Against all odds, Caren’s aging out of the foster youth system and ready to strike out on her own. By all accounts, she’s done quite well — graduating from high school, attending college, and earning $30,000 a year working part-time as a store manager. She even bought a car and has three months’ rent saved to get an apartment.

The problem is, Caren’s birth mother stole her identity and ruined Caren’s credit history. As a result, no one will rent to her. Caren’s transitional housing is about to end, and she’ll soon have no place to live.

Why foster youth become victims of identity theft

Caren isn’t her real name, but she’s a real victim of child identity theft, something that’s all too common among foster youth. That’s because of all the people who have access to a foster child’s documentation and personal information — biological parents, any number of foster parents, foster agencies and program personnel.

In this case, Caren’s biological mother used her identity for cable television and other household bills. This apparently went on for years. When Caren discovered the problem, she could’ve filed a police report, but she worried what would happen to her mother. She also worried what would happen to her siblings who still live at home with her mother.

So, Caren faces homelessness instead.

“Foster youth have so much that’s out of their control,” said Eva Velasquez, CEO of Identity Theft Resource Center. “Not only is their information being shared and, unfortunately, often not in a secure way, they don’t have that parent or guardian behind them, trying to help.”

Symantec’s new program to help foster youth identity theft victims

With situations like Caren’s in mind, Symantec has launched a new program to help foster youth and the nonprofits that support them. It’s called FAST, Fostering a Secure Tomorrow. FAST will help foster youth protect and restore their identities, using the support of Norton and LifeLock experts, solutions, and services.

Symantec will partner with the Identity Theft Resource CenterTechSoup, and a network of community groups and organizations to assist foster youth. Initially, FAST will work with three foster youth-focused nonprofits. These are Bill Wilson Center and Promises2Kids in California, and Aid to Adoption of Special Kids in Arizona.

Symantec will provide cyber security education, access to security products, and identity restoration services. Symantec employee volunteers will mentor youth, provide program training, and advocate for strong policies that help protect foster children.

Caren isn’t alone. There are stories like hers across the foster youth system. And they illustrate the need for programs like FAST to not only restore the identities of foster youth victims, but also help protect these young people against becoming identity theft victims in the first place.

This blog was originally posted on Symantec proudly provides financial support to the Identity Theft Resource Center.

If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App.

There was a time when child identity theft was thought of as a family problem, and it’s true that many cases over the years have been perpetrated by a custodial or non-custodial parent, a close relative, or even a family friend. Once the individual gained access to the child’s sensitive documents, they could open numerous lines of credit with the child’s “untarnished” credit record. In many cases, the identity thief may have been trying to get out of a dire financial situation, and fully intended to pay off any debt incurred in the child’s name; at the same time, some unscrupulous thieves didn’t care what consequences waited for the child down the road.

Too often, the children didn’t even know they’d been victimized until they reached adulthood and tried to use their legitimate credit.

In more recent years, though, hackers and identity thieves have begun targeting kids in order to take advantage of clean credit that no one will be monitoring for years to come. Schools, doctor’s offices, daycare centers, even school lunch computers have suffered data breaches intent on nabbing kids’ personal identifiable information.

According to Javelin Strategy and Research’s 2018 Child Identity Fraud Study, there were more than one million reported cases of child identity theft in the US last year, with the majority of those cases victimizing children under the age of eight. Another 20 percent of the victims were between the ages of eight and twelve.

Unfortunately, those are just the cases that were reported, which means the actual number of victims may be much higher.

But this new avenue of data breaches leading to identity theft doesn’t mean that parents can let their guards down about friends or relatives. The same Javelin study found that in 60 percent of the cases last year, the child knew their identity thief; that’s very different from the data point that says only 7 percent of adult victims know their identity thief.

One of the increasingly common methods of using children’s stolen credentials is to grab a Social Security number and combine it with a fake name, address, phone number, and more. Known as “synthetic identity theft,” the thief isn’t using the child’s complete identity, but rather has created a whole new person with this information. That makes it a little harder for victims and law enforcement to notice the problem in the first place or take action after the fact.

