Protecting yourself from identity theft


  1. Do not disclose your full nine-digit Social Security number unless absolutely necessary, and never use it as an identifier or password. Question those who ask for it.
  2. Avoid paper billing by requesting secure electronic statements instead. If you require hard copies, you can print and store them safely without risking mail theft.
  3. Lock your mailbox if it's lockable.
  4. Shred documents containing personal information (name, account numbers, social security number, birth date) before throwing them away. 
  5. Configure your computer and/or smartphone to require a password for use, and set another password for sensitive files. Use unique passwords that include a combination of letters, numbers, and symbols. Do not use your birth date, a close relative's birth date, or a combination of letters and numbers on Splashdata's annual list of the most stolen passwords.
  6. Avoid using the same password for different accounts, and change your passwords once or twice per year.
  7. Install and update antivirus, anti-malware, and security programs on all computers, tablets, and smartphones.
  8. Don’t disclose information commonly used to verify your identity on social networking sites, such as date of birth, city of birth, mother’s maiden name, name of high school, etc. If you do, don't use that information to verify your identity.
  9. Avoid using credit or debit cards or conducting online banking transactions or making purchases, paying bills, or sending sensitive information over unsecured WiFi networks (e.g., any network without a password log-in, such as on trains, at airports, coffee shops, or hotels).
  10. Disable Bluetooth connections on devices when not in use.
  11. Watch out for “phishing” and other “social engineering” scams. Phishing is when identity thieves request personal information by pretending to be a legitimate entity, such as a bank or the IRS. Ignore unsolicited requests for personal information by email or over the phone, and only contact entities by means you know to be authentic. Do not contact an entity by clicking a link sent as part of an email requesting personal information, because phishers often link to authentic-looking, fake webpages. You can also call the phone number on the back of a card previously issued to you, or call the phone number on an old statement from that issuer. 
  12. Fight “skimmers.” Do not give your debit card to a restaurant server or anyone who could have a hand-held skimming device out of sight. When using an ATM, look for suspicious cameras and holes, and touch to confirm that extra parts (loose or slightly different colors) have not been installed over the card reader. Always cover your hand while hand typing a PIN, and avoid using ATMs in secluded locations.
  13. When accessing financial information on your smartphone, only use apps authorized by your bank or published by reputable app makers. Apps that show thousands of downloads are probably safe. Do not access apps on public open wi-fi.
  14. Place security, or credit freezes, on your credit report. Our separate “security freeze” tips explain how to guarantee peace of mind against new account identity theft by freezing your credit reports, then thawing them only when you are in the credit markets. A creditor will deny credit to an imposter who applies for credit using the name and Social Security Number of a consumer who has placed a freeze.


  1. Check your monthly statements for unauthorized charges. Be suspicious of phone calls about surprise debts.
  2. Sign up to receive email and/or text notifications of account activity and changes to account information.
  3. Instead of paying for over-priced subscription credit monitoring, use your free annual credit reports by law as your own credit monitoring service. Every 12 months, federal law gives you the right to receive one free credit report from each of the three main consumer reporting agencies, Equifax, Experian and TransUnion. Instead of requesting three at the same time, request one credit report from one of the bureaus every four months. Verify that the information is correct, and an account has not been opened without your knowledge. Free credit reports are available online at or by calling 1-877-322-8228. Seven states – Colorado, Georgia, Maine, Massachusetts, Maryland, New Jersey and Vermont also provide an additional free report by state law, available by contacting each bureau directly.

Types of Identity Theft:

Federal law recognizes two sorts of identity theft—existing account fraud and new account (account takeover) identity theft.

Existing Account Fraud: Victims of data breaches where only their account numbers were taken are well-protected by law, although victims of lost debit card numbers may face bounced checks and cash flow problems until the bank replaces their funds. The Electronic Funds Transfer Act (EFTA) provides for no liability if you notify the financial institution within 60 days if only your debit card numbers are stolen. However, if you actually llose a debit card or other device that can access your bank account, your liability could be up to $500 if you fail to notify the bank within 2 days of finding out about the loss and could increase even higher if you fail to notify the bank within 60 days. Under the separate Truth In Lending Act, credit card customers are always well protected by law, never facing liability of greater than $50 for fraudulent use of a card.

New Account Identity Theft: A thief who obtains your Social Security Number may attempt to open new accounts in your name. This form of identity theft is difficult to clear up. A thief who obtains your email address may contact you in a phishing scam to try and trick you into providing your SSN and birth date, which are the keys to new account identity theft. Thieves apply for credit with your name, your SSN and their own address. The creditor then obtains a credit report and issues credit to the thief.

Be Wary of New Types of Identity Theft: Note that online tax preparers and the IRS itself have been hacked, resulting in tax refund fraud. Health insurance data breaches may result in medical services theft. A federal agency, the Office of Personnel Management (OPM), has recently been breached. Detailed security clearance dossiers that were taken provide thieves with the opportunity to commit new account identity theft and could subject victims to reputational risk and emotional harms, since information on possible marital affairs, drug and alcohol abuse treatment, previous arrests even without convictions, may have been taken.


