ITRC Fact Sheet 123
This guide covers:
Some of the ways that scam artists are tricking people into giving information is either via the Internet through an Account Verification or “phishing” scam, or by using a telemarketer. Before you have time to think, you give them your Social Security Number (SSN), name, address and may even divulge bank account or credit card information.
Now what? Unfortunately the damage has been done. It would be unusual for a person or criminal organization to go through this much effort if they did not intend to use the information to their advantage. You are a victim of a scam at this moment and not identity theft. Perspective is critical to maintain your emotional well-being.
This guide will serve as a starting point of what to do and whom to call. If the situation evolves into identity theft, please refer to our other self-help guides and/or contact our office. If you did not provide information to the thieves, you should be safe.
Before you start, you may wish to verify if you are a potential victim of a scam. If you did not initiate the call, it is almost always a scam. But you can check it out by contacting the company involved directly. Use a customer service number you find in the phone book or one you find online. You can also contact the ITRC to find out if we have seen this scam before (Refer to ITRC Solution 25 - How can I tell if it is a scam?)
- Keep a log of all conversations, including dates, names and phone numbers (see ITRC Fact Sheet FS 106). Start with the initial police report. Be sure to note time spent and keep receipts for any expenses incurred in the event the thief is caught and the case goes to trial.
- Confirm conversations in writing. Request a written verification that accounts have been closed (including time and date), and/or a confirmation number.
- Send correspondence by certified mail, return receipt requested.
- Keep copies of all letters and documents that you send and receive.
- Whenever possible, speak with a fraud investigator and not a customer service representative. If you are not satisfied with the answers given, request to speak with a supervisor. Keep going up the chain of command until you reach a decision-maker.
- Add passwords to bank, utility and credit accounts. A strong password should be more than 8 characters in length, and contain both capital letters and at least one numeric or other non-alphabetical character. Use of non-dictionary words is also advised.
- Internet Scams - Print a copy of the page you sent them if you are able, or print a copy of the information they requested if you can get back into the site.
- Phone Scams – Write down all the information you might remember including name of company, person, telephone number, etc. Check the company out via the Better Business Bureau and find out if they have telemarketers calling.
- File a police report but don’t expect the thief to be caught. This report will simply document that you are reporting a problem. Give them a list of the items the request contained and that you provided. Request a copy of the report. ITRC also recommends getting the business card or name of the officer who took the report, the report number and a phone number to call if you have additional questions.
- Fraud Alerts: Place a Fraud Alert by contacting the three major credit reporting agencies (CRAs) (ITRC Solution SN 03). You will not reach a “live” person on this first call. Once you get a report, you will have a different number to call to reach a fraud specialist. It takes about 10-14 days to get your reports via mail.
- Credit cards: Contact all credit issuers whose information you provided. Cancel the card immediately and request replacement cards with new account numbers. Ask the credit grantors to furnish copies of any fraudulent transactions that occurred after the card was stolen or lost. Monitor your mail for collection notices, missing statements or bills. Check bills for evidence of new fraudulent activity. Report problems immediately to credit grantors.
- Debit cards: Cancel the card immediately and request new bank account numbers for any account (checking or savings) that was linked to that card. Add a strong password which should be more than 8 characters in length, and contain both capital letters and at least one numeric or other non-alphabetical character. Use of non-dictionary words is also advised. Remember, ITRC does not recommend using debit cards to start with. It is better to have a separate ATM card and credit card for better protection and control.
- Checking account or savings account numbers, checks, ATM, debit cards used without pin numbers: Close the account. Open a new account with a new number. Add a password on the account. It sometimes helps to go directly to the local branch and speak face-to-face with a bank administrator or fraud investigator. Many victims report that this was a good relationship to establish, especially when it came to frequent required notary signatures.
While placing the fraud alerts with the CRAs, also order a copy of your credit reports (free as a victim of potential identity theft). This allows you to check for any pending applications and verify that all the current information is correct. It becomes an accurate baseline for the fraud alert. For example, imposters might try to change your address. They can do so by applying for credit listing an address different than your current one. Differences in addresses are a warning flag for possible fraudulent activity.
Once you get your report, check with the fraud investigator to inquire if any new accounts have been opened recently or are pending. If so, get contact information for those creditors and contact them immediately.
All citizens in the US now qualify for free credit reports. By using this annual credit report system, refer to ITRC Fact Sheet FS 125, you can keep track of your reports. Instead of ordering them all at once, ITRC recommends ordering one of the credit reports every 3-4 months. In 2 to 3 months after you see the first report, order only one of the company’s reports through the annual free report program. Four months later get a different one and four months after that get the third company’s report. This staggering report system is a good habit to continue.
Please be aware that fraud alerts are advisory in nature only and that credit issuers are not required to honor them. Fraud alerts are in place for 90 days. You can renew them every 90 days, if you wish. You can cancel fraud alerts at any time. (Please refer to ITRC Fact Sheet FS 124– Fraud Alerts and Credit Freezes.)
You may also place a credit freeze on your report. This is a higher level of protection. Credit freezes are preventive and the best solution to date for avoiding fraudulent applications for credit under your name. Check our State Resources Map for the most up to date state information.
Credit Reporting Agencies Fraud Contact:
- Equifax/Report fraud: (800) 525-6285.
- Experian/Report fraud: (888-397-3742)
- TransUnion/Report fraud: (800) 680‑7289
To report fraudulent use of your checks
- Chexsystems: (800) 428-9623
- TeleCheck: (800) 710‑9898
- CPRS/Certegy: (800) 437‑5120
- Checkrite/Global Payments: (800) 638-4600
To report possible IRS scams
- report any phone calls to www.treasury.gov/tigta/contact_report_scam.shtml
- report to 800-366-4484