirm your identity before they can extend any new credit requests on your account. Restriction will also be placed on creditors from sending you "pre-screened" or "pre-authorized" credit offers. The "Active Duty Alerts" are created the same way as a fraud alert; however, the alert will last for 12 months rather than the usual 90 days of a fraud alert, and can be added by calling the credit reporting agencies. This type of fraud alert can be renewed as often as needed. To add an "Active Duty Alert," military personnel must be on active duty, and have TDY orders, or be scheduled to be deployed.

    • What information do you think you can find about yourself on the Web? Try Google and/or several other different search engines using your name, your phone number [000-000-0000], your email address [xxx@xxx.xxx], and other personal information to see what you can find. You will be surprised to see what you will find! Some companies will remove your personal information if you contact their website directly; however, be aware that some fee based services on the web have access to a great deal of everyone's personal information and the companies almost make it impossible to delete or correct any information. Watch for changes in the law that may make it easier to correct incorrect information.

      These companies are called "data aggregators." This type of company collects information about you from public records and other sources, and some of this information may not be correct. As of December 2004, one "data aggregator," ChoicePoint, must give you three of your profiles without charge once a year. The reports provided by ChoicePoint are special reports that are different from your credit report. The reports include 1) an insurance claims history, 2) an employment history, and 3) a tenant history report. Be aware that these reports are only a small part of the information that ChoicePoint has collected about you. Each of the three reports must be ordered separately. If any of the information that ChoicePoint or other "data aggregators" have collected about you is incorrect, it could keep you from getting a job, from buying a new car, or purchasing a piece of property. The Massachusetts Attorney General's office lists three websites that have much of your personal information: KnowX.com, Informus Corporation, and Infotel. You should be able to examine a sample report (not of yourself), that these companies will supply a paying customer. KnowX (which is a section of ChoicePoint) is the only "data aggregator" of the three listed above that will sell some parts of their database to a member of the general public. The other two companies listed sell information only to businesses or the government. Other "data aggregators" are Acxiom, Abacus, and LexisNexis. See Big Business Becoming Big Brother by Kim Zetter in Wired News and the ACLU's Surveillance-Industrial Complex report.

      What should you do if one of these "data aggregators" informs you that your information has been breached!

      1. Make sure that a long-term fraud alert has been placed on all three credit-reporting agencies, as well as, notify all financial companies with which you have accounts. Do not depend on the "data aggregator" company to place it for you. See: When Fraud Occurs.
      2. Ask the company that gave out your information to the thieves to give you a copy of everything that was in your file so that you can make sure all old accounts are closed and open new accounts. If the "data aggregator" does not provide this information, contact a legal professional.
      3. Change the password for all accounts especially ones that contain financial information such as your bank account including your PIN number, charge accounts, and brokerage accounts. Do not use your mother's maiden name since it is too easy to find. Too many companies are still using the mother's maiden name as your password.
      4. Ask the company to pay for a credit monitoring service for several years. Some offer this service for only one year. Be aware that the thieves may not use your name for several years so you will need to watch your credit report carefully for at least eight to ten years. The monitoring service needs to check your credit report at least monthly since once a year is too little. Speed of notification is also important in any identity theft situation.
      5. Check your driving record at least once a year. Your state's department of motor vehicles collects information from other states, so if the thief is using your driver's license information it may show up in a report on the DMV's files.
    • When traveling by car to an area that you do not know, take your car registration with you when you park either on the street or in a parking garage. Keep it in a secure place, such as a hotel safe.

    Back to the Top

  2. New Checking Account Banking Procedures

    • Check with your bank or financial institution to see how they are complying with these new regulations.

    • These new regulations may cause new concerns for identity theft.

    • Do not keep all of your money in one bank account. Keep one account for your ATM/DEBIT card transactions. Other accounts you may have should not be linked electronically to the one you use for your ATM/DEBIT card. Always check your bank statements as soon as you can for any problems. At this time, it cannot be stressed enough that ATM/DEBIT cards do not provide as much protection as a credit card.

    • Be aware that when you write a check today, the amount of the check can be deducted from your account almost immediately. Make sure you have enough money to cover that check in your account.

    • Check with your bank to see if they will scan your driver's license into their bank's computer system. The bank personnel will then be able to check your photo ID without asking for your license when you make a deposit or withdrawal.

    • If you are going to visit another country or even if you have not traveled within the United States for a long time, INFORM your bank that you are leaving the country or starting to travel outside of your usual area. Some banks now want to know the places, dates, and the return date of your trip. For some banks you may also want to call them if you return from your trip early. This will save you a lot of aggravation if you find that you cannot use an ATM or use your Debit Card when traveling.

    • eWEEK.com lists some of the ways fraud may occur.

    • One tip listed suggests that you ask your bank for high security checks. Checks can be copied easily from a real check the thief has in his hands or by using an image found on the web. Your bank check should have eight or more security features on it. Only use checks that your bank supplies or recommends a company that is safe to use. Also ask your bank if you can just have your initials and last name printed on your checks; however, be aware that if you have a common name, some mix-ups could occur. Some have also suggested that you leave your phone number off your checks.

    • You can also call your bank to request a per-day limit on ATM withdrawals from all of your accounts. If you do call, you will be surprised to find out just how high the banks have set the limits.

    • If you add a friend or relative as a co-signer to your bank account, realize that the bank considers you both joint owners of the account. So if you die, the balance in the account belongs to the co-signer, not to your beneficiaries. A few Massachusetts banks are now allowing you to set up a new type of account known as a "Limited Access Deposit Account." The money in these new accounts will remain in your estate when you die. You will need to have the co-signer agree to a letter of intent with the bank which states your wishes for that account. Banks are not required to monitor these accounts differently from their usual practices. Check your statements every month and notify your bank if you see a problem. Check with your bank to see if they offer this new type of account. Again never put all of your money into this account.

