MONEY privacy

This Privacy Breach Scares People More Than Revenge Porn

Broken door

A new survey lays bare our greatest fears.

Want to know what’s worse than having naked pictures of yourself leaked online? Having your financial information stolen or compromised — or so said 55% of those polled in MasterCard’s Emotion of Safety & Security Research survey, released today.

Even more would rather have their homes robbed (59%) or email hacked (62%) than have financial data stolen or compromised. Interesting as those statistics are, most criminals don’t ask potential victims which crime they would prefer. And so we’re left to try to figure out how to keep safe.

Almost half (48%) feel personally responsible for keeping their data safe, and virtually everyone (92%) reports doing at least something to protect themselves (here are some ways to keep identity thieves at bay).

The survey was conducted by phone by Braun Research from May 8 – 12 among 1,000 adult consumers in the U.S. The survey has a margin of error of +/- 3.1% at the 95% confidence level.

People generally get that the problem of data privacy is serious — that a Social Security number can enable someone to open a new line of credit in your name or drain your bank account, or that an intercepted credit card number can allow someone far away to to use a the card that seems to be safely tucked in your wallet.

But there are so many kinds of identity theft that sometimes our response is simply to be overwhelmed — which results in inaction, says identity theft and personal security expert Robert Siciliano.

Which is how security can fall by the wayside. While there are things we can — and should — do to protect ourselves, we don’t necessarily do them. We know we should change passwords regularly, use strong passwords (upper and lowercase letters, numerals and special characters) and be careful about using public Wi-Fi, but who has time? Besides, it’s a numbers game, and consumers may assume that if they’ve gotten away without taking precautions before, their luck probably will hold out.

Siciliano said that if you haven’t changed your password in more than a year, “your passwords are more than likely in the hands of a criminal.” Just because it hasn’t been used yet doesn’t mean it won’t be.

Siciliano says trying to protect yourself online isn’t unlike taking care of car safety. It’s easy to think it’s as simple as buckling up, forgetting that we also need to have brakes serviced periodically, change oil and do other maintenance to keep our cars running safely. And yet when the brake light comes on, most of us take time to address the problem. But tell us we need to install a computer update, and we are often too busy. We will do it later.

Among the things people could do but often dismiss as too time-consuming or inconvenient are using a virtual private network (VPN) when using public W-Fi, Siciliano said. Many VPNs are free, but they will take about 10 minutes to install (and that, he says, is precisely why many of us do not have them). A VPN masks and encrypts your data. It doesn’t take any longer to get on your network than it would to update your status on Facebook, he said.

Other simple things: Update your computer, smartphone and/or tablet’s operating system regularly. Updates address vulnerabilities. Also, schedule scans to be sure your computer is free of known viruses and spyware. If you use credit cards, favor those with chips, Siciliano advises. Most cards are updating to chip and PIN technology, but some still have magnetic stripes. Siciliano said many larger issuers are sending chip cards when old ones expire, but some also offer new cards on request. Carolyn Balfany, senior vice president of product delivery – EMV, MasterCard, said the chip credit and debit cards will better protect against fraud. “Chip cards have embedded computer chips on the front of the cards which create unique codes for every purchase. The unique codes make the cards nearly impossible to copy. U.S. financial institutions have already started issuing payment cards with chip technology to their customers,” she said. Further, consumers are never held responsible for fraud regardless of which kind of card they use.

Checking your financial accounts, as well as your credit reports and credit scores, regularly can also tip you off to a problem that you need to correct before it becomes an even bigger problem. You can sign up for account alerts to notify you whenever a transaction is made, or you can just log in every day to look at your statements. You can get your free annual credit reports from

More From

MONEY privacy

5 Secrets Identity Thieves Know About You

Getty Images

Here's how to get your peace of mind back.

Identity thieves don’t want you to read this article.

They’ve made an entire industry out of living off of other peoples’ good names. And when you know their typical tricks, stealing your identity is much harder.

Unfortunately, not enough people know what puts their identities at risk for theft. And that has helped keep identity theft the No. 1 consumer complaint to the Federal Trade Commission for 15 years running. Do you like the idea of thieves using your name to make money and cause you financial headaches? Of course not. So take a minute to make sure you’re aware of five foolish behaviors that identity thieves love and how to fix them.

1. You Hand-Deliver Valuable Personal Information

To identity thieves, your trash can and recycling bin are seen as an “inbox.” They appreciate when you toss out anything with personally identifying information — especially credit card offers, bank statements, insurance-related materials, and medical statements or records.