Step 1: Notify your financial institutions.

If you discover that your wallet, checkbook, credit card or other sensitive information has been lost or stolen, immediately notify the issuing bank, credit card issuer, or relevant institution to close all existing accounts. 

Step 2: Get an Identify Theft Affidavit.

If you suspect identity theft, report it to the Federal Trade Commission using the online complaint form or by calling 1-877-ID-THEFT. When making the report, you will be given an option to receive an Identity Theft Affidavit. This document, together with the police report, will be critical to minimizing the damage.

Step 3: File a police report.

If you believe you are a victim of identity theft, file a report with your local police department. When you make the report, bring a copy of the Identity Theft Affidavit. The police report will be important for insurance purposes. Keep copies of the police report and Identity Theft Affidavit.

Step 4: Contact the three major credit reporting companies and place a fraud alert on your accounts. If you haven’t already, it’s time to place a security freeze.

An important next step is to place a fraud alert and a security freeze on your credit report. Placing a fraud alert tells businesses checking your credit rating that there may be fraud involved in the account. The fraud alert must be renewed after 90 days, and it entitles you to receive one free credit report from each of the main agencies. The security freeze stops anyone from seeing your credit report without your permission. Alerts and freezes can be placed by contacting the toll-free fraud number of any of the three consumer reporting companies noted below. Initiating a credit freeze does not impact your credit score.

  • TransUnion: 1-800-680-7289;; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790
  • Equifax: 1-800-525-6285;; P.O. Box 740241, Atlanta, GA 30374-0241
  • Experian: 1-888-EXPERIAN (397-3742);; P.O. Box 9554, Allen, TX 75013

Step 5: If your social security number was stolen, contact the Social Security Administration.

File a report and access resources at You can also call 1-800-772-1213.



Issue updates

News Release | Maryland PIRG Foundation | Consumer Protection

Big Banks Make Billions on Overdraft Fees

“Banks that relied most heavily on overdraft revenue had more complaints to the Consumer Financial Protection Bureau in the complaint category “account funds being low,” said Maryland PIRG Director Emily scarr. “It’s clear that we need to protect a strong CFPB to make sure banks are following the law.”

> Keep Reading
Report | Maryland PIRG Foundation and Frontier Group | Consumer Protection

Big Banks, Big Overdraft Fees

American consumers should look to the Consumer Financial Protection Bureau (CFPB), which has already enforced overdraft regulations and returned millions of dollars to consumers, to take new action to prevent unfair overdraft fees.

> Keep Reading
News Release | U.S. PIRG | Consumer Protection

Consumer Advocates Concerned By Court Ruling Overturning Ban on High-Powered Magnets

We've joined leading consumer and pediatrician organizations in a joint news release with a sharp critique of a U.S. appellate court decision overturning a U.S. Consumer Product Safety Commission ban on the sale of high-powered small magnets (some as small as BBs) that pose a severe ingestion problem for children and youth. As our Trouble In Toyland report released on November 22 pointed out: "Nearly 80 percent of high-powered magnet ingestions require invasive medical intervention, either through an endoscopy, surgery, or both. In comparison, only 10 to 20 percent of other foreign body ingestions require endoscopic intervention and almost none require surgery."

> Keep Reading
Blog Post | Consumer Protection

Addicted to Hand Sanitizer: A Wells Fargo Scandal Update | Ed Mierzwinski

More questions continue to be raised about the Wells Fargo scandal. When did it really start- 2013, 2011 or 2005? What did execs know and when did they know it? How many frontline employees were fired because they complained as whistleblowers? Does setting up a fake account constitute criminal identity theft? Should deposed chairman and CEO John Stumpf go to jail? If the culture was pure, how did a frontline worker get "addicted to (drinking) hand sanitizer? Should he pay back more bonus compensation? Here's a flyaround of some of what's going on. By the way, did you know that even the Better Business Bureau has thrown Wells out?

> Keep Reading
Blog Post | Consumer Protection

Consumer Financial Protection Bureau: By the numbers | Kathryn Lee

The Consumer Financial Protection Bureau released a breakdown of their successes they’ve had in the short five-year period they’ve been established. We're very proud to have been a part of building it and defending it; we're also very proud of the many achievements the youthful CFPB has made to make the financial marketplace fairer for consumers.

> Keep Reading


News Release | U.S. PIRG | Consumer Protection

Over 7,000 Comments Submitted to Department of Labor

Every year, over $17 billion is lost from retirement savings to fees and charges, according to the Council of Economic Advisors. Today, we submitted over 7,000 PIRG member comments urging the U.S. Department of Labor to finalize a strong rule requiring retirement advisors to put the interests of their customers first. We also submitted a detailed expert comment of our own in the important "conflicted advice" rulemaking.

