In 2018, new account fraud was up 13%, accounting for $3.4 billion in losses, according to Consumer Affairs. Meanwhile, formjacking, or stealing data from online payment forms, was up 117%, with more than 57,600 unique websites compromised. Among the accounts breached, the most common targets were for mortgages, student and car loans, and credit cards.
Unfortunately, there are endless ways you can get targeted for identity theft and fraud these days. If someone hacks into your online bank account, they could access your name, address, email, phone number, associated checking and savings accounts, etc. If you use Facebook, your phone number, email, and location may have gotten compromised recently. These are just two examples, but you get the picture – it is easy for your information to get stolen.
Among the most common types of fraud is new credit card account fraud, which made up 30% of all identity theft complaints in 2020, according to the Insurance Information Institute (III). On the bright side, there are several steps you can take to protect yourself from identity fraud.
Key Takeaways
- There are many ways hackers and identity thieves can steal personal data, from rummaging through mail to phishing scams to scraping data online.
- If you are a victim of identity theft, there are several steps you can take to deescalate the situation. That includes contacting the credit card issuer’s fraud department, filing an identity theft report, and disputing incorrect info with the credit bureaus.
- We will outline key actions to prevent identity theft, including regularly reviewing your credit reports, opting out of consumer databases, and using technology.
How to Open a Credit Card
Applying for a credit card has several eligibility requirements and personal information needed.
Eligibility Requirements
While different credit card providers will have varying criteria, common ones in the U.S. include:
- Age – You need to be at least 21 to apply for a card on your own. If you are 18 or older, you can apply for one with your parent or guardian’s permission or a verified income source.
- Residency status – Most credit card providers require you to be a permanent resident or citizen, but there are some options if you are a temporary resident with a valid visa.
- Income – Depending on the card you are applying for, some may have minimum income requirements ranging from $15,000 to upwards of $500,000.
- Credit history – For most credit cards, you need to have a good credit history to qualify. If you have little or no credit, you can apply for secured credit cards.
Personal Information Needed
Common forms of personal information requested include:
- Personal information, such as your name and date of birth
- Citizenship status
- Social Security number, or Individual Taxpayer Identification Number (ITIN) if you do not have an SSN
- Residential address
- Contact information, including email and phone number
Opening a Credit Card in Someone Else’s Name
To put it simply, opening a credit card in someone else’s name is illegal.
If you use another person’s personal information to apply for and receive a credit card, you are committing identity theft. Even if your application gets approved, it was done under falsified data, making it a crime. Depending on the state you live in and the amount of credit used, you could get charged for a misdemeanor or felony, which is punishable with a fine and possibly prison time. If you get charged with a felony, sometimes the minimum jail sense may range from 1-3 years.
The workaround would be to open a joint account with another person or add them as an authorized user to your account. Typically, credit card issuers will not allow you to add a joint account holder if the account already exists.
How Identity Theft Works
Depending on what information gets stolen, you may have different repercussions to deal with.
Assuming Only Your SSN Gets Stolen
Your social security number by itself is useless. The only information that it provides is the year and location of issuance. If your SSN was issued before June 2011, this information can get accessed from the High Group List. However, if it was issued after, it will not be available on the HGL because of the new SSN randomization that the Social Security Administration (SSA) implemented for additional security.
In the past, anyone could check if an SSN holder was deceased because the SSA published monthly Death Master Files (DMF) to prevent fraud. Available information included the holder’s name, date of birth and death, last known zip code, and proof code. However, nowadays, this information is only published a year or two after the holder has passed away to prevent criminals from taking advantage of the DMF.
Assuming Other Data Gets Stolen
Similar to criminal profilers, once data thieves have a lead, they can always find more information with a bit of social engineering. For example, if a data thief has your name and SSN, they can file taxes on your behalf with the IRS and request a debit card with your tax refunds.
With your name and SSN, they can also find your home address through the High Group List or your social media. There are also many websites with public consumer data that anyone can access with a few bucks per report, which can include your name, date of birth, address history, phone numbers, etc. Armed with all this information, data thieves can then create real IDs, apply for credit cards, take out loans, etc., all in your name.
