ITRC Fact Sheet 102
Consumer Risk Test:  Are the Businesses You Frequent Exposing You to Identity Theft?

Do the businesses you frequent:

  • Conduct a criminal or civil background check before hiring employees who will have access to personal identifying information?
  • Provide cross-cut paper shredders at each workstation or cash register area or use a locked wastebasket and shredding company for the disposal of credit card slips, unwanted applications or documents, sensitive data or prescription forms?
  • Use an alternate number instead of Social Security Numbers (SSN) for employee, client and customer ID numbers?
  • Ever send out mail that includes your complete Social Security Number?
  • Require their health insurance providers to use an alternate number rather than the SSN for membership numbers on health insurance cards?
  • Have trained designated staff about security procedures in sending sensitive personal data by fax, email or telephone?
  • Keep sensitive information of consumers or employees on any item (timecards, badges, work schedules, licenses) out of view in public areas? This may include home addresses or phone numbers, SSN and driver’s license numbers.
  • Notify affected individuals in a timely manner in the event of a computer breach of a database that contains sensitive information?
  • Require any items for security (to get gaming equipment or a locker) that contain personal identifying information?  If the company does request a customer give them an item for security, is the item something other than a driver’s license, Social Security Card or other card with identifying information?
  • Place photos on employee identification cards or badges for better identification and security?
  • Keep all personal data about employees and customers in locked cabinets and out of public areas?
  • Encrypt or password protect all sensitive data stored on computers and allow access only on a “need-to-know” basis?
  • Train their employees in how to receive personal identifying information from customers and clients without jeopardizing client security?
  • Notify consumers and employees in advance as to the purposes of the data collection, to whom it will be distributed and the subsequent use after the fulfillment of the original purpose?
  • Ever ask for more data than absolutely necessary?  For example, a health club does not need a Social Security Number, nor does a veterinarian really need your driver’s license number.

Each item illustrates what businesses can do to reduce the risk of identity theft. It is your responsibility to be an aware consumer and select businesses according to how well they protect your identity.  The ITRC Center provides best practices consultations to companies upon request. Contact the ITRC at This email address is being protected from spambots. You need JavaScript enabled to view it..


This fact sheet should not be used in lieu of legal advice. Any requests to reproduce this material, other than by individual victims for their own use, should be directed to This email address is being protected from spambots. You need JavaScript enabled to view it..

ITRC Fact Sheet 101
Are You at Risk for Identity Theft?


  • I own a cross-cut shredder and use it regularly. (+8pts)
  • My shredder is near the trash can or in the office where most of my mail is sorted. (+5pts)
  • I shred all pre-approved credit offers I receive before putting them in the trash. (+5pts)
  • I shred all “convenience checks” or “balance forward checks” I receive from credit card companies before putting them in the trash. (+5pts)
  • I understand that thieves root around in my trash looking for credit/financial info. (+5pts)


  • I never carry my Social Security card in my wallet or purse. (+5pts)
  • I make sure that I have no other cards in my wallet or purse with my SSN on it. (+5pts)
  • I have a card with my SSN on it in my wallet or purse, but it is a copy and part of the SSN has been cut off. (+6pts)
  • I have my SSN or driver’s license number printed on my personal checks. (-7pts)
  • My SSN is my driver’s license number - I have made no effort to change that. (-8pts)
  • I make sure that my SSN is never publicly displayed or used at work or school, i.e. timecards, test scores, receipts, badges. (+5pts)


  • I use a locked, secured mailbox or P.O. Box to receive mail. (+5pts)
  • I never leave mail for pickup in an unlocked location at home or at work. (+5pts)
  • I always watch my surroundings for people who might be listening when giving out SSN or financial information. (+5pts)
  • I keep personal identifying information in a locked or protected area of my home; one that visitors can’t access. (+5pts)
  • I have ordered a copy of my free annual credit reports during the last year. (+8pts)


  • I keep an eye on my credit cards when they leave my hands to avoid skimming. (+5pts)
  • I do not respond to Internet scams and I also hang up on telephone solicitors. (+5pts)
  • Whenever I am asked to provide my SSN, I always ask how that information will be safeguarded and why it is necessary for them to have it in the first place. (+6pts)
  • I always use firewall(s) and current anti-virus software for any connection to the Internet. (+7pts)


Each one of these questions represents a possible risk factor or protection against ID theft.

Your score: ____________
Range: -15 to +100.

If you scored 85 – 100 consider yourself savvy about identity theft risks; continue your proactive steps.