    • Watch for more "phishing" attachments from banks or other financial organization on your email. Again, do not give any personal information to any one or organization you do not recognize on the web or over the phone.

    Back to the Top

  3. Mail and Phone Practices

    • Do not leave mail with important personal numbers for the postal worker to take to the post office from your mailbox. Take it to the post office or to a U.S. Postal Collection Box yourself.

    • A locking mailbox may be a good idea in some areas, or rent a box at the post office. Ask your bank if you can pick up your new checks at one of their offices. Do not have them mailed to you if you do not have a secure mailbox.

    • Try to stop solicitations from members of Direct Marketing Association. This association represents about 75 to 80 percent of companies that send "junk mail" to your home. You can pay $5 to obtain forms at Direct Marketing Association's web site. To obtain free forms, write to:
      Direct Marketing Association
      Mail Preference Service
      P.O. Box 643
      Carmel, New York 10512

    • Do not put important numbers or information on post cards. This includes account numbers, book club numbers, phone numbers, and others. Many companies ask you to write your account number on your payment checks. Only write the last four numbers of the account, not the entire number.

    • Do not give any credit card or other important numbers to anyone who calls offering you a prize or gift. WATCH FOR MARKETING CALLS WANTING TO VERIFY YOUR ADDRESS OR PHONE NUMBER OVER THE PHONE. Do not say YES at any time during the conversation. HANG UP IMMEDIATELY!

    • Watch out for credit card scams. If you receive a call from a person claiming to be from the fraud department of a VISA or MasterCard company wanting to verify your credit card information for any purpose, be very suspicious. The caller may have a very professional sounding badge number or title and will state that they are investigating a fraudulent purchase by someone using your card. They proceed to ask you for all of your information to start the investigation. What they are looking for is the three-digit number on the back of the card that will allow the scam artist to place a charge on your account. If this happens, call your credit card company immediately and do not wait for your statement, as the caller wants you to do. It is better to get it off of your account as soon as possible and cancel that card number. Again do not give any information over the phone and again try to say NO to any question that is asked.

    • If you are bothered by unwanted faxes, the Federal Communications Commission is providing some help for the public by calling the FCC's Consumer Center at 1-888-225-5322 or go to their website. Another helpful website to try is junkfaxes.org.

    • Destroy all old credit cards. Shred them if possible.

    • Know when to expect a new credit card and watch for it in the mail. Know all of your credit cards expiration dates. If the new card does not appear before the expiration date, call the company.

    • When a new credit card is received, sign and activate it quickly.

    • Do not forget that calling cards and debit cards should be carefully used in a public area.

    • Have your mail held at the Post Office by placing a vacation hold at 1-800-275-8777, or have a trusted person take in your mail when you are away from your home.

    Back to the Top

  4. Cordless and Cell Phone Security

    • Do not use an analog cordless or cell phone for important calls. If your call is really confidential, use only a landline phone.

    • Try not to give personal or credit information over the phone in a public place.

    • A National Cell Phone Directory is going to be made "public" in the near future. When this does happen the telemarketers will have access to your cell phone numbers. You can now add your cell phone number to the "Do Not Call" list. Dial 888-382-1222 from the cell phone that you wish to put on the "Do Not Call" list or you can register up to three different cell phone numbers online at the National Do Not Call Registry.

    • Even if you have digital cell phone, realize that once the call reaches the phone company, your conversations could be made available to some employees or law enforcement.

    • Change your password for all cell phone and land-line accounts. Phone companies usually will ask you for the last four digits of your Social Security number as proof that they are speaking to the owner of the account. CHANGE THIS TO A DIFFERENT PASSWORD that only you know. Again, do not let them talk you into using your mother's maiden name or other information that is widely known about you, since that can easily be found. Web companies are now selling personal cell phone records to anyone for a price over the Internet. Do not make it easy for these companies to obtain your phone records. These are some examples of web sites that will sell your calling records to other people: Datatrace USA and Locatecell.com.

    • Be aware that even digital cell phones can switch over to analog towers during busy times of the day or when you are roaming. Watch to make sure your phone shows a "D" when calling; however, you may not be able to tell when the phone is using an analog tower. Also others can obtain your stored information on the new Bluetooth-enabled cell phones. This is called "snarfing." Check with your cell phone provider to find out how to secure your information on these new phones.

    • There are times when you may want to keep your cell phone number private. Services are starting up that will provide you with a phone number that connects the caller to a voice mail box. The caller can then leave a message for you to retrieve when it is convenient. The service then will send you an e-mail containing an audio file or will send SMS message to your cell phone. Limited services can be offered free of charge; however, you may need to look into what other services the company might offer for a fee.

    • Check your phone bill every month for calls that you did not make!

    • There are three types of cell phone fraud: cell phone "cloning," theft, and subscription fraud:

      1. "Cloning" occurs when the electronic serial number (ESN), which is a unique serial number programmed into the phone by the manufacturer, and the Mobile Identification number (NIN), which is used by the cell phone company to identify the customer, is obtained by someone who wants to use your phone number. These two numbers are captured and reprogrammed into another phone; however, "cloning" is on the decline since the industry has developed authentication codes, but it still can occur. If you receive frequent wrong numbers or hang-ups, report this to the cell phone company right away.

      2. Theft of the cell phone is on the rise today. Lock your phone with a locking security code so no one can use it. Do not leave the phone unattended or in a car. If you have to leave it in a car, hide the phone and use the phone's lock code. Report the loss of phone immediately.

      3. Subscription fraud occurs when your name is use to sign up for a new cell phone service. Watch your credit report to see if any cell phone company asks for your information or if a cell phone account has gone to a collection agency. Both actions will be noted on your credit report. The thief will change the address so you will not know that this has happen until much later.