The fix:

  • Buy a quality crosscut shredder and give identity thieves an impossible puzzle to solve.
  • Shred everything with your name and any other important information on it before throwing it out (thieves will move on to easier targets).

2. You Leave Virtual Doors Open

There are entire organizations dedicated to computer hacking and scams. So if you’re using a simple password or not employing the right security measures on your computers, smartphones and tablet devices, your information is at a much greater risk. It’s like leaving a door open with money sitting on a table just inside.

The fix:

  • Be sure to use security software that includes a firewall, antivirus and spyware programs, and regularly update them.
  • Set your devices to automatically install security updates from manufacturers.
  • Use strong passwords that contain a mix of eight or more numbers, symbols and upper and lowercase letters. Don’t use anything obvious, such as your child’s or pet’s name. Also be sure to change passwords often, and use unique passwords for important sites.

3. You Provide Ready Access to IDs & Documents

Your house and office have a treasure trove of documents with identifying information and important IDs, including passports, Social Security cards, birth certificates and much more. If they’re not locked up, anyone with access to your house could take a quick smartphone picture or even grab them.

The fix:

  • Put important IDs and files into secure drawers, closets or safes.
  • Keep them locked away when you’re not using them.

4. You’ve Never Visited

Your credit reports include any credit- or loan-related accounts that are opened in your name. Even if you don’t need to apply for credit or a home or car loan, it’s important to ensure that your credit is clean and your credit score is as high as possible for when you do need it.

The fix:

5. You Don’t Guard Your Social Security Number

A Social Security number is like a master kay. Once identity thieves have it, along with a few other personal details, they can establish credit or potentially gain access to your existing accounts. That’s why you want to limit how and where you share your Social Security number.

The fix:

  • Don’t carry your Social Security card or number in your wallet or purse.
  • Never give your SSN to someone you don’t trust.
  • Provide your SSN only when it’s required.
  • Avoid using your SSN as an identifier (if a company or medical provider wants to do this, ask them not to).

By taking these steps, you can rest more easily knowing you’re not an easy target for identity theft.

Read next: I Ate Thanksgiving Dinner With My Identity Thief for 19 Years

More From

MONEY credit cards

The Newest Weapon Against Credit Card Theft Is…a Selfie

Smile! MasterCard hopes to develop a security measure with real teeth.

MONEY privacy

How Your State Is Helping Scammers Rip You Off

Steve Shepard—Getty Images

Unclaimed property records are easy targets for fraudsters.

As cybercriminals become more skilled, the privacy practices at many organizations have not kept apace. In the State Compendium of Unclaimed Property Practices that I’ve compiled, I found this to be the case at many state treasuries where the data exposed provides fraudsters with a crime exacta: claiming money that no one will ever miss and gathering various nuggets of personal data that can help facilitate other types of identity theft.

First, you have to understand what “unclaimed funds” are and how they work. Our states are responsible for ensuring unclaimed property makes it into the right hands. Twice a year, organizations like banks and insurance companies report uncollected payouts to their state’s Unclaimed Property Office. From there, the debt is published in a local newspaper, and if it remains unclaimed, the property (funds, stocks, commodities, etc.) has to be surrendered to the state for safekeeping until a claim is made.

Two years ago, there was a total of $58 billion in unclaimed property nationwide. In theory, it’s safe. You need to be able to identify yourself and go through a verification process to collect the money. However, because Social Security numbers and other personally identifiable information (PII) are increasingly easy to find on the dark web, consumers are faced with a potential fraud-frenzy not unlike the spike in stolen tax refunds of recent years. It takes a good deal of information for a fraudster to claim funds that rightfully belong to you, but the danger of PII on unclaimed funds sites cuts both ways – fraudsters can find out that you have unclaimed money and try to gather other information about you in order to claim it, or they can use the information from the unclaimed funds sites to build a dossier on you and target you for other scams.

This is not a hypothetical problem. Interestingly, the first explanations of the issue in a simple Google search (i.e., unclaimed funds identity theft) came not from a state treasury, but a site called Scambusters. One common scheme involves charging a fee to “locate” your unclaimed property. In the process, the swindler grabs personally identifiable information that can be used to commit identity theft. Stories about stolen unclaimed funds abound. In 2011, a Houston woman was convicted for stealing almost $500,000 in tax refunds and unclaimed funds. According to, “Officials said Thomas used public databases to locate the names of the people owed money, then used their personal information to claim the funds.” Texas scored a lone star in the compendium—the worst ranking here.

