Warning signs of identity theft

1. Suspicious transactions on your bank account or credit card 

Unknown activity in your bank account or on your credit card may signal identity theft. Thieves often make small transactions first to test if the account is active before going for larger amounts, so even tiny charges deserve your attention.

Watch for these specific warning signs:

• Unfamiliar small “test” charges like $0.50 or $1.00.
• Purchases from merchants you don’t recognize.
• Transactions in foreign currencies you didn’t authorize.
• Recurring subscriptions you never signed up for.
• ATM withdrawals you didn’t make.
• Duplicate charges for the same purchase.
• Unauthorized loans in your name.

Contact your bank or credit card company immediately if you spot any unauthorized activity, no matter how small. The sooner you report it, the better your chances of limiting the damage.

If you’re concerned about what someone can do with your bank account number, know that they could make unauthorized purchases, set up fraudulent transfers, or even drain your account — which is why quick action matters.

2. Surprise drops in credit score 

A sudden credit score drop with no clear reason is a clear red flag for identity theft, especially if the drop doesn’t align with your recent financial behavior — like you haven’t missed payments or maxed out your cards. Any unexpected credit score drop or fluctuation can signal someone is using your identity and taking your score as a result.

A lot of identity theft cases involve thieves taking out loans or opening credit cards in the victim’s name. The real damage to the credit score happens when they stop making payments on those accounts. Missed or late payments are reported to credit bureaus, and since payment history is the biggest factor in calculating the credit score, even one missed payment can cause a significant drop.

Check your credit report regularly to spot unfamiliar accounts or inquiries before they tank your score. Credit monitoring can help by alerting you to changes as they happen, giving you a chance to act before the damage spreads.

3. Unusual activity in your Social Security account 

Your Social Security number is the prime target for identity thieves because it’s used to verify your identity for jobs, loans, and government benefits. If someone gets hold of it, they can commit fraud under your name or even use it for synthetic identity theft, which involves combining your real SSN with fake information to create a new identity.

We recommend checking your Social Security account regularly for these red flags:

• Income showing up on your statement from companies you’ve never worked for.
• Your contact details, direct deposit info, or mailing address changed without your knowledge.
• Getting locked out when trying to set up an account because someone already created one using your SSN.
• Your earnings record shows amounts that don’t match what you actually earned.
• Letters from the SSA about benefits you never applied for.
• Your monthly benefit payment suddenly changes for no clear reason.

If you spot any of these warning signs, contact the SSA and your bank immediately.

To avoid being caught off guard when the damage is already done, you can use a service that monitors your SSN 24/7 and alerts you when your Social Security number is detected on the dark web — so you can take action to protect your credit and accounts. 

For an in-depth look into the topic and practical tips, check out our article on how to protect your SSN.  

4. Calls from debt collectors 

Getting contacted by a debt collector about a debt you don’t recognize is one of the warning signs of identity theft. It usually means someone opened an account in your name, ran up charges, and stopped paying. You’re then left to deal with collectors months later.

Before engaging, verify the collector is legitimate. Scammers often pose as collection agencies to steal your information. Ask for the agency’s name, address, and original creditor, then look them up yourself.

If the debt collector is real and you’re being held responsible for a debt you didn’t authorize, take these steps immediately:

• Check your credit report for unfamiliar collections or credit accounts.
• Tell the collector you’re a victim of identity theft and request debt verification.
• File a report with the Federal Trade Commission at IdentityTheft.gov.
• Dispute the fraudulent debt with the credit bureaus.

Debt collection calls are often a late sign that identity theft has been happening for a while, so act quickly to limit the damage.

5. Getting denied for loans or credit cards 

If you have good credit and suddenly get denied for a loan or credit card, identity theft could be the reason. When lenders reject your application, they’re required to send an adverse action letter explaining why. These letters are where you might spot the signs of identity theft.

Watch for these red flags in denial letters:

• Reasons that don’t match your financial situation (like “too many open accounts” when you only have two).
• Being offered significantly worse terms or higher interest rates than expected.
• Denial for a rental application or unexpectedly high security deposit requirements.

Even if the denial reason sounds believable, check your credit report for unfamiliar accounts, unexpected delinquencies, or collections you don’t recognize. An identity thief may have opened accounts in your name and stopped making payments, damaging your credit without your knowledge. If you spot anything suspicious, dispute it with the credit bureaus immediately.

6. Having your tax return rejected

If you try to file your tax return and it gets rejected because one was already filed under your Social Security number, that’s a strong sign of tax-related identity theft. Tax fraudsters file fake returns using stolen identities to claim refunds before the real taxpayer even knows what happened.

Beware of these warning signs:

• Finding out someone already submitted a tax return in your name this tax season.
• Getting tax forms showing wages from jobs at companies you were never employed at.
• Receiving a tax transcript that you never asked for.
• The IRS contacting you about more than one return submitted under your SSN.
• Your expected refund amount suddenly doesn’t match what the IRS has on file.

If your return is rejected or you notice any of these issues, contact the IRS immediately and complete Form 14039 (Identity Theft Affidavit). The IRS has a specific process for helping victims of tax identity theft, so don’t wait. Acting quickly can help you get your refund and clear up your records.