    • When buying a new cordless phone, look for phones that operate at a higher frequency of 2.4 or 5.8 GHz. The maker should state that the digital models use spread spectrum technology (SST) or digital spread spectrum (DSS); however, the new 5.8 GHz will not cause as much interference with other appliances found in your home as the 2.4 GHz. The advertising for the phone should state that it is a "digital phone" or is "phone with voice scrambling." Also a cordless phone using digital security codes feature is good to have. Since a handset and base need the same code to communicate, find a phone that randomly assigns a new digital code each time the handset is placed on its base.

    • Ask cell phone providers what security they use for their systems. CDMA systems do use spread spectrum technology (SST); however, few carriers in the United States encrypt digital transmission as is done in Europe. SST does provide a strong security, which can be difficult to intercept except by law enforcement and other skilled technicians. Next generation of GSM systems and 3G will also use SST and should provide strong security. Today, TDMA, CDMA, GSM, and Spread Spectrum will provide adequate protection from having the radio portion of calls protected from being intercepted. For more information check the fact sheet from Privacy Rights Clearinghouse.

    • When donating an old cell phone to charity, try to take all of your personal information off of your phone. Give the phone to only a group or business that you know will clean out all of the information found on the phone or check with your cell phone provider to see if they will let you donate the phone through them. Most of the larger cell phone companies have such a program in place.

    Back to the Top

  5. Credit Cards

      Starting 2015, Visa will require that all Visa credit cards contain the "smart" chip. A "smart" chip-based card requires a PIN to complete the transaction, and these cards cannot be copied. There have been fears that your information can be read off of the "smart" chip-based cards when carried in your wallet; however, the "smart" cards issued today hides the important information, which can be seen only when it is unlocked with the "right" key. As of April 1, 2013, Visa will require firms that handle credit card transactions for retailers to accept merchant chip transactions.

      Experts are now saying that the cards issued today with the black magnetic stripe are about as secure as writing all of your information on a postcard for all to see. Unfortunately, the United States has not made a push to change its payment system, and continues to use this outdated technology while the rest of the world has or is upgrading to the "smart" chip-based cards.

      For anyone visiting foreign countries, it's advisable to ask your bank and credit card issuing companies whether your credit and bank cards will work in the countries you will be visiting. After a quick check with many of the large banks and credit card companies, few, if any, issue a "smart" chip-based card requiring a PIN for their regular customers. Be aware that some businesses abroad will not accept the magnetic stripe cards. Ask your bank or credit card companies what they would suggest to help with this problem.

      A second factor pushing the change to the plastic "smart" chip-based card is the NFC (Near Field Communication) payment system chip, which is starting to appear with the new Android/Google smart phones this fall, which will allow users to use Google Wallet to make purchases through MasterCard. Sprint is allowing the Google Wallet app to be used on the Nexus S G4, which is using the Citi Bank's PayPass eligible MasterCards or a Google prepaid card. One taps the phone on a PayPass terminal for a MasterCard account. It also can be used with Visa's payWave system. Check with Sprint to see if this available in your area.

      AT&T and T-Mobile and Verizon have joined together to add a new mobile payment service next year called ISIS, Wallet...Meet Phone, type of system, which is said to eliminate a person's need to carry credit and debit cards as well as tickets, transit passes, and cash. PayPal will also be adding the NFC chip access in the near future. At this time, it is unclear whether the iPhone 5 will have the NFC chip, so check to see if new phones list the NFC chip before you buy, if you want to use this new technology.

      The important thing to remember is that if one wants to use any of these services, the credit card transactions will provide the best fraud protection for the consumer. You would be liable for only the first $50.00, and some companies will wave this charge, so check with the companies you use. However, the user must constantly check all accounts carefully to see if there are any purchases that they did not make. The systems will accept credit cards, bank debit cards, and prepaid cards. Prepaid cards have extra fees added, which the bank debit cards and credit cards do not have. Also, do not bill to any gift cards, since they do not have the protection that the credit cards offer, or even allow purchases to be billed to your wireless phone company's account, since there is very little consumer protection, and at this time, one cannot place any caps on the limits that can be charged. Again, try to use only a credit card when using these new systems. These options may be an important change for the future. However, research which uses will best meet your needs and your safety requirements.

    • Do not use your credit card for a purchase or service if you have any reservations about the company and its practices. Sometimes, it is better to pay cash. For example, some people will only pay cash in restaurants since the wait staff takes the credit card out of your sight.

    • Examine your credit card bills as soon as you receive them every month. If charges appear on your bill that you did not make, call the credit card company immediately and cancel the old number.

    • If your new credit card has an RFID chip in it, call the company and ask for a credit card that does not have this chip in it. Even if you call the credit card company and ask to have the chip be de-activated so that the store's equipment cannot read your card, the RFID chip is still active. The companies cannot seem to turn off the RFID chip so it is better not to have one of these new, fast cards until the card can protect your data.

    • When sending in a payment by check, only put the last four (4) numbers of the account on the memo line.

    • To stop the credit card companies from sending you blank checks in the mail, call each credit card company with which you have an account and request that no checks be mailed to you with your bill or in a separate mailing. This request may need to be repeated each time a new card is mailed to you.

    • Credit card companies will automatically keep raising your credit limit unless you request the company not to increase it on your account. Higher credit limits drag down your credit score, as well as give the thief a chance to buy high priced items with your card. Keep the credit limit on all of your accounts at a reasonable level that you know that you will not exceed. You can call the number on the back of your credit card at any time to speak with a customer service representative to increase your credit limit or decrease it at any time. For example, if you are taking a trip and feel that you might go over your credit limit, call the company and ask that it be raised, but remember to call them back after your trip to lower it back to what is a comfortable level for everyday use.