This has become an issue because of data breaches. News is still trickling out about the millions of federal employees whose personally identifiable information was exposed to hackers because of shoddy data security at the Office of Personnel Management. Between the breach at Anthem that leaked Social Security numbers and the Premera breach that leaked far more specific information (in addition to SSNs), almost 100 million records were stolen. The recent IRS revelation that fraudsters essentially walked through the digital front door and stole $50 million in tax refunds using information accessed in its “Get Transcript” application highlighted the need for more stringent processes at government agencies. That swindle, like so many others, was made possible by a seemingly never-ending string of breaches. The fraudsters had enough information to game the IRS verification process. The same approach could be used with unclaimed funds.

While I am focusing here on the state offices responsible for unclaimed funds, knock on any organization’s door these days and you will find data security and privacy issues.

According to some estimates, there are more (perhaps significantly more) than a billion records “out there.” Therefore, it is crucial that organizations entrusted with our personal information do everything possible to limit our exposure, especially when our money (as well as the integrity of our identities) is on the line.

The compendium found that more than half the country could be doing a better job. Thirty-six states had practices that exposed more personal information than was necessary—ranked “Not Good” (28) or “Bad” (8)—exposing various kinds of data that fraudsters can use to build the type of personal information dossier on an individual (or even a celebrity, we found) that facilitates the commission of identity theft.

What Can We Do About It?

For Consumers: Get your money now! Visit your state’s unclaimed property site as soon as possible to see if you have a claim, and if you do, go through the process before your evil twin does. And, as always, stay vigilant. Just because you don’t have unclaimed funds doesn’t mean a scammer can’t get to you other ways. Monitor your financial accounts regularly for unauthorized charges, and keep an eye on your credit reports and scores for signs of new-account fraud.

For States: Respect your fiduciary duty to protect us and expose less PII in the verification process.

How does your state measure up? Click here to read the full State Compendium of Unclaimed Property Practices.

More From

MONEY Student Loans

Someone Took Out a Student Loan in My Name

hands holding student ID that has been blurred
Money (photo illustration)—Matthew Aslett/Corbis (1)

Some students worry about whether they’ll get the financial aid they need to pay for the next semester of college. Others wonder why there is a record of them taking out student loans when they didn’t apply — and now they can’t get the loans they need. Consider these scary scenarios readers have told us about recently:

  • Trey: I just checked my credit score and [someone] has taking a student loan out in my name what can I do?
  • Felecia: My tax refund was taken away because they said I [attended] school and I have never been enrolled in school. I don’t even have a GED or high school diploma so how can I get them to refund me my tax refund back?
  • Theresa: I’m just tired of all the craziness. Someone [has] been able to hack my identity some kind of way and follow my mother’s address and another address that I had and they got student loans in my name, I called the company and they just gave me the runaround, so now I have to figure out what else is there for me to do…

Most victims of student financial aid fraud find out when they apply for a federal loan that they are denied because they already have a loan — only they don’t have it. Instead, someone using their name and birthdate has the loan money, and it’s then the victim’s battle to restore their own credit.

How does somebody who isn’t you apply for a loan that you would be entitled to? We asked Brett Montgomery, fraud operations manager for identity theft and data risk services provider IDT911, and this is how he explains it: “Applicants and enrollees are not required to have their identities confirmed, and because institutions do not always otherwise verify students’ identities. With a valid date of birth, name and Social Security number, anyone can get a loan — especially online — since the system is designed to encourage electronic access to student loan assistance.”

Worse, you may not know that someone has taken a loan out in your name until something bad happens, like the Internal Revenue Service seizing your tax refund to pay the defaulted student loan you knew nothing about, or finding a student loan on your credit report. And sadly, it was probably a lot easier for the identity thief to access the money than it is going to be for you to be able to get a student loan or the tax refund that was rightfully yours. “The amount of documentation needed to prove your innocence is more than what was used or verified to establish the fraudulent loan,” Montgomery said in an email.

But you can’t even begin to try to untangle the mess unless you know it exists. For that, he recommends checking your credit often — though he cautions that not all government loans report to the credit bureaus. “Typically people are made aware through collection notices through the mail or by phone. Another way is when they have to apply for the same type of government student loan and they are informed they already have a loan out.”