> Keep Reading
News Release | US PIRG Education Fund | Consumer Protection

Top 10 List: How the CFPB Works for Consumers

The Consumer Financial Protection Bureau (CFPB) turns 4 on July 21st. To celebrate and increase public awareness of the agency, U.S. PIRG Education Fund released a new webpage, “Meet the CFPB: Just Ten of the Ways It Works for You.

> Keep Reading
News Release | Maryland PIRG Foundation | Consumer Protection

New Report: Mortgage Problems Rank #1 at CFPB for Consumer Complaints

BALTIMORE –Mortgage problems were the top source of complaints to the Consumer Financial Protection Bureau (CFPB), according to a report by the Maryland PIRG Foundation. The report also found that Bank of America was the most complained about company in Maryland for mortgage problems. 

> Keep Reading
News Release | U.S. PIRG | Consumer Protection

We Commend CFPB For Adding Consumer Stories To Public Complaint Database

Yesterday, the CFPB published the first batch (7,700) of consumer narratives or stories to the Public Consumer Complaint Database it began in 2011. We've used the database to publish five reports (so far) analyzing complaint trends in markets ranging from credit cards to student loans but we have also long urged the voluntary addition of stories to the data fields. Now, consumers can learn if what happened to them happened to anyone else. Now, researchers can track which banks are more responsive to particular problems and which ignore their customers. A good resource is now an excellent resource.

> Keep Reading

How Companies Turn Your Facebook Activity Into a Credit Score

This story in The Nation explains our work challenging the way data brokers use "black box," or secret, algorithms to make scoring decisions that may violate the law and deny credit opportunities. This work was also the subject of our recent livestream event featuring Professor Frank Pasquale and his new book, "The Black Box Society." We've now posted an archive of that event, in 3 chapters on our Youtube page.

> Keep Reading


Blog Post | Consumer Protection

House holds stacked hearing to attack retirement savings rule proposal | Ed Mierzwinski

The House Financial Services Committee is holding a typically stacked hearing -- one consumer-side witness against four Wall Street-backed lobbyists  -- to attack the important retirement savings rule proposed by the Department of Labor. The rule simply requires retirement advisors to put the customer's needs  -- not their own compensation -- first.

> Keep Reading
Blog Post | Consumer Protection

Court Reinstates Case Against Bank That Aided Senior Citizen Fraud | Ed Mierzwinski

This week, the 3rd Circuit, U.S. Court of Appeals overturned a lower court decision that had denied class action status to victims of a scheme targeting senior citizens who were suing Zions Bank and its payment processor affiliates for aiding the fraudsters. U.S. regulators led by the Department of Justice have been fighting this and similar schemes, yet powerful special interests have managed to create a false narrative in Washington, DC that has been picked up by opponents of consumer protection laws. They falsely claim that the government's target is "legitimate" payday lenders and gun dealers. Wrong, the target is financial crimes against consumers, many consumers.

> Keep Reading
Blog Post | Consumer Protection

IRS Admits Data Breach Worse Than Thought, Will Congress Do Wrong Thing Anyway? | Ed Mierzwinski

This week, the IRS has admitted that thieves accessed the personal information -- enough to allow them to take your tax refund -- of an additional 220,000 taxpayers, on top of the 114,000 reported in May. Meanwhile, we remain  concerned that Congress will use continued publicity about the Target breach and other breaches as an excuse to pass dangerous data security legislation. Dangerous? Yes, because it would only protect against limited financial identity theft harms, but eliminate stronger state protections against the harms posed by the IRS breach, the health insurance breaches and the OPM breach.

> Keep Reading
Blog Post | Consumer Protection

House To Vote On Godzilla-Sized Rule Blocker, As Financial Committee Considers Smaller Rollbacks | Ed Mierzwinski

UPDATED: REINS Approved, near party line vote. Today, the House Financial Services Committee takes up a package of smaller rollback bills, many of which are opposed by Americans for Financial Reform and the PIRGs. Meanwhile, the House will bring up the Godzilla of all anti-health and safety bills, the REINS Act. Fortunately, the President has promised a veto.

> Keep Reading
Blog Post | Consumer Protection

The CFPB is 4 years old and has a lot to show for it! | Ed Mierzwinski

Tuesday, July 21, marks four years to the day since the Consumer Financial Protection Bureau opened its doors to protect consumers and make financial markets work. We've summarized some of the ways CFPB works for you on a new web page.

> Keep Reading


View AllRSS Feed

Defend the CFPB

Tell your senators to oppose the “Financial CHOICE Act,” which would gut Wall Street reforms and destroy the Consumer Financial Protection Bureau as we know it.

Support us

Your donation supports Maryland PIRG's work to stand up for consumers on the issues that matter, especially when powerful interests are blocking progress.

Consumer Alerts

Join our network and stay up to date on our campaigns, get important consumer updates, and take action on critical issues.
Optional Member Code