Ways Your Identity Can Get Stolen
Identity theft is getting increasingly complex and sometimes may be out of our control. An identity thief can steal our wallets, purses, or mail containing sensitive financial information. If you log on to an unsecured website or respond to phishing calls, texts, or emails, your info can get stolen. If you throw away your mail with your personal data, someone can rummage through your trash and steal your data.
Opening a line of credit is more difficult compared to opening a checking or banking account. To open a line of credit, an identity thief would need all your personal information and prove your residency or phone number, although some creditors may fail to conduct due diligence.
Ways to Identify When Someone Has Opened a Credit Card Account In Your Name
There are a couple of steps you can take to figure out if someone has opened a credit card account or loan in your name. The first step is to pull your credit reports through all three major credit bureaus – Experian, Equifax, and TransUnion. Once you have access, look over each report in detail to ensure all the information is correct. If you do not recognize an account, you should report it right away and dispute any incorrect info and errors.
Reporting Identity Theft
If you do not recognize an account on your credit reports, there are a few possible explanations:
- You forgot that you opened the account.
- Your account got mixed up with someone else’s.
- You are a victim of fraud.
For the third situation, you will need to take a few steps for damage control.
Contact the Credit Card Issuer’s Fraud Department
The first step you should take is to go to the credit card issuer’s website and find their contact information to notify their fraud department directly. That way, you can avoid any phishing scams from fake numbers or emails. Depending on how much info was accessed, make sure to keep records of what gets discussed. As the issuer sorts everything out, ask them to close all compromised accounts, or at least put them on hold or freeze new charges. Additionally, change all the logins and passwords on online accounts that may have been affected.
File an Identity Theft Report
Next, file an identity theft report with the Federal Trade Commission (FTC), attorney general, and Social Security Administration (SSA) to help you document the issue and potentially get a free credit freeze. Once you file a report, the FTC will work with you to create a recovery plan and put it into action. However, they will require you to file a police report as well to take action.
Dispute Fraudulent Information With the Credit Bureaus
After you have reported the fraudulent activity to the credit card issuer and police, you should dispute the info with the credit bureaus as fraudulent accounts can negatively impact your credit scores. Be sure to note what info is fraudulent, and include any documentation received from the credit card issuer.
You will need to dispute your info on Experian, Transunion, and Equifax on their respective websites. Once they receive your dispute, they will verify the data with the credit card issuer and take action once the investigation is complete. Keep in mind that they might resist your requests to correct the info, but keep fighting and lawyer up if needed!
Additionally, place a fraud alert on your credit reports, which is available for free for one year. The contact info for each credit bureau is:
- Experian.com: (888) 397-3742
- TransUnion.com: (888) 909-8872
- Equifax.com: (800) 685-1111
Impact on Credit From Identity Theft
If you are a victim of identity theft, you may face several hurdles. Depending on what the identity thieves did with your info, your credit score can take a hit, and you may end up with financial losses. The FTC states that your liability for fraudulent charges on your credit cards is limited to $50. But, if you report them more than 60 days after you received your bank statement, you could face unlimited liability for changes made with your debit or credit card.
10 Steps to Protect Yourself
The best-case scenario is to prevent people from stealing your personal info. We will cover ten steps you can take to protect your privacy.
1. Review Your Credit Regularly
Review your credit reports regularly by requesting a free copy from AnnualCreditReport.com. When you review your accounts, confirm that the dates your accounts were opened are correct and that all your records match up. You are entitled to one free copy from each of the three credit agencies we mentioned earlier every 12 months, plus an additional copy if you request a fraud alert.
2. Consider a Credit Freeze or Extended Fraud Alert
If you start noticing signs of identity theft, you have two options.
Your first option is to set up a one-year initial fraud alert with one of your credit bureaus, which will appear on your credit report for 90 days. Once you set that up, they will notify the other agencies. If you want long-term protection, you can set up an extended fraud alert, which lasts 7 years. However, this requires a copy of the incident report you filed.
Alternatively, you can set up a credit freeze with each credit bureau to prevent others from opening new accounts in your name until you unfreeze your reports. Before taking this step, keep in mind you can also get prevented from applying for credit if you take this route.
