Solution 41
Contacting the CRAs to Place a Credit Freeze

Equifax

Experian

  • You can use ITRC’s Letter Form 124A to request a credit freeze for the following:
    • Adult victims of identity theft can request a credit freeze for free in writing by submitting a copy of a police report documenting the identity theft and documentation proving your identity along with the applicable form(s).
    • Adult consumers who are not victims of identity theft can see their individual state fees and requirements here: https://www.experian.com/consumer/security_freeze.html
  • To Contact Experian:
  • If you are requesting a freeze for a minor child or protected consumer you will need to contact Experian directly. Check their website to find current instructions regarding what needs to be sent: https://www.experian.com/consumer/cac/PrepopulatedForm.do?PrePopulatedForm.No=1057&type=victim

TransUnion

  • You can use ITRC’s Letter Form 124A to request a credit freeze for the following:
    • Adult victims of identity theft can request a credit freeze for free in writing by submitting a copy of a police report documenting the identity theft and documentation proving your identity along with the applicable form(s).
    • Adult consumers who are not victims of identity theft can see their individual state fees and requirements here: https://www.transunion.com/credit-freeze/place-credit-freeze
  • To Contact TransUnion:
  • If you are requesting a freeze for a minor child or protected consumer you will need to contact TransUnion directly and reside in one of the qualifying states.

This fact sheet should not be used in lieu of legal advice. Any requests to reproduce this material, other than by individual victims for their own use, should be directed to This email address is being protected from spambots. You need JavaScript enabled to view it.

Solution 39
Background Checks and Vanity Searches

The focus of this document is to give suggestions in the case of fraudulent information being reported on a background check or online information search. If you receive/are told there is information that is not yours DON’T PANIC. Information on a background check or an online search does not mean you are a victim of identity theft. Some background check companies and programs will confuse people with similar names, birth dates, etc. or will lump them together into one file.

Your Rights - The FCRA (Fair Credit Reporting Act) is the primary federal law regulating employment background checks. Despite its name, the FCRA applies to all employment backgrounds checks conducted by a third party whether they include a credit report or not. See A Summary of Your Rights Under the Fair Credit Reporting Act. In addition to the FCRA, there are many other Federal, State, and Local laws and regulations that may impact a particular employment background check. See Background Check Laws & Regulations.

Steps to Take: Make sure you have a print out of the background check or the search results for your records.

  • Fraudulent Credit / Addresses: Check your credit reports with the three credit reporting agencies. These will tell you if there are fraudulent lines of credit, mortgages, collections, or judgements under your information. They will also tell you if there are addresses that are not yours connected to your Social Security number.  You can do this by visiting www.annualcreditreport.com or by contacting each credit reporting agency directly and placing a fraud alert. ITRC Fact Sheet 100 will walk you through what to do if there is fraudulent activity.
    • Equifax (800) 525-6285
    • Experian (888) 397-3742
    • TransUnion: (800) 680-7289
  • Fraudulent Checks / Bank Accounts: Check your consumer reports if fraudulent bank accounts or checks appear on your record. You can do this by contacting the three check verification companies. ITRC Fact Sheet 126 provides the steps on what to do if there is fraudulent activity.
    • ChexSystems (800) 428-9623
    • Certegy (800) 437-5120 or (866) 543-6315
    • TeleCheck (800) 366-2425
  • Criminal Charges: If there are criminal charges on your background check or vanity search read ITRC Fact Sheet 110. Do the following:
    • If there is no indication of a warrant: contact your local police department. Show them the report that you were given. Ask them to verify if the reported criminal record is under your information.
      • If it is not, get a print out from the police stating this. Contact the background check company or website reporting this information. Inform them that they have reported it in error. Send them the letter from the police along with any other information they may need to correct the record. Get a copy of the amended record. You may need to do this again in the future.
      • If the fraudulent criminal charges are being reported under your information, file a police report for identity theft. Follow the steps in ITRC Solution 6 to clear your name.
    • If there is an indication of a warrant under your information, determine if the warrant is in your state or another. Contact your local police department by phone. Ask to speak with somebody in the fraud investigations department or the identity theft department. Inform them of what you found on your background check and that you want to come in to fix the issue. Ask them to meet you at the door to your local precinct. Do not go alone. The danger with these sorts of situations is there is always a chance of the victim being arrested. Have somebody go with you that can get legal help if need be. Follow the steps listed above for talking to the officer. Read ITRC Solution 6 for suggestions on how to clear your name.
    • If there is a fraudulent driving record (traffic tickets, DUI, etc.) contact your state’s agency that handles driver’s licenses. Request a copy of your driving record. This will tell you all traffic violations under your information. Follow the steps in ITRC Solution 6 to clear your name.
  • Fraudulent Employment: Go to the Social Security Administration’s Website to order your Social Security Statement. This statement will tell you if Social Security thinks you have made more money than you actually have in a year. Read ITRC Solution 27 for more information.