If you scored 45 – 84 you need to consider your identity theft risk factors more closely and take some corrective actions.

If you scored below 45, you are at high risk of becoming this crime’s next victim! Please make the effort to become more informed about identity theft and the simple steps you can take to minimize your risk.


This fact sheet should not be used in lieu of legal advice. Any requests to reproduce this material, other than by individual victims for their own use, should be directed to This email address is being protected from spambots. You need JavaScript enabled to view it..

ITRC Fact Sheet 100A
More Complex Cases:  A supplement to ITRC Fact Sheet 100

This guide covers:


In addition to financial identity theft, there is also: criminal, governmental, medical and identity theft. Depending on the severity and complexity of your case there may be varying of difficulty in clearing your record. A stolen credit card is easier to resolve than clearing your name after someone fraudulently used your SSN to work and has filed for bankruptcy under your name. If at any time you need support or additional information, please contact the ITRC at 888-400-5530.

ITRC Fact Sheet 100A will give you a brief description and advice on the more difficult aspects of different types of identity theft. To read about each in more detail, please refer to the links under each category. We suggest you look over our victim assistance fact sheets and/or solutions for any that you may find helpful on other topics.

Someone Working Under Your Name: When someone is working as you, several types of problems may occur, on both the federal and state level. (Please see ITRC Solution 27). The first step is to contact the Social Security Administration and ask for a detailed non-certified copy of your work history. Click hereto download the application. Review the report carefully to see if there is anything suspicious such as work history in a state that you have never lived in.

Government Benefit Fraud: (this can be due to identity theft or simply clerical error)

  • Federal Benefit Fraud - This situation can occur due to clerical errors, stolen mail or identity theft. Speak to the duty agent of the Office of the Inspector General of the Social Security Administration. They will initiate an investigation. If you are aware of an older person, or someone who is deceased, having problems due the theft of Social Security benefits, the OIG will assist you. You may also talk with your elder abuse department of the local police department.
    • Benefit fraud has been growing in recent years. People believe they are applying for real grants or programs to receive funding and instead have given their information to a scam artist. Visit to find out more about legitimate government benefits programs and how to identify scams. If you believe you have given your information to a scam artist read ITRC Fact Sheet 123.
  • State or County Benefit Fraud - Most of these agencies have a fraud investigation unit. Talk with your case manager for a referral.
  • VA Benefits Fraud – Report all fraudulent activity to the Office of Inspector General for the VA
    • 1 (800) 488-8244 9am-4pm EST Monday - Friday
    • Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Unemployment – Each state has itsr own procedure for dealing with unemployment fraud. Speak with the unemployment office in question and report you are a victim of identity theft. You may need to submit to them documentation proving your identity such as a state ID or driver’s license. Make sure you include a copy of your police report in your package. Send all documents Certified Mail Return Receipt.
    • Some unemployment cases come from the thief obtaining a job using the victims information and they now wish to collect unemployment on that job. Please see ITRC Solution 27
  • Welfware/EBT - Each state has its own procedure for dealing with welfare fraud. Speak with the welfare/EBT office in question and report you are a victim of identity theft. You may need to submit to them documentation proving your identity such as a state ID or driver’s license. Make sure you include a copy of your police report in your packet. Send all documents Certified Mail Return Receipt.
    • If your benefits debit card is lost or stolen, report it to the welfare office immediatelyif funds are missing from your card. File a police report and report it to the welfare office immediately. If your deposit account is changed at all without your permission, report it to the welfare office immediately and file a police report.  Some states will refund some or all of any funds stolen if you report it in a timely manner. Others may not.
  • Social Security Benefits – File a police report for the fraudulent activity. Report fraud and identity theft to the Social Security Administration’s hotline at 800-269-0271 between 10am and 4pm EST or call their general line 800-772-1213. You can also fill out their online form at
  • Child Support – If you receive notice that you owe child support for a child who  is not yours, you need to act quickly. File a police report with your local police department. Contact the Child Support Office in question and/or the family court. Inform them you are a victim of identity theft . Insist on a DNA test to prove you are not the biological parent of the child. Submit to them, and any court involved, your police report along with your state ID or driver’s license and any other documentation you can produce. They may ask you  to show you are not the parent (medical records, state of residence, etc). Send all documents Certified Mail Return Receipt. You may need to go to court. 

IRS issues: (Please see ITRC Solution 27) Some victims find out about an identity theft case when the following issues occur. In all of these situations, the initial step is to contact the IRS Identity Protection Specialized Unit, toll-free at 800-908-4490.

