Hopefully, your ID will never be stolen but, these days, you can never be sure. Here are some options if you know, or believe, your ID’s been stolen and your credit compromised.

What to do if you suspect a problem

Review your credit report

Under U.S. law you are entitled to review your credit report annually free of charge at the three major credit reporting agencies: Equifax, Experian and TransUnion. You may either review all three all at once or scatter your requests throughout the year.

Fraud Alert vs. Credit Freeze

A fraud alert is a free alert to notify creditors to take extra steps to protect your credit. A fraud alert does NOT guarantee that your credit is safe but is considered an extra hurdle for thieves to overcome to access your credit. You have the right to order a fraud alert even if you suspect you may be a victim.

A credit freeze is defined by the US Federal Trade Commission as a means of restricting access to your credit information to all third parties including creditors or thieves. Unlike a fraud alert, however, there is a fee associated with a freeze that varies from state to state.

You have to request a security freeze at each of the consumer agencies: Equifax, Experian, Innovis and TransUnion.

The downside of a credit freeze is that, once in place, it is impossible to apply for a credit card or make any purchases that require credit. Therefore, you will need to un-freeze your credit before applying for a credit card or major purchases such as a house or car. Freezing and un-freezing your credit would require a fee each time. There is a bill pending in Congress to allow consumers to freeze and unfreeze their credit at will without cost.

Be wary of offers to protect your credit

As with any breach, there has been an increase in offers by companies to protect your credit information and it is impossible to differentiate between legitimate companies versus scammers.

One questionable offer is to “lock” your credit account but a lock is NOT the same as a credit freeze! A lock is defined by the company offering the service as some type of restriction, but there is no guarantee that your credit is blocked from parties willing to purchase your information.

Avoid any emails or phone calls with offers to freeze or protect your credit

Legitimate companies know the services available to consumers so they see no value in sending mass email distributions or marketing phone calls. If you receive an email from a company claiming to offer you credit protection services do NOT click on any link within the email! Delete the email instead. If you receive a phone call with an offer, ask them to mail information to you through the post office but do NOT give away your address if asked, even if you are asked to confirm your address. It is highly unlikely that you will ever receive a letter, whether they know your address or not.

What if you’re a victim?

Telltale signs are notices or phone calls from bill collectors, credit card companies, etc. about spending which you do not recognize.

Alert the authorities

• Visit the Federal Trade Commission’s Identity Theft web site and make a report online, print it and sign in the presence of a notary.
• Report the incident to the police department where you live and keep all documentation.
• Notify your state government, if the service is offered. For example, the Texas Department of Banking offers the Closed Account Notification System (CANS).

With these documents in hand, send copies plus a copy of your photo ID to any credit bureau, bill collectors, banks, credit cards, etc. informing them that you have been a victim of identity theft.

Limit the use of your debit cards

Debit cards do NOT offer the same protection as credit cards so it’s strongly advisable to avoid using them for any purchases. It’s also strongly advised to withdraw cash only from your bank’s ATM’s. Check with your bank for any services pertaining to fraud alerts and take advantage of them.

Get FTC help

Visit the Federal Trade Commission’s consumer website for more information.

Larry Moore is a twenty-year security veteran currently serving as the president of the Austin chapter of the Information Systems and Security Association (ISSA), a nonprofit organization that promotes cyber security.