You may decide that you wish to pull your own background records. If you do, consult your local police department or the Better Business Bureau for recommendations on a reputable company.

Additional Information:

Individual State Resources ITRC Solution 6 - Criminal Identity Theft ITRC Solution 27 – Fraudulent Work History ITRC Fact Sheet 100 – Financial Identity Theft ITRC Fact Sheet 110 – Criminal Identity Theft (a guide to the crime) ITRC Fact Sheet 126 – Checking Accounts and Check Fraud

This fact sheet should not be used in lieu of legal advice. Any requests to reproduce this material, other than by individual victims for their own use, should be directed to This email address is being protected from spambots. You need JavaScript enabled to view it..

 

ITRC Solution 36
Somebody has accessed my annual free credit report

What do you do when somebody has pulled your annual free credit report using your information?

  • Contact all creditors you do business with (credit cards, bank loans, utilities, etc.) Talk to them about what precautions can be placed on your accounts. Consider placing passwords on accounts or changing account numbers entirely.

  • Contact the three credit reporting agencies directly. In instances like this, it is safest if you write to the three credit reporting agencies rather than going online or calling because you will need to prove your identity in order to get what you need. You can use the ITRC Letter Form 124 C to write to them. Send to each agency a copy of your state ID or Driver’s License, a copy of your Social Security card, a bill, and a bank statement or pay stub. If you have moved, include a copy of your change of address card as well. Send your packets Certified Mail Return Receipt.
    • Equifax  PO Box 740241  Atlanta , GA 30374-0241
    • TransUnion  PO Box 2000 Chester, PA 19022
    • Experian  PO Box 9554  Allen , TX 75013

  • Look into freezing your credit reports (Fact Sheet 124). See if it is right for you.

If you believe or feel this may be related to a case of stalking, consult your Attorney General’s website for programs that are available to help protect you.

Related Links:

FS 115 When you personally know the thief
FS 115A When your spouse is the thief.
FS 124 Credit Freezes and Fraud Alerts
FS 132 - What are Identity Theft Products?
SN 30 - Clearing Financial Account Takeover

This fact sheet should not be used in lieu of legal advice. Any requests to reproduce this material, other than by individual victims for their own use, should be directed to This email address is being protected from spambots. You need JavaScript enabled to view it..

ITRC Solution 37
Doxing and Internet Safety Tips

“Doxing” is the increasingly common practice of tracing internet activity with the purpose of uncovering and then publishing personally identifiable information about the individual. The methods employed in pursuit of this information range from searching publically available databases and social media websites to hacking and social engineering.

In some ways, doxing is a form of cyberbullying, or even extortion. The tactic is often employed when the “doxer” wants to intimidate an individual into a certain behavior. It may be hard to imagine that the average user—you, in this case—would be an attractive target or would engage in any behavior that could cause you to become a victim of this exploitation. But it’s becoming a more and more common practice, mostly because it’s so simple to do and doesn’t require any set technological skill.