Concerned parents or guardians have a few steps they can take, though. If the child in question is over 14, they can request a credit report in the same way that any consumer does. Visiting will provide the minor in question with a free credit report, and allow them to look it over for signs of suspicious activity. If the child is under the age of 14, the steps are a little harder. The adult must prove they have a right to access and see the information, but it’s a worthwhile step if there’s reason to believe a child’s identity may have been compromised.

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

The Identity Theft Resource Center (ITRC) and other advocacy groups have tracked data breaches, identity theft, scams and fraud for years. However, it is difficult to identify the geographic patterns to these crimes.

The Federal Bureau of Investigation (FBI) has released its annual cybercrimes report, which outlines which states saw the largest number of compromised records and the largest financial losses. The report provides statistics on what states are hit the hardest by these crimes. It also breaks down how much financial damage is caused and what mechanism for the crime was used. Interestingly, some of the states with the highest numbers of cybercrime have also been on the top identity theft state lists for several years. California, Florida, Texas, New York and Pennsylvania (in that order) had the highest numbers of cybercrime reports last year. The most financial damage from these attacks occurred in California, Texas, Florida, New York, and Arizona, again, in that order. As for how these cybercrimes manifested, Business Email Compromise (BEC) and ransomware were highly common forms, as were tech support fraud and extortion.

California, Florida, Texas, New York and Pennsylvania (in that order) had the highest numbers of cybercrime reports last year. The most financial damage from these attacks occurred in California, Texas, Florida, New York, and Arizona, again, in that order. As for how these cybercrimes manifested, Business Email Compromise (BEC) and ransomware were highly common forms, as were tech support fraud and extortion.

With such alarming numbers of occurrences around the country, what are individual consumers and businesses supposed to do? The very first answer is to simply understand that the threat even exists. Read up on the findings of the FBI, the ITRC’s annual Aftermath report, the Federal Trade Commission’s data on fraud reports. Once you understand the ways—and the likelihood—that cybercrime can strike, you’ll be better prepared to take as much preventive action as you can.

That action all starts with recognizing a possible cyber attack and refusing to play along. BECs and ransomware are easily ignored if you understand the dynamics that hackers use to trap you, for example. These tactics rely on the person receiving the communication not realizing the danger, so it’s important to set solid policies in place (for yourself and your workplace) about how to recognize, respond, and even recover from a cyber attack.

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

In a “skim the surface” nutshell, the General Data Protection Regulation – or GDPR –will hold businesses even more accountable if they let consumers’ data fall into the wrong hands.

New regulations are set to take place in Europe this week, ones that are intended to provide better security and privacy for EU consumers. So what does the GDPR have to do with you as a U.S. consumer? And more importantly, why are all these companies emailing you about it all of a sudden?

The GDPR is giving a lot more protection to consumers. For example, the EU is invoking a broader “right to be forgotten” measure that is currently in place, one that lets you request—at least in Europe—that inflammatory or unfounded articles about you be removed from search engines. EU residents also have the peace of mind of knowing that a company now has 72 hours to report a data breach; even though you reside in the U.S., the company now has to report it almost immediately in Europe if it happens. There are several other new changes included in the GDPR, which you can read about here.

First, even though you may be in the U.S. if a company anywhere in the world gathers and/or stores EU consumer data, they have to comply with the new GDPR. As a result, some U.S. companies have updated their privacy policies and they’re simply informing their users and customers. That means companies like Facebook, Amazon, Walmart and many more are making some changes and spreading the word.

On a very positive note, some companies are using this new mandatory compliance to tighten up their security even in places where it’s not yet required by law. After all, if you’re changing your company’s business practices for millions of users in Europe, why not make all of your users’ information safer?

It’s important to note that these emails you may have received are simply informing you of the shift in privacy practices that will take effect this week. There’s nothing specific for you to do unless you’ve been given instructions, such as setting up two-factor authentication or changing your password. Also, this flood of emails can help you in another way: you may have forgotten you signed up for company emails. If that’s the case, now is a good time to delete your account if you don’t use it or change your old password if you wish to continue having an account. That way, you may be able to avoid having your information compromised if one of those companies is ever the victim of a data breach.