The other question is why someone would take a student loan out in someone else’s name. Presumably it’s not to get an education. After all, a degree in someone else’s name isn’t likely to be valuable long-term. But cash is. While the proceeds of these loans are supposed to only be used for qualified educational expenses, the reality is people use them for just about anything.

How Long Can It Take to Unravel?

If, like Felecia, your tax refund is taken, it can take at least eight months, and possibly much longer, to get your money back, Montgomery said. And if you are refused a student loan because you supposedly already have one? “The government tends to not loan money out when there may already be the same type of loan in the person’s name,” Montgomery said. “All you can do is supply the requested documentation and hope they remove the fraudulent loan from your name and credit.” So if the loan refusal happens shortly before you need the money, you are going to need a Plan B.

If you’re a parent helping a student apply for aid, explain what personally identifiable information (PII) is and how to protect it, Montgomery said. Educate your student to ask why someone is requesting their Social Security number and how it will be protected if they give it to them. (And don’t give your child’s number out yourself unless you are satisfied the person requesting it actually needs it and will protect it.) If you hire a professional to help you fill out the FAFSA and apply for aid, make sure the personal identification number (PIN) is known only to you. While there is not yet a way to be absolutely certain you won’t be a victim, you can reduce the opportunities for a thief to access the data that make it easier to take federal student loans out in your name.

If, despite your best efforts, you become a victim, your best bet is to report it as soon as you discover it. The U.S. Department of Education recommends contacting these offices, as well as the three major credit reporting agencies, depending on your situation:

  • U.S. Department of Education Office of Inspector General Hotline
  • Federal Trade Commission
  • Social Security Administration

Also understand that a fraudulent student loan may not be the end of the story. It clearly indicates that someone was able to access enough of your personal information to get a loan. That information could be re-used at some point to get a credit card, etc. It’s important to regularly monitor your credit and to investigate major changes in credit score that you can’t account for as well as credit inquiries or new accounts you don’t recognize. You may want to place a fraud alert or security freeze on your credit reports as well.

More From

MONEY Opinion

How to Protect Our Kids’ Credit Now

Foreign Intelligence Surveillance Act
Bill Clark—CQ-Roll Call,Inc. Rep. Jim Langevin, D-R.I., participates in the news conference on Foreign Intelligence Surveillance Act (FISA) Improvement Legislation on Tuesday, March 25, 2014.

Children are particularly vulnerable to identity theft because they have little reason to access their credit histories.

An 18-year-old looking to purchase his first car.

A young woman applying for the student loan that will put her through college.

A foster youth aging out of the system and eager to get a place of his own.

These are exciting milestones in the lives of young people, turning points that mark new beginnings and the start of independence. Now imagine you’ve reached this crossroads only to discover that your identity had been stolen. Instead of the pristine, untapped credit record you’re expecting, you find years of charges, debt and defaults racked up by a criminal using your name and Social Security number.

It’s a scary thought, and not as rare as you may think. Identity theft has been the top consumer complaint received by the Federal Trade Commission for more than a decade, and those complaints increasingly involve minors or young adults tapping into their credit for the first time. The ensuing chaos and barrage of paperwork is a difficult maze to navigate for most adults, never mind young people who have not yet even opened their first credit card.

Children are particularly vulnerable because they have little reason to access their credit histories. By the time the discrepancies are discovered, the damage has been done. We must make it easier for parents to protect their children’s financial futures.

All children are vulnerable to identity theft, but foster youth are especially susceptible. Their personal information, including Social Security number, is passed through many hands, increasing the chances of abuse. Moreover, when they age out of the system, they often lack a parent advocate to fight on their behalf. As a co-chair of the Congressional Caucus on Foster Youth and someone who grew up with foster siblings, this is an issue about which I care deeply.

In 2011, I successfully incorporated a provision into the Child and Family Services Improvement Act mandating free credit checks for foster youth over 16 years old, giving them time – and assistance – to clear inaccuracies from their records before they aged out of the system.

I believe similar protections are necessary for all children, and I continue to call on my colleagues in Congress to enact a solution.

The Protect Children from Theft Act, which I introduced in April, aims to safeguard children from becoming victims of identity theft. The bill directs the Consumer Financial Protection Bureau to write a rule that gives parents and guardians the ability to create a protected, frozen credit file for their children. Placing a freeze on a credit report would prevent lenders and others from accessing a credit report entirely, which in most instances would stop an extension of credit. I hope that this legislation, if passed, would create a simple, easy-to-understand process for families to protect their child’s financial interests. New parents are consumed with many questions and concerns; diapers and teething likely take precedence over their child’s future credit score. We need a process by which parents and guardians have an easy, streamlined way to freeze a child’s credit.