You also may contact the IRS Taxpayer Advocate if you have an unresolved issue related to identity theft, or you have suffered, or are about to suffer a significant hardship as a result of the administration of the tax laws, i.e. wage garnishment.  Visit the IRS Taxpayer Advocate Service (TAS)
Identity Theft webpage. Additional information is also available on the IRS website.

Examples of IRS issues include:

  • Child support payments are deducted from your paycheck (in this case you may need to contact the county or state that is garnishing payments).
  • The IRS contacts you about taxes owned due to an additional source of income not reported by you, such as a second job.
  • The IRS says that your child’s SSN is already listed as a dependent on another tax return.

Debt Collection: Never pay a bill that you don’t owe. See ITRC Fact Sheet 116 for complete details.

Bankruptcy Issues: All bankruptcies need to be addressed by the Office of the Trustee of the U.S. Bankruptcy Court. Under federal law, bankruptcies declared by an imposter can be reversed. This is a situation in which you may wish to consult an attorney to make sure the paperwork is filed correctly. For more information read “Fresh Start or False Start - Identity Theft and Bankruptcy Cases” by the Office for U.S. Trustees

·         If you are planning on filing fbankruptcy yourself, but are experiencing identity theft, make sure you do not include any of the fraudulently opened accounts in your bankruptcy. Including them means you take responsibility for them and they can no longer be considered identity theft. Read ITRC Fact Sheet 100 for instructions on how to clear these accounts. 

·         If you have already filed for bankruptcy, and have included accounts that are part of your identity theft into your petition for bankruptcy, there is not much that can be done. Including accounts in a bankruptcy means you take full responsibility for them and any debt you may be held responsible for on them in the future. If you know who the thief is you may be able to civilly sue them for the amount owed. Speak to the Office of the Trustee of the U.S. Bankruptcy Court. Speak to an attorney about your rights.

Fraudulent Change of Address: If you suspect mail theft or mail fraud, contact the U.S. Postal Inspectors (USPIS) at 800-275-8777. When you move, a “change address form” is sent to both the new address and old address. Should you receive a notification and you haven’t moved, this is a warning to contact the USPIS immediately. A contact phone number is provided on the form you receive.

Student Loans: If it appears that someone has applied for and received a student loan in your name without your approval, you need to take action quickly.  If you already have proof of a problem, call the U.S. Dept. of Education Inspector General’s Hotline: (800) MIS-USED (800-647-8733). Also, contact the three Credit Reporting Agencies (See
ITRC Solution 3) and order copies of all three of your credit reports.

Report any fraudulent activity to the police by filing a police report. A police report will help you to establish your status as a victim and provides you specific rights under state and federal laws.

In some cases,  parents apply for student loans under their children’s names and the police mistakenly believe that since the victim benefited from the loan, it is not a crime. That is not true. Any use of your information without your consent is fraud and a crime. If you are unsure of how to proceed due to family issues, contact the ITRC toll-free at 888-400-5530.

DMV issues: When you become aware that someone else may have a driver’s license with your information, you need to speak with the DMV fraud investigator or Department of Public Safety in your state, or in the state where the problem is occurring. This action will start an investigation to determine the real license holder.  Should you lose your driver’s license, you will need to go back into your local office and have it replaced. Bring identifying information with you so that they can ensure you are the true licensee and not an imposter.

Property Deeds: Lost/Stolen property deeds should be reported to the County Register’s office. Fraud involving a property deed should be reported to the County Register’s Office in the state where the property is located as well as the victim’s local police department.

US Savings Bonds: If your US Saving’s bond is lost, stolen, or destroyed, you will need to report it to the US Department of Treasury. Form PD P 0107 will guide you through the process. If the bond was stolen, file a police report for the theft.

Identity Theft in Domestic Situations: (Please refer to ITRC Fact Sheets 115When you personally know the identity thief and ITRC Fact Sheet 115A if it is a spouse.)  Each case is unique.  Identity theft in a domestic situation has a varied emotional and financial impact on the victim. This requires the assistance of a specially trained advocate.  Please contact the ITRC toll-free at 888-400-5530.

Medical Identity Theft: You might find this has occurred if you receive a bill for medical or pharmacy services, or you have been alerted, via an Explanation of Benefits, from your health insurance company of the use of your health insurance information.  Refer to
ITRC Fact Sheet 130 and ITRC Fact Sheet 130A for this type of case.