    • Keep your credit card numbers and/or important information in a safe place so that if your wallet or purse is stolen, you can retrieve this information quickly; however, do not store this information on your computer's hard drive. Speed is needed to report the theft.

    • Before you travel outside the United States, inform all credit card companies you intend to use as to the dates, times, and countries that you will visit during your stay. Just call the general 800 numbers found on the back of the cards and speak with customer service.

    • Watch for unauthorized charges, new statements from credit cards you did not request, mail that looks as if it were damaged, or a statement that does not arrive in a reasonable amount of time.

    • Federal law limits your liability to the first $50, and now some companies will even waive this charge. If you report the lost card before it is used, you are not liable for the $50. Check your account via the 800-number found on the back of all of the credit cards if you have any suspicions that incorrect charges have been made. You can do this at any time of the day or night. This can also be done on the Web through the credit card companies' Web sites.

    • Carry only the cards that you use regularly. Keep all of the others in a secure place or close out credit cards that have a zero balance since too many credit cards can affect your credit score. Any time you close a credit card account, always state in your letter to the issuing company that you requested to have the account closed. This request will appear on your credit report, and is an important notation for creditors to see.

    • Use only one credit card for phone or Internet purchases. Keep the credit limit small, such as $500 so that losses will be small. You can also easily spot problems, and you will lose out on only one card.

    • Try to get credit card companies to put your picture and signature on the front of their card. This is only a small step and not all companies will do this.

    • If you have reported that your credit cards have been stolen, you will need to watch future bills carefully for any new false charges. If you notice any fraudulent charges, you will need to send a letter to the company detailing the unauthorized charges, as well as reminding the credit card company that you reported that your card was lost or stolen on a certain date. This letter should be sent to the billing errors' address and not the payment address.


    • If you do find a fraudulent charge on your credit card bill, when calling ask to speak to the company's fraud investigation department instead of a customer service person after calling the number on your bill. Also avoid using "dispute" when discussing the problem caused by the fraudulent charge. When you use "dispute" in a conversation with the fraud investigator or customer service person, many companies assume that you accept the bill but want to complain about the purchase. This charge then may be sent to a bill collection agency.

    Back to the Top

  6. ATM/DEBIT Cards

    • ATM/DEBIT Cards are a great help to everyone, but they must be treated with EXTRA CARE. Never use a DEBIT card on the Web. Also it is a good idea to never let anyone scan your card out of your sight. Always use a Credit Card in a restaurant or any other place of business that takes your card way from you. Credit Cards offer more protection at this time.

    • How secure is your ATM/Debit Card's PIN number? New worries are now surfacing about the safety of businesses handling your ATM/Debit Card's PIN number. Some businesses store these PIN numbers, and if the account number and PIN are not stored in an encrypted file or the encryption is breached, you could be at risk. The thief would rather obtain your ATM/Debit Card numbers and PIN numbers so that money can be taken directly out of your bank account rather than buy goods. Ask the businesses where you are using your ATM/Debit card if they store these numbers and if they do, how do they protect your information from being stolen. The following two tips may help:

      1. Change your ATM/Debit Card's PIN number several times a year. You will have to go to your bank to change the number, and the change could take several days before it goes into effect.

      2. Check your bank statements carefully and quickly each month. Online banking may help you spot problems almost as soon as they occur.

    • Report the loss of a card IMMEDIATELY!!!! If the ATM/DEBIT Card loss is not reported within two (2) business days, you could lose up to $50 from an unauthorized withdrawal.

    • You could lose up to $500 even if you report your loss within sixty (60) days after your bank statement was mailed to you. (Please note that some banks are now giving you only thirty (30) days to report your loss instead of the sixty days as stated above. It is best to check with your bank as to their policies.) If it is not reported, you could stand to lose even more than just the money in your account. This would include the overdraft line of credit. ATM/DEBIT cards do not offer as much protection as your credit card accounts.

    • The good news is that you cannot be held responsible for any additional charges after you have reported a missing/stolen ATM/DEBIT card.

    • Shred those ATM receipts and do not leave them behind. Today you can also request not to have a receipt printed by the ATM machine. The large banks are now printing only a part of account numbers on the receipts or even issuing a different number than your bank account on the ATM/DEBIT card.

    • Never carry your ATM PIN number. Memorize it. Do not give it out to anyone!! Try to not let anyone see the PIN number as you enter it. Be assertive and ask anyone who tries to stand close or acts in a suspicious manner to move away.

    • Use only ATM machines that have a connection to a bank or business group that you know. At this time, anyone can buy ATM equipment. Groups are now using this equipment to gather your important bank account information when you use a fraudulent machine for a cash withdrawal. You may get the money you need that day, but you can lose a lot more from the information that the machine collected.

    • Be very careful when you do use your ATM card. Try to use the machines during times when there are a lot of people around in a well lit area, but still be very aware who is around you and what they are doing. Try to hide your pin number as you enter it. Be very, very careful using ATMs in foreign countries. The State Department has an excellent site giving descriptions of the types of crimes including ATM thefts for many countries of the world. Scroll down to the Crime section on each country that you wish to visit to see what types of crime can occur. Also check with your bank to see if your ATM card can be used in certain countries. You may be surprised to see what countries are blacklisted.

    • Some banks and credit card companies are now issuing pre-paid Debit Cards. Check to see if your bank can do this for you. These ATM cards will keep the thieves from getting into your personal bank accounts and should help limit the damage.

    • For more information on limiting losses on ATM/DEBIT cards, read the Facts for Consumers from the Federal Trade Commission.

    Back to the Top

  7. Mail Order Fraud

    • Use only a secure Web site for ordering items when using the Internet.