As co-founder and co-chair of the Congressional Cybersecurity Caucus, I am well aware that cybersecurity is not a problem that can be solved, only managed. An often overlooked component to that management is resilience, being able to recover from an incident. We are all increasingly reliant on technology and the data that drive it; today, we trust a multitude of networks with personal financial data and private information, including health care records and, yes, even our Social Security numbers. If we want to benefit from the economic efficiencies of technology but still avoid identity theft, we need personal cyber resiliency so that we can recover when our data are compromised. We need to keep tabs on who has our personal information and what is at risk in the case of a breach. We need to check our credit scores, put alerts on our credit cards and work with our banks to ensure our financial information is as safe as possible. And we need to exercise the same vigilance for our children and their data.

I will continue to fight to protect children from identity theft to give them a fair shot when their time comes. Let’s share our good cyber habits with the next generation and make sure that when they are ready to buy that car, take out that student loan or sign a lease on that new apartment, identity theft doesn’t derail the milestone.

Read next: When Someone You Love Opens a Credit Card in Your Name

More From

MONEY Banking

How to Get Bank Alerts on Your Phone

Peathegee Inc—Getty Images/Blend Images RM

They're the best way to stop fraudsters.

If you haven’t already signed up to get alerts on your mobile phone from your credit card issuer, what are you waiting for?

Mobile alerts can tell you within minutes if your card is used in another country or if your payment is overdue. They can save you the embarrassment of being blocked at the cash register if a transaction seems suspicious by asking you via two-way text if the purchase is legitimate. And as I recently learned firsthand, they can help you catch fraud almost instantly.

I had just started receiving mobile notifications of every transaction on my American Express card when a transaction I didn’t recognize for $748 popped up. I immediately got on the phone. Sure enough, it was fraud. And even though AmEx hadn’t flagged it as a suspicious transaction, I was able to shut it down right away because I saw it.

That’s the beauty of mobile alerts and notifications, said Mark Schwanhausser, director of omnichannel financial services at Javelin Strategy & Research: “It’s a way to involve the customer and deputize them, because they often know better than the banks if something is legitimate or not.”

The alerts can also help you manage your personal finances by alerting you before a payment is due, if your balance goes over a specific amount or if you’re close to your credit limit. About four in every 10 consumers today have received some kind of alert from a financial institution, according to a Javelin report published in April. The company predicts that number will rise to more than half of U.S. consumers by 2019.

However, the report said most banks aren’t doing enough to promote their alerts, that it’s confusing and difficult for customers to enroll, and the alerts are “remarkably difficult” to turn on. “Finding alerts settings is akin to a Where’s Waldo’ search,” the authors wrote.

Since the issuers may not make it easy, here’s what you need to know to sign up:

How do you want to get your alerts?
You can get alerts through email, text message or “push notifications” that pop up in the status bar or notification tray of your cellphone. Email alerts are still the most common, according to Javelin, with 36 percent of consumers receiving them, compared to 22 percent for texts and 14 percent for notifications. Here are the pros and cons of the different types:

  • Email: Every bank surveyed by Javelin offers email alerts, and this type has been around the longest. The problem, of course, is that some folks don’t have email on their phones. Even if you do, you may not check it regularly. “Fraudulent transactions happen fast,” said Julie Conroy, research director at Aite Group. “A thief will do a little testing and then go to town, so it’s important to catch fraud as quickly as possible.”
  • Text message: About 95 percent of banks allow their customers to receive at least some financial alerts via text. Because we’re conditioned to give texts our immediate attention, this type of alert is a good choice for news you consider urgent. “Since you use texts to communicate with people, it might be annoying to get a text for every transaction,” Conroy said. “Also make sure you consider whether you’re going to incur charges for texts.” Some banks offer two-way texts that pop up instantly on your phone if you try to make a transaction that looks suspicious. If you respond that the purchase is legitimate, your card will go through instead of being blocked at the point of sale.
  • Push notification: This is the type of notification that I received from American Express. They pop up on your phone’s lock screen, in the banner at the top of your phone or in your “notification tray” even when you’re not using your card’s mobile app. They are more likely to get your attention than an email, but they’re less obtrusive than a text. Fewer than half of banks offer these, but Javelin predicts they will surpass text notifications as the No. 2 form of alert by 2019. Fueling that prediction: 45 percent of consumers surveyed said they think push notifications from their bank would be valuable, even though only 14 percent receive them.

