Over on CreditSesame.com, Kimberly Rotter wrote a tips article, “5 Steps to Take Immediately If You’ve Been a Victim of Identity Theft.” The article was also reproduced on Lifehacker. To briefly summarize the article, it lists some examples of identity theft and then recommends the following five actions (with additional info on each of the following):
1. Put a security freeze on your credit report with all three credit reporting agencies.
2. Contact any institution directly affected.
3. Contact the Federal Trade Commission (FTC) to file an Identity Theft Affidavit and create an Identity Theft Report.
4. File a police report.
5. Protect your social security number.
But is that good advice? The folks over at ID Experts didn’t think so and reached out to Lifehacker and their editors with a detailed response. They inform DataBreaches.net that Lifehacker did not respond to their detailed feedback, and so they reached out to this blog.
The following advice was written by one of ID Experts’ Recovery Advocates who is currently a Certified Identity Theft Risk Management Specialist and has been working on behalf of victims of identity theft since 2008. After disagreeing with some of the “common” examples Rotter provides of identity theft, Nikki Gordon writes (with some minor editing by DataBreaches.net):
The first step to take when you find out you’re a victim of identity theft is to place a fraud alert on your credit files. A fraud alert notifies the credit bureaus that your information has been compromised and allows you access to your credit reports for free to review them for any signs of fraudulent information. A security freeze (which Rotter had recommended) does not; and under the law for identity theft victims, you have to furnish your police report information in order to place the freeze for free. Advising individuals to place a freeze first would require them to pay for what they can get for free by filing a police report first. Furthermore, placing a security freeze does not allow you to get free copies of your credit reports while placing a fraud alert does. When someone is truly a victim, it is very important for him or her to review all 3 credit reports in order to identify any fraudulent information reporting. Rotter also states that people can dispute information on their credit files online, which is not fully accurate. Sometimes limited information can be disputed online, however, whenever you dispute something and list “identity theft” as the reason, you are directed to mail in a written dispute. And you cannot dispute hard inquiries online – which is sometimes the only fraud that reports for individuals lucky enough to catch the situation early.
The second step to take is to notify any creditor where identity theft has occurred. If your checkbook is stolen, you’re not actually a victim of identity theft. You may have information that’s become compromised, but this does not constitute becoming a victim of identity theft. Should you receive notice from a creditor or bank that an application has been submitted in your name or receive a card in the mail, you DO want to contact the institution immediately to alert them that the account is fraudulent and have it closed. This will begin the official investigation into the fraud that occurred under your personally identifying information. If your credit card or credit card number is stolen, you should (as Rotter also advised) notify the institution to have the affected account closed and dispute any charges that are not legitimate. But, once more, having your credit card stolen does not make you a victim of identity theft, just a victim of financial fraud. Keeping a list of what’s in your wallet is helpful if your wallet gets stolen, but won’t do much to help you if you learn you’re a victim of identity theft — it will help you if you lose your wallet though!
The third step to take is to file a police report. As a victim, it is your right to have a report filed and, when possible, get a copy of the report. Copies are not always available right away, so it is very important to take down the information about your report, such as the date it was filed, the report or incident number, the officer who took the report, and where you filed the report. This information can be input into an identity theft affidavit, which you can obtain through the FTC’s website. Most institutions will send their own version of a fraud and forgery affidavit for you to complete which also will ask for your police report information.
The fourth step to take after learning you are a victim of identity theft is to check your other accounts, banking, credit, etc. You will want to ensure that the thief has not attempted to gain access to your legitimate accounts if you know or suspect your full 9 digit Social Security Number was used to make you a victim. You should add passwords to your legitimate accounts to prevent the thieves from gaining access, and the passwords should be something arbitrary- not information easily come by such as what city you’re from. This is too easy for thieves to figure out when so many of us have that information at the top of our facebook pages.
The fifth step to take immediately after learning you are a victim of this crime is to contact any creditor you notice has placed a hard inquiry onto your credit files to find out if an application was submitted and notify the institution that application, or account if it was approved, is the result of fraud. This allows you to initiate the dispute/investigation process and ensure the creditor marks in their system the application was falsely submitted. You have the right to request the creditor issue you an inquiry removal letter too, which you can then include in your written disputes to the credit bureaus to have the fraudulent information removed. The fraud alert you placed in step 1 above is what enables you to review your credit reports from each of the three credit bureaus to know who to contact.
The other information Rotter’s article provides is sometimes relevant – but would not be the first steps to take after you learn you’ve fallen victim to this crime.
Thanks to ID Experts for sharing their advice. I hope none of my site visitors become victims of identity theft, but frankly, given how rampant the problem has become, I thought it important to provide some what-to-do tips in case you do become victims.
And if Ms. Rotter or others would like to respond to their advice or their criticisms of Ms. Rotter’s advice, you can use the Comments section below.
CORRECTION: A previous version of this post incorrectly reported that ID Experts had reached out to Ms. Rotter. They did not. They reached out to the Lifehacker’s article’s editor and their editor-in-chief. My apologies for the error.