Skip to main content

How to check if your identity has been stolen

(Image credit: Pixabay)

After years of increasingly sophisticated hacks, massive data breaches, and huge payouts via fines and lawsuits, you might think that companies would've worked super hard to deliver better security for their clients. But unfortunately, this still isn't the case.

In recent years, Marriott announced that up to 383 million guests' records had been compromised, including some credit card and passport details. A hacker accessed 106 million Capital One credit card applications with names, addresses, and phone numbers. In addition, 27.8 million biometric records (opens in new tab) containing usernames, passwords, personal information, images, fingerprint data, and more were easily accessible. And there were plenty more such incidents, most of them leaving those affected at severe risk of identity theft (opens in new tab).

The results could be a disaster, as hackers might use your details to steal your money, take out credit cards and loans in your name, redirect your mail or find even more inventive ways of ripping you off.

While there's nothing you can do to prevent an attack on a company that holds your financial and other sensitive data, there are some simple precautionary steps that you can take to ensure your financial security.

Getting yourself kitted out with identity theft protection is an obvious first step in the battle for security, and our recommended number one provider is Identity Force:

One of the most effective ways to safeguard yourself against fraud is to use different and secure passwords on all your web accounts. But how do you discover if you've already been subject to identity theft? Well, we suggest looking at the pointers listed below.

1. Don't ignore odd problems with your web accounts

Identity thieves often start small. For example, if one username and password has been exposed in a breach, they might try logging in to other services using the exact details to see what works. Often there's no sign they've done this, but sometimes there are indicators that something is wrong.

For instance, you might get an email saying your account has been accessed from a new device or location. Your web dashboard could have a 'last logged in' date you don't recognize. If a web service says you mustn't share your login details, it might close your account if it detects you and the hacker trying to log in simultaneously.

It's tempting to ignore strange issues with a web service and assume it's some glitch that will be fixed soon, but don't: it could be the first sign of identity theft. On the other hand, if something seems different, taking a couple of minutes to figure it out could save you months or even years of pain later.

2. Check your bank account and credit card statements

Credit cards

(Image credit: Pexels)

Monitor all your bank and credit card statements regularly. That might sound tedious, but as you get familiar with your regular spending, you'll find it easy to quickly scan through the payments and spot anything out of the ordinary.

Look out for transactions you don't recall making or amounts that seem unusual. Even small payments might signal trouble, as they could indicate an attacker making test purchases to see if they're successful.

Search recent emails for possible clues if you find a vendor name you don't recognize. You might think you've just spent $100 on a plan with AmazingVPN.com, but maybe its payments are taken by BigHoldingCompany.com, and that's the name you'll see on any statements. Checking email receipts should tell you more.

Paying this much attention to your finances has all kinds of benefits. Company A did not refund a payment, say? Company B still taking monthly cash when you cancelled your plan? You'll notice right away.

If you see any other suspicious activity, contact the bank or credit card company and report it immediately.

And whatever the eventual verdict, if you have the tiniest concern over any account, immediately change your password. If possible, also set up two-factor authentication to enhance the security of your accounts.

3. Run a free credit report

The major credit reporting companies, including Experian and Equifax, offer free credit checks, and in the US, you are entitled to one every 12 months. However, financial experts recommend you run a credit report every four months. However, you may have to incur some fees to protect yourself from threats – but you might consider it a small price compared to the inconvenience and loss it could save you.

If your first credit score seems low, your identity may have been stolen. First, check the report for information on any credit cards, loans, or other financial details. If there's any information you think is inaccurate, contact the credit bureau and let them know where you think the problems are.

As you get subsequent credit reports, look for any change in score that doesn't match your real-life circumstances. A sudden drop in score could make sense if you've recently taken out five new credit cards and spent up to your limit, for instance. But if you haven't, if nothing has changed from your point of view, that could be a sign of problems. Again, check the detail of the report for possible explanations and contact the bureau if you're not satisfied.

4. Pay attention to your email and post

(Image credit: Startup Stock Photos / Pixabay)

If you're the type of person who pays all of their bills online, relying on digital reminders to let you know when a payment is due, you might be quick to toss any physical statements you receive in the trash. Likewise, writing off your bills as junk mail is common when they're sitting in your inbox. If that's your routine, change it. Be conscious of the emails and physical bills you receive and, more importantly, those you don't receive.

If someone steals your identity, you might start seeing a lot less mail – email or otherwise – because the thief is having it delivered to a different address. When someone gets your mail, there's a lot to lose, so make sure you get in touch with anyone you should be getting mail from but aren't and verify your residential addresses and email addresses.

Furthermore, if you start receiving mail that doesn't belong to you, that could also be an early warning sign of fraud. For example, perhaps the identity thief wasn't so clever when applying for a credit card in your name, leading to mail showing up that was intended for a fictionalized version of you rather than the actual you. This should raise some concerns, which you should be able to resolve by reporting to the credit card company from which it came.

Gabe has been writing about video games and technology since he was 16 years old. Currently serving as a Contributing Editor & Producer for TechRadar, where he keeps articles fresh and up to date on the reg, you may recognize his byline from Digital Trends, TechSpot and Kotaku UK. He can't tell if his adoration of Sonic the Hedgehog is genuine or ironic anymore.