For toll-free, no-cost assistance, contact the Identity Theft Resource Center at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

A single typo can come back to haunt you online, as scammers purchase like-sounding domain names in order to trap unsuspecting users.

Years ago, Disney Channel had a segment of programming for kids around ages eight through ten that was called “Zoog Disney.” The shows in that time slot featured relatable actors facing situations that were specific yet entertaining for kids in this age bracket. The Zoog Disney programming aligned with its Zoog Disney website, which kept the fun going online.

Unscrupulous scammers immediately purchased the domain name “Zoo Disney,” hoping to lure in children and parents who left off the last letter in Zoog.

Of course, stories have circulated for years about a hidden pornography site located at rather than the official government website for 1600 Pennsylvania Ave., Currently, the .com domain runs unsanctioned political content rather than pornography, but the result is the same: much like Zoo Disney, scammers are trying to reach users who miss a letter or mistype their entries.

In a trick called “typosquatting,” websites are set up in hopes that you are confused by the web address or type a little too fast to pay attention to a missing letter here or there. Unfortunately, once a scammer goes to those lengths, there has to be some kind of payoff; these spoofed websites are often filled with malware and other harmful web applications, profiting off your quick fingers.

One of the most common culprits is the “.com” ending that we’re all so used to. Numerous fraudulent sites end with “.cm,” hoping that you were a little too quick with the keyboard. By some accounts, as many as 12 million users a year are redirected to these bogus websites ending in .cm domain names. Once a user ends up at a site like this one—unaware that they’ve mistyped—they’re often flooded with threatening popup boxes that claim their computers are filled with viruses.

There are a few ways to fight back against typosquatting. First, make sure that you type clearly and carefully when you’re entering a web address into the URL bar. If you can bookmark popular sites that you visit frequently, that can also help you avoid potential disaster. Finally, remember never to fall for popup boxes or even browser lockers. Instead, exit out and start a whole new browsing session, and run a quick antivirus scan to be safe.

For toll-free, no-cost assistance, contact the Identity Theft Resource Center at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

For years, consumers have been encouraged to monitor their credit reports annually in order to stay on top of their credit and financial security.

First, you need to understand that there are three different major credit reporting agencies (CRAs) — Experian, Equifax and TransUnion, in addition to many smaller, industry-specific CRAs. The three major CRAs will be the ones that almost all consumers should focus on. Following legislation passed by Congress in 2003, all US consumers are entitled to one free copy of their credit reports each year, from each of the three major CRAs.

Not too long ago, ordering a copy of your credit report was not a simple or rapid process. Now, however, the agencies have adopted technology to help consumers monitor their credit and head off any troubling findings in a much faster way. Experian, for example, maintains a full suite of consumer tools on its website,, to help the public check their Experian credit reports and more.

To access your Experian credit report for free, visit the website and enter your information. This process will not require a credit card and the credit report will be available immediately for you to review on your computer.

That’s the first step. From there, look over the results carefully for errors or signs of fraudulent activity. Is the spelling of your name accurate? Are there open credit cards in your name that you didn’t apply for? Are there personal or home loans, rental agreements or automobile loans that don’t belong to you? If so, you can take action to correct mistakes and cases of fraud.

Fortunately, Experian lets you dispute information on your Experian credit report easily and conveniently on its website in the Dispute Center portal. There are prompts to walk you through the process you can select the information to dispute right from the screen with just a few clicks,  and you receive the results of the investigation within 30 days. The website is also mobile-optimized so you can use your smartphone or tablet to conduct the transaction and upload documents using the device’s camera roll. While you’re waiting for feedback from Experian on the issues you’ve disputed, it’s a good idea to check all of your bank account statements, credit card statements and other sensitive accounts to see if someone has used your existing accounts without your permission (there is a separate process if you have had your existing accounts compromised).

Experian & Identity Theft Resource Center recognize that navigating your way through a case of identity theft is difficult. That is why we have worked together to provide resources to help you. By arming you with some steps you may want to take and tips to help you should you become a victim of identity theft, we hope we can make the process easier for victims of identity theft. For more information, visit

For toll-free, no-cost assistance, contact the Identity Theft Resource Center at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.