    • Never use a DEBIT card for a phone or mail purchase!!!!

    • When ordering items over the phone, watch how the company uses the information that you give them. For example, shred any catalog page that has any customer information such as an identifying number before you throw it out. Do not forget that magazines and other advertising flyers can also contain identifying numbers and address that can be found on the cover as well as inside of the materials.

    • Be aware that you are protected against fraud when using a mail ordering service as you are with credit cards for unauthorized orders. Again keep good records of orders, dates, and order numbers.

    • However, give only the information needed to order merchandise over the phone.

    Back to the Top

  8. A Very Important Number

    • Your name can be removed from pre-approved credit card and insurance offer lists by calling 1-888-5OPT-OUT (1-888-567-8688) or you can use www.optoutprescreen.com. You will need to tap into your touch-tone phone your Social Security number and the automated system will prompt you for other information. You should use your home phone number. You will need to call this OPT-OUT number every five years to keep your name off the pre-approved credit card list. It does work well; however, you will still receive offers if an organization you have joined or a business you use sells your name or that organization has a company that offers credit or other services even if you have registered your name with the OPT-OUT service. This OPT-OUT service shares your information with all three credit-reporting agencies, as well as, Innovis Data Solutions so that you do not have to call all four agencies.

    • Removing your name from pre-approved credit card and insurance offer lists will not keep you from getting mortgage refinancing and home equity loan offers. You will need to call the Acxiom U.S. Consumer Hotline at 877-774-2094 or send a request to Dataquick, Attn:Opt-Out Dept., 9620 Towne Center Drive, San Diego, CA 92121.

    • Many financial institutions now offer OPT-OUT forms that can be retuned to the company or a toll-free number to keep a company from sharing your information. To insure that the company does not share your name, you may want to put the request in writing. Download the form from the Federal Trade Commission.

    • If you have a relationship with a bank or business, the bank or business has the right to share information with their service providers or those companies with whom they have joint marketing agreements. You can request to be placed on an internal do-not-promote list. This is different from the OPT-OUT and DO-NOT-CALL registry. Check with each of the businesses or banks that you use and inquire about their policies. Remember, some of the service providers or companies sharing information may be useful to you.

    Back to the Top

  9. When Someone Dies

    • Have someone stay in the house during the times of any services or calling hours. The information is usually listed in the local papers, as well as, on many area information web sites. Homes can be a target for thieves during this time.

    • Exclude the month and day of the birth date in all information given to the press. Only provide the year of the person's birth. Also leave the address of the person's home out of all the obituaries. Also try to avoid including in a woman's maiden name since many groups use this as a password.

    • Place a Fraud Alert on the person's credit reports. You need to call only one of the credit reporting agencies' fraud hotline numbers to place a 90-day fraud alert on all of the three credit reporting agencies. The alert will be placed by all of the companies within 24 hours. It is an automated system so you can just enter the data needed with your phone. This should keep new accounts from being opened in the person's name until you can send a copy of the death certificate to all three agencies.

      1. TransUnion:  1-800-680-7289
      2. Experian:  1-888-EXPERIAN
      3. Equifax:  1-800-525-6285

      All three credit reporting bureaus (Equifax, Experian, and TransUnion) should be given a copy of the death certificate.

    • Wait several weeks before you request a credit report. You can use the AnnualCreditReport.com's web site to ask for the report. You may want to stagger requesting the reports so that you can see if anything happens after one or two months.

    • For the information and address needed to send to all of the credit reporting agencies see the Identity Theft Resource Center. Also remember when sending any information containing Social Security Numbers to any agency or business, ask the post office to send it certified with a return receipt post card.

    • Cancel any driver's license at your state's department of motor vehicles to stop anyone from getting a duplicate license.

    • Make sure you call the Social Security Administration 1-800-772-1213. Remember the SSN is used for credit information so even if the person is not getting any benefits, the Social Security Administration should be notified.

    • Collect all the information on open accounts and notify all the companies of the death. This can include banks, investment companies, credit card companies and mortgage lenders. In some cases an original death certificate may be required, so be sure you get lots of copies.

    Back to the Top

  10. Web and Computer Safety!

    • Always log off after using public internet-access computers in libraries, Internet cafes, and other public places that offer Internet connections. Also close the browser that you have been using to surf the Web. Computer security experts are now warning wireless computer users not to do any financial business or send sensitive information from public or fee based HotSpot WiFi services. Wired networks are still considered to have fewer risks and are many times faster than wireless networks. Many towns, libraries, and work places are offering free wireless services, and these networks should never be used as a person's only source to access the internet.

    • Always have a firewall, anti-virus, and anti-spy software on your own computer. Keep all of these software programs and your Windows operating system up to date. Scan your computer weekly for viruses and spy ware. A router is also recommended since this piece of hardware receives the public IP (Internet Protocol) address from your broadband or dial-up connection and supplies a private IP address for your individual computer, as well as other computers you may have connected on your home network. Even if you have only one computer, connect a router to your computer for added protection. A router that also has a built in firewall will give you some extra protection.

    • When you buy a new computer, you will have to input your name into the operating system. Use initials or misspell your last name. This information is imbedded in all of your documents. At least this action will give you a little protection when using the web.

    • Keep all computers' and tablets' operating system up-to-date. Make sure that the newest version of the browser software is in use. Use one web browser for most financial use and a different web browser for other types of searching. All antivirus and and spyware software protection programs should be installed and also be kept up-to-date. All equipment should be scanned weekly for threats. Add a router to your home's internet connection system. This also helps to keep malware out of your system, as well as keeping snoopers from using your internet connection.

