Deception, exaggerated threats and flawed offers are some of the improper practices being used by some ID-theft protection companies, according to Consumer Reports. It’s so rampant in this industry that the Consumer Financial Protection Bureau has levied over $1 billion in fines to multiple identity theft service providers and some of the largest banks over the past three years alone.

A September 2014 updated Consumer Reports magazine article titled “Don’t get taken guarding your ID” reveals that about 50 million Americans are paying $10 to $25 per month for some type of ID-theft protection. 

There are reputable ID theft protection services, but like everything else we need to do the homework to choose the trustworthy ones.

When I present to employee and consumer groups across the country I always strongly encourage consumers to read the fine print for hidden “exclusions” when selecting an identity- theft protection provider. Hidden exclusions commonly found in the terms and conditions are where the marketing hype meets reality.

I also encourage selecting an ID-theft protection service that offers identity restoration to fix your identity in the event a criminal fraudulently uses your good name.

Many identity theft service providers offer you a false sense of security by giving you the impression that they can minimize or prevent you from becoming a victim of identity theft – based on the endless number of ads and commercials.

In addition, ID-theft protection components such as credit monitoring and Internet scanning are flawed and offer a false sense of security, as does the $1 million of insurance offered by some providers, according to Consumer Reports.

If you decide to acquire identity-theft protection services — whether you buy it direct or it’s offered where you work — I have assembled a list of the common exclusions.

  • Acts of terrorism —if you are a victim of ID theft from a data breach caused by terrorists.
  • Children’s age or address – if your child becomes a victim of ID theft past a certain age (commonly 18) or while living away from home.
  • Family-related fraud – most family members will not file a police report, so your family ID Theft event can be excluded.
  • Self-employed persons – are considered a higher risk because they typically don’t have the financial and IT resources to protect their personal and financial information.
  • Self-caused – if you accidentally click on a phishing e-mail and it is determined that is why you are a victim of ID theft.
  • Discovery period – if you do not report that you are a victim of identity theft within a certain period (for example, 6 months).
  • Unknown ID-theft events that occurred before the effective date of the plan.

Mark’s most important: Read the fine print and clearly understand all of the benefits — included and excluded — as you review ID-theft protection programs. Make sure the ID-theft protection you want is what you’re actually buying.


Mark Pribish is vice president and ID-theft practice leader at Merchants Information Solutions Inc., a national ID-theft and background-screening provider based in Phoenix. Reach him at

This article was originally published on and republished with the author’s permission.