One of the unfortunate realities about doxing is that simply uncovering information about someone isn’t a crime; but using it to threaten, intimidate, or extort the victim is. However, some doxers feel completely justified in their behavior. For example, actor Adam Baldwin was doxed because of his involvement in a controversial movement entitled #GamerGate along with “Business Journal” columnist Milo Yiannopoulos and four other people.*. The doxer was apparently offended by their public stance on this controversial issue and punished them for their crimes with the release of personal information in a document posted on Pastebin that could be accessed by the public. Baldwin’s personal phone number was exposed, and other people had their parents’ addresses, their own addresses, and birthdates released. The sender threatened that if activities they found offensive continued “…this list grows”.

There are many ways by which scammers and stalkers can find out things about you just by skimming what you have posted online. Sometimes it can be difficult to understand the long-term implications of posting everyday activities, pictures, or updates about seemingly innocuous information or activities.

People who engage in “doxing” are usually doing it to scare or harass the person they have targeted. If someone targets you and claims to have your information, do not discuss it online or make it public, and do not become confrontational. You may very well be taking the bait the doxer is holding out, and you may inadvertently be confirming the authenticity of the information the doxer thinks he’s acquired. It can also encourage the person to harass you even more in order to get a stronger reaction out of you. Even if he threatens to release the information online, do not confront him or talk about it online. Report it to online moderators, and be sure to report the situation to the police as stalking or cyberbullying, so there is a confirmed paper trail of the initial behavior if the situation escalates.

The following information contains some suggestions that can help you stay safe online:

  • Do not use your name or birthdate in your email, Twitter, Facebook, or other online profile names, such as This email address is being protected from spambots. You need JavaScript enabled to view it. . This is the first thing doxers will look for, and it is an easy way to identify you if there are other people with a similar name.
  • Use different names for each online profile. For example, do not use the same user name for your Facebook that you use on Pinterest. This will make it harder for people you don’t know to locate you in each social networking sphere.
  • Do not input your real birthdate into any social networking site. It’s fun to have people tell you “happy birthday” online, but this information can be used to find out sensitive data about you. Even though you can make it private, it is safer not to have this information on a publicly accessible site. Use a fake birthdate unless the site has an age requirement to establish an account.
  • Do not accept friend requests from just anyone. Look into who they are first. If you aren’t sure about them or don’t like what you see in their profiles, don’t friend them.
  • Do not download any files from people you don’t know, and look into files or links sent from account holders you do know, just in case that person’s account was hacked. Those files may contain viruses or other ways by which hackers may gain access to your computer. Do not click on any links or share your email address, phone number, or other personal information with individuals you do not personally know.
  • When taking pictures you wish to share online, it’s important to disable the geolocation or location settings in your smartphone or camera before taking the picture. This function, known as “geotagging”, allows smartphones to embed time and date stamps within the picture’s file, along with the GPS coordinates of where the photo was taken. That information gets shared with the photo when you post it online; a cute picture of your child playing in his bedroom can feed the coordinates to a hacker with the know-how and software to retrieve them. Simply switch the location settings to off in your device’s main menu before taking pictures, but remember you’ll need to re-engage the location settings in order to use certain apps, like your map or navigation apps.

* RalphReport - http://theralphretort.com/exclusive-milo-boogie-baldwin-apparently-doxxed/

Related Links:

FS 115 - When you personally know the thief

FS 124 - Credit Freezes and Fraud Alerts

FS 132 - What are Identity Theft Products?

FS 144 - Smartphone Safety

FS 145 - Smartphone  Threats

FS 146 - Smartphone Privacy and Security

FS 147 - Risks of Mobile Applications

 

This fact sheet should not be used in lieu of legal advice. Any requests to reproduce this material, other than by individual victims for their own use, should be directed to This email address is being protected from spambots. You need JavaScript enabled to view it.

 

ITRC Sponsors and Supporters

 

 

 

 

Go to top