    • Security Audits are a tool to keep Crackers from gaining access to your computer. A Security Audit should be run every few weeks to see if anyone could gain access to your computers through your machine's ports. Your computer has many ports today when you think about it. Ports are "connection areas" and may allow crackers to gain access to your information. For example, your printer or a digital camera is using a "connection area." You will need to see if anyone on the Internet can find your computer. One way to check if anyone can gain access to your computer is to use Steve Gibson's ShieldsUp! Link. Scroll down through the list of programs to the ShieldsUp! Link. Follow the directions. HackerWhacker also has a free audit for home users. You will need to click on the "Free Tools" button. HackerWhacker gives a clear symbol when the test has been run as to how serious this problem could be and some instructions as to what you can do about the problem. This is a good start to see if your firewall, anti-virus software, and up-to-date Window's programs are keeping your computer secure; however, if you are in need of a complete Security Audit since you are working with sensitive information, do purchase a good audit program.

    • Look for the security symbols on web sites such as the closed lock or closed key that appear usually on the bottom area of a web page. The site should also have an "s" included in the "https://" address section of your browser. The "s" will usually appear on the most secure web pages you are using such as the order page that asks you for your personal information or all of the web pages of an online bill paying service. Look for the "https://" next time you are ordering on the web.

    • Do not pay bills, bank or conduct other financial transactions on public computers!

    • If your computer is used to play games on the Internet, you will need to use a totally different computer to complete any financial transactions. Banking and brokerage accounts, as well as private information should be kept on a computer that is not totally open to all software that can be downloaded to your computer.

    • When using sites such as FaceBook, MySpace, blogs, forums, or any other social networking web sites, do not give out too much of your personal data. This includes birth date, address, phone numbers, financial data, school, and never give out your Social Security number. Never post your full name. Also try not to include photographs and small details about your personal life. Be careful when downloading files since ad banners may try to infect your page. Do not open links from strangers and never give out your account number or password. If the site has a way to provide some privacy control, use it, and read the privacy policy so that you know how the site is protecting you. But most importantly allow only those you know to have access to your web page.

    • Some firewall programs may be able to warn you about outgoing connections that may communicate with outside controlling software. Check computer magazines to find the best firewall to use.

    • For financial sites, never let your browser software remember your passwords and always use different passwords for each site.

    • If that car or any other item for sale on the web looks as if it is too great a bargain to pass up or you answer a spam message, beware. Malware may be installed on your computer to give away your passwords and other important personal information.

    • If you are thinking about moving up to Microsoft's new Vista and are concerned about malware, you should leave Vista's User Account Protection on and use a Standard User Account. Just remember that your computer will ask you to enter an administrator password every so often. It is better to keep your computer protected; even though it is a bother to have to enter this password. Also you can activate the Parental Controls on your Standard Account for added security since you will see a pop-up notice when you are about to enter a suspect site or find that you could be running a rogue application.

    • Check out GetNetWise to see how to not only avoid getting "SPAM," but also how to keep you and your children safe when using the Web.

    • Some would say that you should unplug the computer's cable to a high-speed Internet connection or phone line when you are not using the Web.

    • Do not use a DEBIT Card for Web purchases.

    • Try using only one credit card for Web purchases so that any attempt to make fraudulent purchases can be picked up as quickly as possible. Keep a low credit limit on the card.

    • Fraudulent, unsolicited emails, which appear to have come from banks or credit card companies or established institutions such as AOL, eBay, PayPal, Best Buy, or EarthLink may ask you to provide personal information such as your Social Security number, credit card information or even your address via return email. Never give personal information to anyone you do not trust over the Web. This is referred to as PHISHING by the tech world. For more information about this attempt to obtain personal information from you via email alerts, check the Scam Alert from Privacy Rights Clearinghouse.

    • Phishing attacks are on the rise. About 25 percent of the public receive at least one online phishing scam every month. Be on your guard for any suspicious emails that look authentic. Your bank, PayPal, or other sites that require personal and financial information will never email you and ask you to correct any personal information over the Web. These emails can look very realistic. Do not reply to these emails!! Call the business using their main phone number to see if they did send you the email. You can be assured that these businesses probably did not email you.

      What can you do to keep from getting hoodwinked?

      1. Never click on the link found in the body of the email that you received. Type the name of the web site in your browser. See where the address takes you. You might be surprised.

      2. Look at the URL in the browser's address bar that is asking for your personal information. Most times the URL is not a valid looking address. (For example: http://joneslibrary.org, which is the correct address, may look like http://Moo.joneslibrary.org. This is not a real address, but you can see what may appear in the address that would take you to a different web site.)

      3. If the padlock icon is not located in the browser's lower right corner, you can be sure that it is not a legitimate site. If you find the padlock icon anywhere else on the site, leave the site immediately.

      4. It can never be stressed enough that you should NEVER use your Social Security number to identify you. Some sites may require you to give a part of your Social Security number; however, you should insist that the company allow you to use some way of identifying yourself if you can.

    • PHARMING attacks are not a new way to obtain your personal and password information from a web site, but they are considered to be far more dangerous than the PHISHING, which is mentioned above. A PHISHING email requires you to provide your information by responding to the fake request; however, with a PHARMING attack you think that you are using a trusted web site only to be re-directed to another web site that looks to be the web site that you typed in the address line of your web browser. This is a much more serious form of "spoofing." You cannot tell from the address bar if your bank's or other company's URL has been hijacked. Companies need to add an extra layer of authentication. Look for a certificate from a certicate authority company, such as VeriSign. For more information about this problem see an article by Robert Vamosi, "Alarm over Pharming Attacks: Identity Theft Made Even Easier."

    • eBay is adding a tool bar which you can download with "Account Guard" to identify fraudulent (spoof) Web sites. For more information check out Ebay's Frequently Asked Questions.