When do you want to get an alert?
Signing up for at least some mobile alerts should be “a no-brainer choice for the customer,” said Brian Riley, principal executive adviser at CEB TowerGroup. “You don’t necessarily need an alert for every transaction. But everyone should want some type of notification,” he said.

Most issuers allow you to customize the type of notifications you receive and how you get them, so you can make sure you don’t get too many. “Typically there’s a control panel that says, ‘Text me or email me based on these specific conditions,'” Riley said. You can also turn them on or off anytime.

Some alerts are designed to enhance security; others help you stay on top of your personal finances. Here are some options you may see:

Security alerts:

  • Suspicious transaction: When issuers suspect fraud, they automatically try to contact you. But federal law requires them to get permission before they can notify you via text instead of calling you or sending an email.
  • Card-not-present transaction: This notifies you anytime a purchase is made without a swipe, so it’s mostly Internet transactions. “These transactions are much more vulnerable to fraud because all they need is your account number, not your actual card,” Riley said, “so this option should be first on your list.”
  • Gasoline transaction: Gas stations are another hot spot for thieves; you’ll be notified anytime a purchase is made at one.
  • International transaction: Because a lot of fraud originates overseas, this can be a good way to catch fraud if you rarely travel abroad; you can turn it off when you leave the country.
  • Transactions over a preset amount: You can choose to be notified of every transaction over a specific dollar amount. If you choose $0, you’ll be alerted to every transaction; set a higher dollar amount to minimize the number of alerts.

Personal finance alerts:

  • Available credit: Sent when your credit falls below a specified amount you set.
  • Balance: Sent anytime your credit card balance exceeds an amount you set. This can be particularly useful if you have multiple people using your card or if you’re trying to stay within a budget.
  • Low balance: An alert if the balance in an account linked to your debit card falls below a specified amount.
  • Payment due: Notifies you a specified number of days before a payment is due.
  • Missed payment: Sent if no payment was received by the due date.

How to sign up
Banks are cautious about automatic enrollment, Schwanhausser said, because “they don’t want their customers to feel like they’re being spammed or overwhelmed.” Most send automatic security alerts via email (or through a call to your home phone) anytime your personal information or settings are changed or if they notice suspicious activity.

To start getting text messages or push notifications to your cellphone, you have to proactively sign up. Though it can be difficult to enroll, it’s worth doing simply so your bank can reach you quickly on your cell if it detects suspicious activity. “It’s also a lot more convenient for you to hit reply to a text and say, ‘Yes, this was my transaction,’ or ‘No, it wasn’t,’ than to get an email about something and have to take the time to call in,” Conroy noted.

Every card has a slightly different process, but here are the basic steps to start getting text message alerts:

  • Log in to your card’s website.
  • Look for something in the menu that says “manage alerts” or “go to alerts.” If you don’t see the word ‘alerts,’ you may have to click on “Profile” or “Settings.”
  • Look for an option that will allow you to put in your mobile number, change your contact information or add text messages.
  • Because federal law requires you to opt in to receive text, you’ll have to activate the service by entering a code that the bank will send as a text.
  • Most issuers then list the types of alerts you can receive and how you want to receive them (email or text). Make your choices and then hit save.

To start getting push notifications, follow these steps:

  • First, find out if your card issuer offers the service. Javelin’s report in April said the following financial institutions were using push notifications, but more banks are adding them every day: American Express, Bank of America, M&T, BBVA compass, Regions, Chase, USAA, Citibank, Wells Fargo and Fifth Third.
  • Download the institution’s mobile app.
  • In most cases, you can add push notifications through an app menu option that says something like “Manage alerts.” If you don’t see it as an option in the mobile app, you may have to add push notifications through the card’s website. Call the phone number on the back of your card if you’re having trouble.
  • Once enrolled, you may still have to change the settings on your phone to “allow notifications” from your bank’s mobile app. On most phones, you can go to settings and look for “notifications.” Some, including iPhones, let you decide whether to turn on sounds and badges with the notifications.

After my own experience with fraud, I took the time to turn on mobile alerts for all of my active credit cards and bank accounts (it did take some time and a few phone calls). To keep my messages box from filling up, I elected to receive texts only for news I considered urgent: suspicious activity, a low balance or a payment missed. But I’m receiving push notifications on my phone for most other transactions, and so far, I haven’t minded the extra communication. In fact, I take comfort in knowing that if fraud happens, I’ll catch it quickly.


