Skip to main content

How to check if your identity has been stolen

(Image credit: Pixabay)

After years of increasingly sophisticated hacks, massive data breaches and huge payouts via fines and lawsuits, you might think that companies would've worked super-hard to deliver the security your personal details deserve. But no – in reality, there were more problems than ever in 2019.

Marriott announced up to 383 million guests' records had been compromised, for instance, including some credit card and passport details. A hacker accessed 106 million Capital One credit card applications, with names, addresses and phone numbers. 27.8 million biometric records containing usernames, passwords, personal information, images, fingerprint data and more were found to be easily accessible. And there were plenty more such incidents, most of them leaving those affected at serious risk of identity theft.

The results of which could be a disaster, as hackers might use your details to steal your money, take out credit cards and loans in your name, redirect your mail or find even more inventive ways of ripping you off.

While there's nothing you can do to prevent an attack on a company that holds your financial and other sensitive data, there are some simple precautionary steps that you can take to ensure your financial security.

Getting yourself kitted out with identity theft protection is an obvious first step in the battle for security, and our recommended number one provider is Identity Force:

One of the most effective ways to safeguard yourself against fraud is to use different and secure passwords on all your web accounts. But how do you find out if you've already been subject to identity theft? Well, we'd suggest taking a look at the pointers we've listed below.

1. Don't ignore odd problems with your web accounts

Identity thieves often start small. If one username and password has been exposed in a breach, they might try logging in to multiple other services with the same details, just to see what works. Often there's no sign they've done this, but sometimes there are indicators that something is wrong.

You might get an email saying your account has been accessed from a new device or location, for instance. Your web dashboard could have a 'last logged in' date you don't recognize. If a web service says you mustn't share your login details, it might close your account if it detects you and the hacker trying to log in at the same time.

It's tempting to ignore strange issues with a web service, and assume it's some glitch that will be fixed soon, but don't: it could be the first sign of identity theft. If something seems different, taking a couple of minutes to figure it out could save you months or even years of pain later.

2. Check your bank account and credit card statements

Credit cards

(Image credit: Pexels)

Monitor all your bank and credit card statements regularly. That might sound tedious, but as you get familiar with your regular spending, you'll find it easy to quickly scan through the payments and spot anything out of the ordinary.

Look out for transactions you don't recall making, or amounts that seem unusual. Even tiny payments might be a sign of trouble, as they could indicate an attacker making test purchases to see if they're successful.

If you find a vendor name you don't recognize, search recent emails for possible clues. You might think you've just spent $100 on a plan with AmazingVPN.com, but maybe its payments are taken by BigHoldingCompany.com, and that's the name you'll see on any statements. Checking email receipts should tell you more.

Paying this much attention to your finances has all kinds of benefits. Company A not refunded a payment, say? Company B still taking monthly cash when you cancelled your plan? You'll notice right away.

If you see any other suspicious activity, contact the bank or credit card company and report it immediately.

And whatever the eventual verdict, if you have the tiniest concern over any account, immediately change your password. If possible, also set up two-factor authentication to enhance the security of your accounts.

3. Run a free credit report

The major credit reporting companies, including Experian and Equifax, offer free credit checks, and in the US you are entitled to one every 12 months. Financial experts recommend that you run a credit report every four months, however, so you may have to incur some fees to protect yourself from threats – but you might consider it a small price to pay compared to the inconvenience and loss it could save you.

If your first credit score seems low, it's possible that your identity has been stolen. Check the report for information on any credit cards, loans or other financial details, and if there's any information you think is inaccurate, get in contact with the credit bureau and let them know where you think the problems are.

As you get subsequent credit reports, look out for any change in score that doesn't match with your real-life circumstances. A sudden drop in score could make sense if you've recently taken out five new credit cards and spent up to your limit, for instance. But if you haven't, if nothing has changed from your point of view, that could be a sign of problems. Check the detail of the report for possible explanations and contact the bureau if you're not satisfied.

4. Pay attention to your email and post

(Image credit: Startup Stock Photos / Pixabay)

If you're the type of person who pays all of their bills online, relying on digital reminders to let you know when a payment is due, you might be quick to toss any physical bills you receive in the trash. Likewise, it's common to write off your bills as junk mail when they’re sitting in your inbox. If that's your routine, change it. Be conscious of the emails and physical bills that you receive and, more importantly, those you don’t receive.

If someone steals your identity you might start seeing a lot less mail – email or otherwise – because the thief is having it delivered to a different address. There's a lot to lose when someone gets hold of your mail, so make sure you get in touch with anyone you should be getting mail from, but aren't, and verify your addresses, both residential and email.

Furthermore, if you start receiving mail that doesn't belong to you, that could also be an early warning sign of fraud. Perhaps the identity thief wasn’t so clever when applying for a credit card in your name, leading to mail showing up that was intended for a fictionalized version of you rather than the actual you. This should raise some concerns, which you should be able to resolve by reporting it to the credit card company that it came from.