    • Be aware that Computer Intrusion can occur at your workplace or in your home. Hardware can be plugged into a computer via a port or you could download software programs without knowing it. Watch for any unusual equipment added to your computer at work. They look authentic, but the device, as well as spyware software referred to as "keyloggers" or "snoopware" will track your every keystroke and will allow hackers to obtain your passwords and personal information. There are software programs today that can check for snoops and spies. Make sure that you pick a reputable company that puts out blocking software before you install it on your computer. Find reviews in computer magazines. For more information on this problem, read the Privacy in Cyberspace fact sheet from Privacy Rights Clearinghouse.

    • Consumer Reports usually has articles in several issues each year that focus on problems caused by spam, spyware, computer hackers, and identity theft prevention topics. These articles also rate current anti-spam, antivirus, and antispyware software. Also check issues of PC World and other computer publications. These publications come out with new information monthly so you will need to look at them so you can keep up with any new problems or reviews of software.

    • Avoid using automatic login features on stand alone PCs and especially laptops. Password protect all computers especially laptops.

    • Try to keep financial information off of your hard drive. Store all personal financial documents on removable disks such as Zip disks, floppy disks, or jump drives. You can also check your hard disks by using this software program from Cornell University to see if you have any sensitive information or data stored on them. If you have any concerns about using this software, speak to someone who is knowledgeable about it.

    • Wireless Data Networks use the 802.11 protocol or Wi-Fi. It is not by any means secure if the security options are not installed. Check during installation to make sure the security options are really in place. Some security options may not be turned on when taken out of the box to make installation easier for the home use. Read your owner's manual carefully. New more secure wireless protocols are now being developed.

    • If your Wi-Fi service provider does not use encryption, do not use your wireless devices to send sensitive information, such as passwords, credit card numbers, or other personal information unless you secure it first. The "https" found in the address area of the browser does provide secure connections. Make sure that you look for the "https" when you are using passwords and credit card numbers. email is often not very secure unless the "https" is evident in the address area. Check with your hotspot provider for advice as to how to best secure your equipment when using their service.

    • Want to give that old computer away to a friend or organization? Take out the hard drive or use a program that shreds the drive so no one can take any information off of the drive. If you ever need to replace your old hard drive on the computer that you are currently using, ask the repair company to shred your information on that old drive as well as ask that the old drive be given back to you. "Wipe" utility programs are available.

    Back to the Top

  11. Stolen or Misused Checks can happen anywhere.

    • Ask your bank to notify the check verification service. No federal law limits your losses; however, state laws may protect you, and most states hold the bank responsible for losses from a forged check. Make sure that you notify the bank as soon as possible, since you may be held responsible by the bank if the loss is not reported. Also contact the major check verification companies:

      TeleCheck 1-800-710-9898 or 927-0188
      CrossCheck 1-707-586-0431
      Certegy, Inc. 1-800-437-5120
      International Check Services 1-800-631-9656

    • Contact your state banking or consumer protection agency for more information.

    • Call SCAN 1-800-262-7771 to find out if the identity thief may have been passing bad checks in your name.

    Back to the Top

  12. Tips for Job Seekers

    • Privacyrights.org has an excellent Privacy Fact Sheet for Job Seekers.

    • It is a crime to use another person's Social Security number to apply for a job or to work. If you think someone has been using your SSN to apply for a job, a report should be made to the SSA's Fraud Hotline at 1-800-269-0271. You should also request a copy of your Social Security Statement. After calling, send in a written statement.

  13. Order copies of your Credit Report each year.

    • Please note that after September 1, 2005 this information will change for Massachusetts' residents. The new changes are occurring for other states at different times. Check at www.AnnualCreditReport.com to find out when your state will be using the new Federal Trade Commission Rule on Free Annual Credit Reports

    • Contact each major credit-reporting agency every year for a copy of your credit report. Massachusetts allows each person one free credit report from each agency a year. These Credit Reporting agencies may ask you to send in proof of your identity before they will mail your credit report back to you. The information that you are asked to send in is just about every important number attached to your name. When you send this requested information to the agency, send it by certified mail with a return signature card so you know who signed for it.

      P.O. Box 105851
      Atlanta, GA 30348

      P.O. Box 1000
      Chester, PA 19022

      P.O. Box 2002
      Allen, TX 75013

    • When your credit report arrives, check it for mistakes. At the end of each credit report, you should find a dispute form to correct inaccurate information. This can be anything from an incorrect home address to major mistakes such as a lien against someone else with a similar name or social security number. Mistakes are common! Keep a copy of this form and return it to the agency.

    • Do not be surprsied if you begin to see monthly reports from some of your utility companies showing up on your credit report. Verizon started to report your monthly payment records to the three credit reporting services as of December 2005. This is another protection for you since you can see if someone has opened a new account in your name. All of the utility companies should start reporting this information.

    • If you have been turned down for credit or been a victim of fraud, you can order free copies of your credit reports from all three companies; however, you must order them within a sixty (60) day period upon discovering this adverse action.

    Back to the Top

  14. When Fraud Occurs


      The Federal Trade Commission's online Identity Theft booklet, Taking Charge, provides a wealth of information on how to protect and to correct identity theft problems. The booklet includes important phone numbers, report forms, sample letters to use to report problems to creditors, and forms needed to report Identity Theft. The Federal Trade Commission has compiled a comprehensive guide for the consumer. For more information, visit consumer.gov.

    • Report the identity theft to the local police! Keep a copy of the police report and the investigator's name and phone number for yourself since you may need it to prove your case to creditors and merchants. You will also need the local police department's report to qualify for an extended fraud alert which can be placed on all three credit reporting agencies. You may need it for a lawsuit to recover losses or clear your name. The report must be made to the police department in the area where you live. (Please note this is a change from past practices with the new laws.)

