Deception, exaggerated threats and flawed offers are some of the improper practices being used by some ID-theft protection companies, according to Consumer Reports. It's so rampant in this industry that the Consumer Financial Protection Bureau has levied over $1 billion in fines to multiple identity theft service providers and some of the largest banks over the past three years alone.

A September 2014 updated Consumer Reports magazine article titled "Don't get taken guarding your ID" reveals that about 50 million Americans are paying $10 to $25 per month for some type of ID-theft protection. 

There are reputable ID theft protection services, but like everything else we need to do the homework to choose the trustworthy ones.

When I present to employee and consumer groups across the country I always strongly encourage consumers to read the fine print for hidden "exclusions" when selecting an identity- theft protection provider. Hidden exclusions commonly found in the terms and conditions are where the marketing hype meets reality.

I also encourage selecting an ID-theft protection service that offers identity restoration to fix your identity in the event a criminal fraudulently uses your good name.

Many identity theft service providers offer you a false sense of security by giving you the impression that they can minimize or prevent you from becoming a victim of identity theft – based on the endless number of ads and commercials.

In addition, ID-theft protection components such as credit monitoring and Internet scanning are flawed and offer a false sense of security, as does the $1 million of insurance offered by some providers, according to Consumer Reports.

If you decide to acquire identity-theft protection services — whether you buy it direct or it's offered where you work — I have assembled a list of the common exclusions.

  • Acts of terrorism —if you are a victim of ID theft from a data breach caused by terrorists.
  • Children's age or address – if your child becomes a victim of ID theft past a certain age (commonly 18) or while living away from home.
  • Family-related fraud – most family members will not file a police report, so your family ID Theft event can be excluded.
  • Self-employed persons – are considered a higher risk because they typically don't have the financial and IT resources to protect their personal and financial information.
  • Self-caused – if you accidentally click on a phishing e-mail and it is determined that is why you are a victim of ID theft.
  • Discovery period – if you do not report that you are a victim of identity theft within a certain period (for example, 6 months).
  • Unknown ID-theft events that occurred before the effective date of the plan.

Mark's most important: Read the fine print and clearly understand all of the benefits — included and excluded — as you review ID-theft protection programs. Make sure the ID-theft protection you want is what you're actually buying.


Mark Pribish is vice president and ID-theft practice leader at Merchants Information Solutions Inc., a national ID-theft and background-screening provider based in Phoenix. Reach him at This email address is being protected from spambots. You need JavaScript enabled to view it..

This article was originally published on and republished with the author's permission. 


ITRC Sponsors and Supporters 





Go to top


The TMI Weekly

Breaches here, identity theft there and invasions of privacy everywhere... Should you be worried and, if so, how can you protect yourself? Sign up now to receive The TMI Weekly and get the latest hot topics in identity theft, data breaches and privacy and helpful information on how to protect your information.