More From


I Can’t Get a Loan Because I’m ‘Dead’

view from inside a grave to the sky
Alan Thornton—Getty Images

But I'm not dead yet.

There are countless ways your credit report can get messed up, all of which can seem pretty annoying to fix. Perhaps one of the most unsettling problems you might find with your credit report is if it says you’re dead, when you’re most certainly alive. It’s not unheard of for consumers to apply for credit and be rejected because their reports incorrectly list them as deceased. But just like all credit reporting errors, it can be disputed and fixed. Unfortunately, it’s not always a simple process.

Why Your Credit Report Says You’re Dead When You’re Not

There are generally three reasons your credit report might incorrectly say you’re dead, said Robert Brennan, a consumer protection lawyer in Southern California. You’re probably dealing with a mixed file, identity theft or a simple mistake, and your course of action will vary slightly depending on the cause of the problem. Either way, you’re going to need to dispute the error with the credit bureaus.

How to Confirm You’re Not Dead

Obviously, having a credit report that incorrectly marks its subject as deceased can be really problematic for the consumer. Not only is a credit report one of the main documents consulted during lending decisions, it’s also something that may be reviewed by employers, insurance companies, landlords and other service providers, as they decide whether or not to work with you. As a result, you want to fix any credit report errors as soon as you find them. That’s why it’s a good idea to check your credit reports and credit scores as frequently as possible.

Once you realize your credit report says you’re deceased, talk to the credit reporting agencies. The dispute process for each of the three major credit bureaus (Equifax, Experian and TransUnion) is outlined on their websites. Keep in mind that the bureaus do not share information, so you need to check each report for accuracy and dispute issues separately. Brennan said to dispute the error in writing and send it through Certified Mail.

“Provide them with current identification (driver’s license, recent tax return, recent utility bill) and tell them to correct the status to ‘living,’” Brennan said, via email. “If the bureau fails or refuses, then the consumer has rights under the Fair Credit Reporting Act which would include his/her damages plus his or her attorney’s fees.”

What to Do If the Problem Persists

If the error is a result of identity theft, you’ll have more to do than file a dispute with the credit reporting agencies. Victims of identity theft should file police reports, check if fraudulent accounts were opened in their names (and terminate them), put fraud alerts on their credit reports, report the incident to the Federal Trade Commission and contact the IRS for an identity theft PIN to avoid problems during tax season.

It’s important to keep meticulous records throughout the process, because even if you resolve the issue, it could come up again, and you’ll want to be able to prove it’s an error — that will be a lot easier if you don’t have to start from scratch.

More From

MONEY Social Security

5 Times When You Can Get a New Social Security Number

New social security card on top of old one

It's possible in these exceptional circumstances.

Let’s say your identity was stolen and the identity thief opened up dozens of fraudulent accounts, causing you tons of grief and taking months (or years) to untangle the mess. Can you get a new Social Security number and just be done with the records associated with that horrible episode? Or if your number was exposed in a breach and you feel nervous that it could be misused at some point in the future (and yes, it could), can you change your number as a precaution?

The answer is probably no. But there are circumstances (five, to be exact) in which you can qualify for a new number. They are:

  • a continuing threat of abuse of your number;
  • more than one person was assigned the same number (that is rare, but it has happened);
  • there is a situation of harassment, abuse or a life in danger (as in some domestic violence situations);
  • sequential numbers assigned to members of the same family are causing problems;
  • religious or cultural objections to certain numbers or digits in the original number.

Even if you qualify, you might want to consider seriously the impact of taking this step. In many cases, employment information and medical records will be associated with your former Social Security number. So a new number can create some problems you may not have anticipated.

And if you are changing your number because you were a victim of domestic violence, you may also be changing your name. If that is the case, the Social Security Administration suggests changing your name first. Domestic abuse victims can also elect to have access to Social Security information blocked electronically.

No matter why you want to change your number, you’ll have to go in person to a Social Security office and document your reasons. If, for example, the number or digit sequence is the problem because of a religious objection, you’d need both documentation of the objection and evidence that you have an established relationship with the group that finds it offensive.

In the case of identity theft, just the fact that you have been a victim will not be enough; you would need evidence suggesting that despite your best efforts to put an end to it, the abuse of your number continues.

In any case, you will need documents to show proof of citizenship and immigration status. (Original documents are typically required.) You can get a head start on filling out the forms you’ll need and knowing which documents to bring here.