    • Keep a log that records the effort you make to correct your credit history. The log should show what you did, who you spoke to on the phone from all companies, and the name of the person and/or company with which you had any written correspondence. The log should also show all dates and times. Keep all copies of any information connected with the theft. Certified mail with a return post card with the person's signature who accepted the mail should be kept with your log. Keep a record of all your expenses to clear your credit record. Check with your state's laws concerning the financial losses that you are able to collect.

    • File a complaint with the Federal Trade Commission at 1-877-ID-THEFT or 202-326-2502. The Federal Trade Commission also has an excellent web site, listing steps you will need to take if Identity Theft has occurred.

    • If the fraud occurs through the Internet, file a complaint with the FBI Internet Fraud Complaint Center. The site does list alerts for some of the Internet frauds reported and a few tips to help protect yourself from fraud.

    • Download a copy of an ID theft affidavit from the FTC's Web site so it can be used to notify merchants, financial institutions, and credit bureaus.

    • If you think that your mail is being diverted from your current address, check with your local post office first to see if anyone has requested an address change by using a change of address form. The U.S. Postal Inspection Services also has an Identity Theft via the U. S. Mail Form.

    • Do not wait to contact the three credit reporting agencies. Today, you need to call only one of the agencies' fraud hotline numbers to place a 90-day fraud alert on all of the three credit reporting agencies. The alert will be placed by all of the companies within 24 hours.

      1. TransUnion:  1-800-680-7289
      2. Experian:  1-888-EXPERIAN
      3. Equifax:  1-800-525-6285

      Ask to have your account flagged with a fraud alert. This asks merchants not to approve any new credit without your explicit approval. Be aware that the companies use different time periods for the fraud alerts that appear on your credit record. Make sure you know how long they will keep the alert on your account. Time periods can be as short as ninety (90) days up to seven (7) years. Keep all of your correspondence!

    • Fraud Victim Assistance from Experian has a web page to guide you through the process.

    • File a complaint with the Federal Trade Commission's Identity Theft Hotline by telephone at 1-877-IDTHEFT. The affidavit and instructions are at the FTC's Web site.

    • Contact the Social Security Administration if your Social Security number has been used to obtain a job or apply for credit. The SSA Fraud Hotline number is 1-800-269-0271, Fax 410-597-0118; TTY 1-866-501-2101; or write SSA Fraud Hotline, P.O. Box 17768, Baltimore, MD 21235; email: oig.hotline@ssa.gov. Check their website for more information. You will need to check your record to verify the accuracy of your reported earnings, the spelling of your name, and Social Security statements. The Social Security System cannot clear your credit record. The agency can only issue a new number if you have proof that your number was abused, even if it was lost or stolen. This is a serious step to take and may not clear up your record. Also be aware that the SSA almost never changes Social Security numbers so it may not be worthwhile asking for a change; however, it is definitely important for you to contact the Social Security Administration. This act will also wipe out your credit history so that you may not be able to obtain new credit.

    • Contact the Massachusetts Registry of Motor Vehicles to see if a new license has been requested or issued in your name.

    • Contact the Attorney General Consumer Hotline via their website or 617-727-8400 and MA's Office of consumer Affairs website or Hotline: 888-283-3757.

    • When you get a copy of your credit report, notify all banks, creditors, and utilities and close all accounts that have been used by the thieves. Establish new passwords and PINs to all of your accounts. Again, do not use your mother's maiden name as a password. Use your police report or FTC affidavit as a backup to notify merchants that issued credit or accepted bad checks in your name.

    • Keep checking your credit report every year. Credit can still be issued to the thief in your name without your permission even though you have reported the theft and placed a fraud alert on your files.

    • Other resources that can help you after the theft has occurred! Talk with your state and federal legislators to push for stronger protection. For more information, check out the nonprofit Privacy Rights Clearinghouse.

    Back to the Top

  15. The credit bureaus and banks have teamed up with several companies to monitor your credit.

    • Some experts say that they are not worth the money. If you do decide this credit monitoring service will be useful, try to pick one that is connected to a credit card company or a bank or one of the credit reporting agencies.

    • For one comparison of only three of the companies that provide credit monitoring services check the Fight Identity Theft web page. There are more companies providing these services than this site has compared. Also for an opposing view as to whether these services are worth the money check Bankrate.com's web page. Consult your bank or a known financial institution to see what they would suggest. Be aware that some companies you contact may have an affiliation with only one credit monitoring service so you will not be given information about other services that are available.

  16. A few companies are now selling Identity Theft Insurance.

    • Policies can start at a low of $25. Again, some experts say that they are not worth the cost since the insurance seldom covers the out-of-pocket losses.

    • Insurance companies are beginning to change their policies as to what they will cover and not cover. Check to see what each company can offer you for protection and consider whether the cost of this insurance is worth it to you when making a decision about purchasing Identity Theft insurance. Check with a financial institution you trust to give you advice as to what they would recommend if you feel that you need this type of protection.

  17. Federal and State Laws


Even if you follow many of the tips or suggestions listed, you may not be able to stop Identity Theft from occurring. Always be aware that something might happen. It has been said that the only way to stop someone from using your Identity is to have a bad credit rating.


Federal Trade Commission

Privacy Rights Clearinghouse

Identity Theft Resource Center

Better Business Bureau

United States Secret Service

U.S. Dept. of Justice Identity Theft and Fraud Information

The Office of Inspector General at the U.S. Department of Education

The Attorney General's Guide to Credit Identity Theft

Prepared January 2004 for a presentation at the Jones Library on February 3, 2004. The Identity Theft Tips Sheet has been prepared by Susan Hugus, Branch Librarian, of the Jones Library and with valuable help by Kate Stevens of the Greenfield Saving Bank.

This page last updated on December 11, 2012.