7. Missing mail or bills

If your regular bills and bank statements suddenly stop showing up in your mailbox, it could mean an identity thief has redirected your mail. Thieves submit fraudulent change-of-address requests to intercept financial documents, credit card offers, and account statements. This way they gain access to your personal information and account details.

Pay attention if you notice a noticeable gap in your mail delivery, especially when it comes to financial statements or bills that normally arrive like clockwork. You might also get a notification from the post office about a change-of-address request you didn’t submit, or find that important documents like bank statements, credit card bills, or tax forms simply never arrive.

If you suspect your mail has been stolen or redirected, report the fraud to the U.S. Postal Inspection Service immediately. Also check your credit report for unfamiliar accounts and notify your financial institutions so they can secure your accounts and send statements to the correct address.

8. Notifications about new credit cards or accounts you didn’t open 

Receiving welcome letters, credit cards, or account statements for accounts you never applied for is a clear sign someone is opening new accounts in your name. This is one of the most direct warning signs of identity theft — it means a thief already has enough of your personal information to pass credit checks and verification processes. You might already have new credit accounts in your name, opened without your knowledge. To get the issue under control as soon as possible, you should watch for these red flags:

• Welcome letters, cards, or PINs arriving in the mail for accounts you never applied for.
• Statements from unfamiliar banks, lenders, or retail stores.
• Email confirmations for new account registrations you didn’t initiate.
• Utility or phone service accounts opened in your name at addresses where you don’t live.
• Notifications about credit limit increases or account changes for accounts you don’t recognize.

Don’t ignore these notifications, even if they appear to be junk mail. Contact the company immediately to report the fraudulent account and request they close it. 

You should also check your credit report to see if other unauthorized accounts have been opened, and consider placing a fraud alert or credit freeze to prevent additional accounts from being opened in your name.

9. Unfamiliar inquiries on your credit report

Finding inquiries on your credit report from lenders or companies you never contacted is a red flag that someone might have applied for credit using your personally identifiable information. These hard inquiries show up when a business checks your credit as part of a loan or credit card application, so if you didn’t apply for any — it’s a sign of identity theft.

This is what you should pay attention to when reviewing your credit report:

• Credit checks from banks, car dealerships, or credit card issuers you don’t recognize.
• A cluster of credit pulls happening close together. This suggests someone is applying for multiple accounts in your name.
• Hard inquiries from businesses located in places you’ve never lived at or visited.
• Credit checks for products you’ve never used, like financing for a motorcycle when you don’t ride or a store card from a retailer you’ve never shopped at.

Checking your credit report regularly is one way to catch unauthorized activity early. Learning how to spot identity theft by looking at the personal section of your credit report can also help — verify that your name, address, and employment information are correct because errors there can signal that someone is mixing your information with theirs.

If you spot unfamiliar inquiries, contact the lender listed to confirm you didn’t apply for credit. You can also dispute unauthorized inquiries with the credit bureaus and file an identity theft report with the FTC at IdentityTheft.gov.

10. Medical bills from doctors you never visited

Receiving medical bills or insurance statements for services you never received is a sign of medical identity theft. Someone may be using your name and insurance information to get medical care, prescriptions, or treatments, sticking you with the bills and potentially corrupting your medical records.

These signs typically indicate medical identity theft:

• Your Explanation of Benefits (EOB) shows surgeries, lab tests, or doctor visits you never had.
• You’re getting billed by healthcare providers or medical facilities you’ve never been to.
• Pharmacies are filling medications under your name that you didn’t order.
• Your medical file contains health conditions, allergies, or past treatments that don’t belong to you.

Review your EOB statements carefully every time you receive them. If you spot unfamiliar charges or procedures, contact your insurance company immediately to report the fraud. Also request a copy of your medical records to check for inaccurate information that could affect your future care or coverage.

11. Health insurance benefits maxed out unexpectedly

Getting a notice from your insurance company that you’ve reached your benefit limit when you’ve barely used your coverage is another strong warning sign of medical identity theft. It means someone has been using your insurance to rack up expenses. This means you could be left without coverage when you need it.

Watch for the following:

• You receive insurance claims from hospitals or clinics you’ve never been treated at.
• Your premiums suddenly go up because of claims you never made.
• Your insurance denies coverage because your contaminated health records now show a pre-existing condition you don’t actually have.

Contact your insurance company immediately to dispute fraudulent claims and request a detailed list of services billed under your policy. File a complaint with the FTC and review your medical records to make sure they haven’t been mixed with someone else’s information.

12. Getting data breach notifications 

Receiving an email or letter notifying you that your personal information was exposed in a data breach is a direct warning that your data may end up in the hands of identity thieves. Companies are required to notify affected customers when breaches occur, and these alerts tell you what information was compromised, like your name, email, passwords, Social Security number, or credit card details.

Don’t ignore these notifications. Criminals could sell your stolen information on the dark web or use it to commit fraud weeks or months later. Take immediate action by changing passwords for the affected accounts and any others where you used the same login credentials.