3. Get Credit Monitoring
Most banks offer credit monitoring for a small monthly fee. While this will not stop someone from using your info to apply for credit, it will alert you when that happens, allowing you to resolve the issue quickly. There are also identity theft protection companies, such as Identity Guard, IdentityForce, and IdentityIQ, that will oversee your credit reports and monitor signs of fraud for a monthly or annual fee. Additionally, some also offer identity theft insurance if you suffer any financial losses or need assistance restoring your identity.
4. Get an Identity Protection PIN (IP PIN) From the IRS
To prevent people from filing taxes on your behalf and taking your refund, set up an identity protection PIN with the IRS. If you ever forget your PIN, visit your local taxation office to reset it.
5. Do Not Opt-in to Consumer Databases
Consumer data is data companies collect from you whenever you purchase goods or services from them or subscribe to their mailing list. People typically buy this type of consumer data in bulk, put them all on a mailing list, and then spam everyone either through email, text, phone calls, etc.
Your profile likely has tons of metrics, especially if you are active on social media. For example, your Facebook profile can show your name, workplace, phone number, date of birth, location, schools attended, political affiliation, interests, etc., and that is just the tip of the iceberg! So, whenever you use these types of services, read the privacy policy and limit what information you allow others to see.
6. Choose to Opt-out
Most websites that sell consumer data give you the option to opt out of their databases. Recently, Apple introduced a new iOS feature that allows users to opt-out of ad-tracking on apps, such as Facebook, Snapchat, and other social media platforms. If you do not see an option to opt-out, you can request an opt-out by sending the websites a letter through the mail and escalating if needed with a lawyer. However, one issue you might run into during this process is the sheer volume of services that do this.
7. Do Not Give Out Unnecessary Info
Before giving out your SSN to service providers, such as your doctor’s office or other healthcare facilities, ask why they need that info. You are not obligated to provide your SSN to them. If they are not able to explain why they need it, leave that section blank. Legally, the IRS is the only agency that can require your SSN.
8. Expunge Your Criminal Records
Anyone who wants to search for criminal conviction records can find that info because it is publicly available. When you request to expunge a conviction, you can alter your record by either removing it or diminishing your offenses. Most courts will offer this service for free or at a low cost depending on how old the record is.
Background check companies regularly scrape data from county courthouse websites to gather this data. Once you expunge your records, you can sue anyone who does not remove the records from their website, but you will need to give a 2-week notice beforehand.
9. Move Out of States That Sell Your Data
Currently, California, Virginia, and Colorado are the only states with comprehensive consumer privacy laws, although Virginia’s Consumer Data Protection Act (VCDPA) has gotten heavily scrutinized for its lack of civil-rights protections. While several states are drafting their own, other states are selling as much residential info as possible to private companies for a profit. For example, Florida sells all sorts of consumer data, including hunting licenses, driver’s licenses, fishing licenses, voter registration records, criminal records, etc.
If you are a registered voter, chances are your voter registration data is publicly accessible, including your name, phone number, address, date of birth, and party affiliation. Some states give this data out for free, while others have sold them in bulk. For example, Ohio has a free voter lookup database if you know the person’s full name and county of residence.
10. Use Technology
Make it difficult for hackers and thieves to access your info by using technology to your advantage. For example, if you have mobile banking, set up multi-factor authentication where possible and set up alerts for purchases. Install antivirus software on all personal devices. If you regularly use the Internet, install ad blockers on your browsers. If privacy is a concern, avoid using Google. For example, currently, I have AdBlock, AdblockPlus, and Ghostery installed on my Google Chrome. I also regularly scan my laptop for viruses and use DuckDuckGo as my search engine.
The Bottom Line
While identity theft may not be at the top of your mind, if you are not careful, an identity theft situation gone wrong can quickly cause serious problems. Start proactively taking charge of your data to make it more difficult for others to access your information, whether it’s setting up multi-factor authentication for apps with sensitive data, rejecting spam calls, limiting what you put on social media, etc. The more measures you put in place today, the fewer headaches you will have in the future.