Checking Accounts: Please refer to ITRC Fact Sheet 126, which goes through this issue in detail. You should file a police report in any of the following situations and send a copy of the police report to any creditors affected by the identity theft.

There are several types of checking account issues, including:

  • Checking account takeover
  • Stolen, washed or duplicated checks (refer to ITRC Solution 21)
  • Synthesized checks - With a good computer and printer anyone can put your name on a check and create a bank account number. 
  • Cashing a stolen or counterfeit check - In this situation, someone asks you to cash a check they write to you or endorse to you. This is most likely a scam.

In some states, a bounced check may eventually result in a warrant for your arrest. You need to clear the account problem with the bank and merchant, and also have that bank or merchant contact law enforcement to drop all charges. You will need to follow-up with the issuer of the warrant (usually the District Attorney’s Office) to be assured that the warrant is withdrawn. Don’t forget to get a “Letter of Clearance” that you will keep permanently.


  • Reduce Stress - See ITRC Fact Sheet 108Identity Theft – Overcoming the Emotional Impact. Please note that cleaning up the mess may take time. It will not be resolved overnight and you must be mentally prepared to attack your case with the least amount of stress. Find a healthy stress reducing activity and build a support team to help you during this period of your life.
  • Federal Trade Commission -
    Their publication is titled Taking Charge. You can get a copy sent to you or you may download it from: You may also call them at 877-IDTHEFT (877-438-4338). Additional information is available on their website:


This solution sheet should not be used in lieu of legal advice. Any requests to reproduce this material, other than by individual victims for their own use, should be directed toThis email address is being protected from spambots. You need JavaScript enabled to view it..

ITRC Fact Sheet 106
Organizing Your Identity Theft Case 

This guide discusses the sets of documents that each victim is recommended to keep:

Identity theft cases can become very complex. You may be dealing with multiple jurisdictions. There may be numerous instances of unauthorized and fraudulent use of your identity. You may have had more conversations about your case than you can keep track of in your head. In order to become an effective, strong advocate for your case, it is vital to impose a form of organization on your case from the first day.

  • You need to keep and track evidence, paperwork, and contacts.
  • You should keep a journal to help you remember what occurred, when you received documents, what documents you still need, as well as your costs and time lost.
  • All of your papers are evidence in a criminal case and should be treated as such.
  • Don’t allow papers to pile up on that black hole called a desk: visible to everyone, safe from no one.


This is a chronological and detailed journal of events which is best kept in a bound booklet, ledger-type book or electronic document.

  • Dated log: Keep a dated log either on the computer or on paper. A bound booklet, like a ledger book where pages cannot be easily removed, carries a great deal of weight in a court case. Start with the first contact, letter or call as a victim of identity theft and continue from there. Make sure you have updated security systems in place if you use a computer. Don’t use post-its or scraps of paper as they tend to get lost. If necessary tape them into your dated log.
  • Journaling: Keep track of each person you spoke with, their title, employee number, phone and fax number, email address and the procedure you need to use to reach them easily (i.e., Punch 2, then *, then 41). Include what they said, any follow-up needed from that call and the date that follow-up should occur.
  • Confirm agreements and discussions: Whenever possible ask for written confirmation of your discussion. If refused, mail or e-mail a “Confirmation of Discussion” to that person stating that the information as listed is incorrect and they should contact you. When they don’t, what you have could be considered a "confirmation of the call". Mail this by return receipt requested mail so you have a paper trail. Fax or email is acceptable only if you get a written response or receipt.
  • Log items received and sent: Keep a log of what you receive, who sent it, and what steps you took that day with that piece of mail or the phone call.
  • Telephone records: To find numbers quickly you may want to start a separate telephone and address book. However, also include this information in the official case log. Some victims like to use the last few pages of the log as a directory, working backward as it grows.


The items below will become the basis of your request for restitution, but you have the burden of proving these costs occurred. The judge has the right to refuse anything he/she deems unreasonable. Keep in mind restitution is the court’s effort to make you financially whole by recovering legitimate expenses. Punitive damages are not recoverable via restitution.