Experian proudly sponsors and provides financial support to the ITRC. The ITRC may feature certain products offered by its sponsors.  We believe these products, as well as similar products generally available in the market, may be appropriate for use by consumers or businesses to reduce the risk of fraud and/or identity theft.  We do not test these products and therefore do not endorse or guarantee the performance or efficacy of any particular product.

In the coming weeks, students across the country are going to experience a major shift in their lives, probably one that is unlike any other developmental milestone they’ve ever faced.

Come June, young people who’ve still had to follow curfews, dress codes, and rules about raising their hand for permission to use the bathroom will suddenly be considered adults.

Whether you’re heading to college or entering the workforce, your life may take a very sharp turn once you hit this milestone. It’s important to be prepared for some of the changes that may be coming your way, especially regarding your financial, medical, and personal identity.

Financial identity

You may have already had a job and a bank account, perhaps even a car loan, but once you finish high school, the dynamic can still shift a little. Your parents might have been joint account holders or co-signers; they may remain on your accounts or you may find yourself with your accounts to be responsible for. Understanding how your financial identity can be put at risk is crucial, especially if you’re going it alone.

Talk to your financial institution about building credit responsibly, but also about protecting your accounts. Your bank account, credit card, loans or any other financial dealings can be susceptible to takeover, and your identity can be used fraudulently to open new lines of credit or accounts. You need to know how to spot the signs of a problem and how to take action to correct it.

Medical identity

Again, this is a time when you may still be on your parents’ health insurance or when you’ll be relying on your own coverage to receive care. But your identifying information can also be used by a thief. If you suddenly receive medical bills or health insurance statements for treatments you never received, prescriptions that aren’t yours or any other related services—whether through your hometown doctor, your student health center or another healthcare provider—contact those offices immediately to report the problem.

Remember, it can be difficult to handle medical identity theft cases because HIPAA privacy laws still cover the person who used your identity. You may need to demonstrate that you were not the person who sought the care and that you are not responsible for any charges or legal fallout from the issue.

Personal Identity Theft

There are many different ways someone can steal and use your identity. New situations like moving into a dorm or apartment, filling out background checks to sign a lease or activate utilities, applying for colleges or jobs and other related scenarios can mean that your identifying information is now in a lot more places than it was when you were a kid. It’s time to understand how your information can be stolen, how to recognize if you might be a victim and what steps to take next. The Identity Theft Resource Center is a great place to start gathering information before a problem comes up, as well as an excellent resource to turn to if something goes wrong.

There’s one more thing to keep in mind as June approaches: if you’re filing a FAFSA application for financial aid to college or technical school, the deadline is June 30. Don’t wait until the last minute, though; if you discover that someone has already filed one in your name, you’ll need time to report the matter and file your legitimate FAFSA in order to avoid missing the opportunity for financial aid consideration. Get your application in quickly so you can have time to address any identity theft problems that possibly arise.

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Tech recycling has been a major environmental and security focus in recent years as consumers discard old computers, outdated cell phones, and other devices. Apart from the danger of leaking these components and their potentially toxic chemicals into a landfill or groundwater, there is the additional risk of an old device falling into the wrong hands, leading to gleaning of the original owner’s data.

Now, consumers are being asked to evaluate their internet-of-things devices. As this technology increases in innovation and new options begin to replace old ones, users will have to keep the same safety and security considerations in mind. It’s not just the concerns over the physical components like contain batteries, copper wiring, mercury, and other toxins, either. An Amazon Alexa, for example, could potentially lead back to your Amazon account, your purchase history, your order history with delivery address, and even recordings of your voice. Likewise, an identity thief would love to get their hands on a medical IoT device that connected your health data to your doctor’s office or medical center, as it “speaks” to and receives messages from your medical records.

Fortunately, e-cycling initiatives have taken hold in many communities around the world. These programs not only keep the electronic components out of the dump, they also ensure that the device is thoroughly wiped clean of user information, old files and photos, and any other data that people wouldn’t want exposed.