While it can be difficult to track all potential signs of misuse of your information, checking your credit reports regularly from each of the three major credit reporting agencies can help you catch some instances of fraud that can be committed in your name. Keep an eye out for unauthorized new accounts or collection items, and make sure all information on your reports is accurate and up to date. You can get your free annual credit reports mandated by federal law at, and you can get your free credit report summary from, which is updated monthly, to watch for changes.

More From

MONEY credit cards

When Someone You Love Opens a Credit Card in Your Name

woman glaring at boyfriend
Klaus Tiedge—Getty Images

Coping with financial betrayal.

When a loved one uses your personal information to apply for credit, he or she has committed identity theft. After the initial shock of discovering this betrayal, you face difficult decisions. One is that if you report the person to law enforcement, you run the risk of damaging your relationship. But if you don’t, you may not be able to get out from under any debt created and it could take years for your credit to recover from any damage done.

To help with the decision process if this happens to you, the Nerds reached out to Bruce McClary, vice president of public relations and external affairs at the National Foundation for Credit Counseling.

Gather the facts

The first item of business, regardless of which direction you take, is to collect all the information that confirms what happened and points to a possible perpetrator. Start by ordering a free copy of your credit report from to find the fraudulent account and see whether there are others.

Next, call the credit card issuer to tell it that you did not open the account. Ask the issuer to close the account and flag it as fraud. Request a copy of the signed cardholder agreements and any records of interactions the company has had with the person in question. If you choose to report the fraudulent activity to the authorities, McClary says it’s important to “confirm what took place and leave no room for doubt in the eyes of the law.”

Freeze your credit

Contact all three credit reporting bureaus and add a fraud alert to your credit report.

A fraud alert typically lasts 90 days initially, but you can renew it indefinitely. If you file a police report later, you can choose to request an extended fraud alert, which stays on your credit report for seven years. Once you have a fraud alert in place, creditors must call a phone number you provide to confirm your identity before extending any credit.

Nerd note: Because your loved one may know enough about you to pass a credit grantor’s identity quiz, the Nerds recommend using your cellphone or work number to ensure that the creditor reaches you.

Deal with your emotions

Deciding to confront your loved one about the identity theft may be the most difficult step in the process. You’ve been deceived by someone you trusted, so it’s a good idea to take some time to work through the shock. It’s also understandable that you might have second thoughts about filing a police report against the person. You’ll likely want to consider how outing him or her could affect your relationship as well as the individual’s relationship with others close to you.

When working through this dilemma, McClary urges you to “consider the fact that they acted without any regard for your rights or feelings when they committed the crime.” Although this doesn’t make it easier, it’s a reminder you are the victim and any consequences will remain on your credit report for up to seven years and might cost you when you apply for credit.

Seek a resolution

If you caught the fraudulent activity early enough and not much damage has been done to your credit, you may be able to resolve it personally with the loved one. Andy B., a 28-year-old insurance adjuster from Lincoln, Nebraska, was fortunate enough to deal with his case of familial identity theft this way.

While applying for a personal loan, Andy’s loan officer told him he had a high balance on a card that he knew nothing about. After some digging, he found out that his mother had opened up a credit card in his name 10 years previously. “I called her after I got off of the phone with the credit card company,” Andy says. “It was confusing, to say the least. I have a very positive relationship with my mother. … I knew she didn’t act maliciously and I definitely didn’t want to get her into any sort of legal trouble.”

After working things out with his mother and the credit card company, Andy is no longer liable for the debt and doesn’t think his mother will be prosecuted. He adds, “Do I think it was irresponsible? Yes. Do I forgive her? Absolutely.”

Andy acknowledges that he and his mother are fortunate to have worked this out, but he “can think of countless ways a family member can destroy a family member’s credit, not to mention their trust.”

Another alternative is to file a police report. Although this may not sound appealing because of how it could affect your relationship with the perpetrator as well as those around you, McClary believes that it’s necessary if you want to save your credit: “Notifying the police creates a record of enforcement that can be used to clear your name from the debt when that information is shared with the creditors.”

Put it in perspective

Regardless of which avenue you choose after your identity is stolen by someone close to you, your relationship may still suffer. The question you need to ask yourself is if you want to suffer the consequences of damaged credit, which could potentially make it difficult for you to obtain credit at favorable rates — if at all — for years to come. The decision is a personal one, but it’s important that you do what’s best for you and your financial future.

More From NerdWallet:

Your browser is out of date. Please update your browser at