  • Costs: Keep a log of every penny you spend, when it occurred, what it was used for. Attach receipts to the sheets of paper in your log, documenting what it was for. If necessary, you can photocopy them later for court cases in the event that restitution is allowed.
  • Track phone calls, postage, mileage, legal assistance, notarizing, and court costs for documentation. Time lost from work, including vacation time used in your case is also considered an expense. If you decide to purchase any self-help materials (i.e., books, an organizer) or pay for assistance (i.e., babysitting, accountant, or an attorney), these costs might also be considered by the courts for restitution.
  • Document the time you spend working on your case. Your time spent is your largest investment.
  • Did you need to see a doctor because of emotional distress or physical ailments? Save those bills, record the time you took to see the doctor, and travel expenses. The judge has the discretion to consider these costs for restitution.
  • Did you get arrested because of the imposter’s actions, have to post bail, or lose time from work because of an arrest? The judge has the discretion to consider these costs for restitution.


If possible, we recommend you attend all court hearings from the Arraignment on. Take notes. Who was the judge? Who was the DA that day? What was said by the DA, the defense attorney, the defendant, and the judge? When is the next court date? What will occur then? Ask questions of the DA after your case is heard if you aren’t certain about what happened or what will happen next. See ITRC Fact Sheet FS 109 - The Court Experience for guidelines on what might occur.

From one victim: “ During the sentencing phase of my case, I noted that the imposter was prohibited from collecting personal data from any persons unless she provided to them a written notice that she was a convicted felon of false personation. Just before the review hearing, the police did a search of her home. They found more unauthorized employee applications plus more information about me. When I was questioned by the police about this, I reminded them of this probation requirement. The probation summary didn’t note it, so the judge ordered a copy of the sentencing transcript. The imposter ended up serving jail time for probation violations --- because I did my homework and had taken good notes”.


Some people need to vent, to write down their frustrations, emotions, and fears. Write down your suspicions and emotional outbursts in a separate journal from the official log of the case. As your case goes on, you will forget these small details unless they are documented. Do not show this to any other person except your own attorney should you decide to proceed with a civil case (family court actions, punitive damages, etc.). This notebook is for you and you alone.


We advise that you file away all papers as soon as you receive them.

  • Police report: This item is of highest priority. Request a copy of the report or at least a case summary of it. If that fails, file your report with the Federal Trade Commission. Fill out the FTC complaint, give a copy to the police and ask them to stamp a second copy which YOU will keep as “received.” You might be able to substitute that for a police report in some jurisdictions. Your case number may change as it moves through the judicial system. Keep track of them all, noting who uses which number.
  • Applications, credit slips, credit cards, and physical proof of the fraud: Keep everything you receive by mail that relates to your case or may relate to your case, even if you don’t understand its significance at the time. Depending on the complexity of your case, you may even decide to keep a separate section for each credit grantor involved.
  • As soon as you find out about a new credit card, purchase or crime, request all documentation regarding that action. Do not take no for an answer. If the first person will not help, speak with the supervisor. If he/she cannot help, keep going higher up. The Federal Fair Credit Reporting Act section 609e, states they must provide you with application and transaction records, with a request from you accompanied by a police report. You also can ask that they send copies to a designated law enforcement agency – the one that is working on your case. It is best to have it sent to the detective assigned to your case.
  • The police will be interested in seeing these, although in some jurisdictions they cannot use them as evidence. In some states, they will need to request a search warrant and officially receive these forms from the credit grantors — chain of evidence requirements.
  • Credit reports: Your first report will be sent to you for free due to suspected victimization. After that, you may choose to use the federal free credit report program for continuing to view your reports. See ITRC Fact Sheet FS 125 - Federal Annual Free Credit Report Law. You should also place a fraud alert on your credit report. With a police report, it can be extended to seven years. Keep your credit reports in one locked location to track changes as they occur.
  • Copies of all letters you send or receive regarding this case: If you feel you are not up to the task of writing them from scratch, many good form letters are available on the ITRC website,
  • All court documents: This may include subpoenas, probation reports, and transcripts of testimony, if necessary.
  • Victim statements: We recommend that you submit a victim statement IN WRITING whenever a judge will hear your case. They are sometimes required to read any statements you submit. Please check out ITRC Fact Sheet FS 111 - Victim Impact Statement regarding what to include in a Victim Statement.


As victims of identity theft, we are often left on our own, without a guide through the maze of reestablishing our good credit and name. The ITRC is here to help. Please contact us with your questions.


This fact sheet should not be used in lieu of legal advice. Any requests to reproduce this material, other than by individual victims for their own use, should be directed to This email address is being protected from spambots. You need JavaScript enabled to view it.


ITRC Sponsors and Supporters 





Go to top

Join The #FreeFromAll3 Campaign


Tell the credit reporting agencies that you

want free credit freezes for all Americans.