Any device that connected to your identifying information, no matter how innocuous or sensitive it might have been, has the potential to be stripped for information by a hacker. Safeguarding your information means ensuring that any information contained within the device or that connected to the device is completely inaccessible. You can search online for e-cycling centers near you before disposing of other devices, but contact them to make sure they can accept IoT devices, especially any medical devices, before bringing them in.

Before discarding any internet-of-things of mobile connected device, wipe it clean of all data and profile information. If you can find the instructions to restore it to factory settings, that is an excellent way to do it. When in doubt, take it back to an authorized retailer for that product and get help determining that your information and your account profile are completely gone, then recycle it with confidence.

 Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

If your legitimate tax return is rejected for being a duplicate—meaning someone has already filed a return in your name—the Federal Trade Commission and the IRS are ready to help you take the next steps.

Identity theft and its related crimes are broken into different categories, typically based on how the crime came about or what type of end result the criminal was after. Child identity theft, for example, involves the unauthorized use of a child’s information, while medical identity theft occurs when someone steals another person’s identity and uses it to seek medical care or prescription medications.

One type of identity theft saw exponential growth in the number of reports over the past few years, leaving countless victims and massive financial losses in its wake. Tax return fraud, which happens when someone files a fake tax return in your name, not only steals money owed to the government that came from taxpayer funds, it can also severely delay your legitimate refund and filing.

The increase in tax return fraud may be connected to the record-setting numbers of data breaches in recent years. These events unleashed hundreds of millions of taxpayers’ complete identities, letting anyone with access to file both federal and multiple state tax returns using the victims’ information.

Typically, victims of tax return fraud only discover that someone has used their identity to file a return after their own legitimate tax return is rejected for being a duplicate filing. From there, the tedious process of informing the IRS, by filing the proper paperwork to demonstrate you are a victim of identity theft, begins. This process can take months and delay any refund that you’re owed.

To help streamline this process, the IRS and the Federal Trade Commission have teamed up to help victims of tax return fraud file a claim in an easy, timely way. A new web portal run by the FTC feeds your responses to an online Form 14039 and sends it to the IRS, while also allowing you to download a copy for your records. Within 30 days, you’ll hear from the IRS with confirmation that they’ve received your information and your claim.

If you or someone you know needs this kind of support, you can find all the information at You can also work to build an identity theft recovery plan on the site while you’re at it, but remember, your legitimate tax return is still due, even if there’s a fraud issue pending. Don’t forget to file it, and don’t wait until your identity matter is resolved.

 Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

The Office for Victims of Crime, under the Office of Justice Programs, has released a new resource guide for supporting victims, just in time for the observance of National Crime Victims’ Rights Week. This week-long awareness, hosted this year from April 8 to April 14, is a series of outreach events to help law enforcement agencies and advocacy groups work to include all victims of crime in understanding the resources and support that are available to them.

According to the OVC, “This year’s theme—Expand the Circle: Reach All Victims—emphasizes the importance of inclusion in victim services. The theme addresses how the crime victims field can better ensure that every crime victim has access to services and support and how professionals, organizations, and communities can work in tandem to reach all victims.”

With the wide variety of crimes committed each day and the broad spectrum of how those crimes impact the victims, it’s all too easy to overlook people who are still struggling to make sense of what happened to them and work to recover from it. The Identity Theft Resource Center, for example, periodically releases the Aftermath Report, which seeks to understand how identity theft and related crimes affected victims who reached out to the ITRC that year for help.

The results of identity theft crimes and their impact have included some very surprising responses from victims in the past. Many have reported feelings of mistrust, depression, and even paranoia about their physical and financial safety. Others have reported medical issues due to loss of sleep and anxiety. Some have even reported that they sought professional medical help to help them recover, while others stated that they would have sought counseling or other services if they could have afforded it, something that they could not do as a result of the financial losses to identity theft.

Regardless of the crime or the severity of the toll it takes, it’s important for victims to know they’re not alone. There are advocacy groups and support networks in place for victims to call upon, and resources like the OVC and the ITRC are excellent places to start.

Expand the Circle: Reach All Victims. Join #IDTheftChat on Twitter April 13, 2018 9 am PT / 12 pm ET hosted by Identity Theft Resource Center Office for Victims of Crime to learn how you can help victims of crime. #NCVRW2018

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.