If you’ve become a victim of a phishing scam or identity theft, here are vital steps you should take immediately.

If you’ve given out your credit or debit card information:
  • Report the incident to the card issuer immediately.
  • Cancel your card and open a new one.
  • Review billing statements carefully after the incident.
  • If the statements show unauthorized charges, contact your financial institution immediately.
If you’ve given out your bank account information:
  • Report the theft to the financial institution as quickly as possible.
  • Cancel your account and have a new one opened.
If your personal information has been compromised:
  • Report ID Theft to 3 major Credit Bureaus.
    • Place a freeze on all 3 major credit bureaus.
    • Best place to start is annualcreditreport.com.
    • Request a free copy of your credit report from each bureau.
  • Inform all Financial institutions of fraud taken place – have them notate accounts of potential information stolen.
    • This includes other credit card companies, auto loans, other bank accounts, Human Resources at work, retirement accounts, any other brokerage accounts, personal loan or finance companies, mortgage company, utility companies, internet, cell phone, pension or retirement income companies, etc.
    • Have an account password placed on the account.
  • File police report with local authority (recommended) – home jurisdiction.
  • Go to FTC.gov, click on Report Identity Theft, follow steps with questions to report ID Theft, create a plan, and monitor plan of action items.
  • Contact the IRS.
    • Set up a PIN for filing your Federal Returns.
  • Notify Social Security Administration if your Social Security Number was stolen.
  • Sign up for Credit/ID Theft Protection/monitoring services that offer Dark Web/Black Market monitoring (optional).
    • Review which service is best for you, if you choose to sign up with a company.
  • Monitor all accounts for a minimum of 12 months for any further suspicious activity.
  • Monitor credit bureaus for the next 12-18 months for any further activity.
Other security precautions if you suspect your personal information is in the wrong hands:
  • Check all other accounts you have that could have been fraudulently accessed —including your email ISP, online bank accounts, and other e-commerce accounts you’ve visited.
  • Document the names and phone numbers of everyone you speak with regarding the incident. Follow-up your phone calls with letters. Keep copies of all correspondence.

Back to Identity & Security Protection