If your Social Security number or financial information was exposed in a breach, monitor your credit reports closely for unfamiliar accounts or inquiries, and consider placing a fraud alert or credit freeze to prevent thieves from opening new accounts in your name.

13. Suspicious login alerts from your accounts

Getting alerts about logins or account changes you didn’t make is a sign that someone may have accessed your accounts. These notifications are your early warning that an identity thief could be trying to take over your email, banking, or social media accounts.

Pay attention to these red flags:

• Alerts saying someone logged in to your account from a device you don’t recognize, a browser you don’t use, or a city you’re not in.
• Password reset emails showing up in your inbox when you didn’t ask for one, especially for your bank or email.
• Getting locked out of your account because someone else tried the wrong password too many times.
• Notifications saying your recovery email, phone number, or security questions were updated without your knowledge.

If you get any of these alerts, change your password immediately and enable two-factor authentication. Then, contact the company’s support team to report the suspicious access and secure your account.

What to do if you’re a victim of identity theft

Discovering your identity has been stolen can be overwhelming, but acting quickly helps limit the damage. Here’s what to do if your identity is stolen:

Step 1: Report identity theft to the FTC 

To report identity theft, contact the FTC at IdentityTheft.gov or call 1-877-438-4338. The FTC will create a personalized recovery plan and provide an official Identity Theft Report you can use when dealing with creditors and credit bureaus.

Step 2: Contact your bank and creditors 

Notify your bank about any unauthorized transactions and ask them to freeze affected accounts. Contact credit card companies to close or freeze any compromised cards. If fraudulent accounts were opened in your name, contact those companies to report the fraud and close the accounts.

Step 3: Freeze your credit or place a fraud alert

A credit freeze blocks access to your credit reports, which prevents thieves from opening new accounts in your name. To freeze your credit, contact Experian, TransUnion, and Equifax individually — it’s free. Alternatively, you can place a fraud alert, which requires lenders to verify your identity before approving new credit. A fraud alert is easier to set up (one call alerts all three bureaus) but less restrictive than a freeze.

Step 4: Check your credit reports for fraudulent activity 

Review your credit reports from all three bureaus for unfamiliar accounts, inquiries, or incorrect personal information. Dispute any fraudulent entries with the credit bureaus.

Step 5: Change your passwords and enable two-factor authentication 

Update passwords for all important accounts, especially email, banking, and any accounts that were compromised. Use strong, unique passwords and turn on two-factor authentication wherever possible.

Step 6: Monitor your accounts closely 

Keep a close eye on your bank statements, credit reports, and account activity for signs of ongoing fraud. Consider using credit monitoring or identity theft protection services for ongoing alerts.

How to protect yourself from identity theft

You can’t eliminate the risk of identity theft completely, but you can significantly reduce it by taking the right precautions:

1. Use strong passwords and two-factor authentication. Weak passwords make it easy for thieves to access your accounts. Create strong, unique passwords for each account and enable two-factor authentication wherever possible to add an extra layer of security.
2. Monitor your credit reports regularly. Check your credit reports from the major credit bureaus at least once a year to spot unfamiliar accounts or inquiries early. Regular monitoring helps you catch identity theft before it causes serious damage.
3. Watch out for phishing scams. Be suspicious of emails and messages from unfamiliar senders that create urgency, ask for sensitive information, or contain links. Learn how to spot a phishing email and never click on suspicious links.
4. Use identity theft protection services. One of the best ways to safeguard yourself is by using identity theft protection and cyberattack insurance services such as Coveron. With Coveron, you can track your credit activity and score, safeguard your information with 24/7 dark web monitoring, and even receive reimbursement for identity theft recovery costs. If you’d like to learn more, you can also take a look at our guide on why it is important to have identity theft protection.
5. Secure physical documents. Keep passports, Social Security cards, tax forms, and financial statements in a locked drawer or safe, and shred documents you no longer need.
6. Remove your data from data broker sites. Data brokers collect and sell your personal information, making it easier for identity thieves to target you. Consider using a personal data removal service like Incogni to delete your information from these sites and reduce your exposure.

Even with these protections in place, identity thieves are constantly finding new ways to steal personal information. Understanding how they operate can help you stay one step ahead.

How do identity thieves get your information?

To steal your information, identity thieves often target the weakest links in your digital and physical security. Their common methods include:

• Phishing scams. Thieves send fraudulent emails, texts, or calls that trick you into revealing passwords, Social Security numbers, or credit card details.
• Data breaches. Hackers break into companies’ databases and steal customer information like names, addresses, and financial data.
• Malware and spyware. Criminals install malicious software on your device that captures passwords, banking information, and other sensitive data.
• Physical theft. Thieves steal wallets, mail, or documents containing your personal information.
• Public Wi-Fi snooping. Criminals intercept data you send over unsecured networks.
• Social engineering. Scammers manipulate people into giving up confidential information through pretexting or impersonation.

Most victims unknowingly hand over their information by clicking on suspicious links or opening fraudulent attachments. By staying careful online and using identity theft protection services, you can detect threats early and reduce the damage if your information gets compromised.