FightCybercrime.org

Recognize, report and recover from cybercrime.

Social Security Identity Theft

This type of identity theft can have devastating impacts on your life. Learn what to do if someone steals your Social Security number.

Get Started Report Cybercrime
Home » Scams » Identity Theft » Social Security Identity Theft

The Basics of Social Security Identity Theft

Social Security identity theft is a form of identity theft in which someone uses your Social Security number to apply for credit, open new accounts or commit other fraud. This can happen if your Social Security number is stolen in a data breach, through phishing emails or by simply being written down somewhere where it can be easily accessed by others.

Common Tactics of Social Security Identity Theft

There are a few common tactics that are used in Social Security identity theft. One of the most common is opening new accounts in your name. This can be done by using your Social Security number to apply for credit cards or loans. Another common tactic is using your Social Security number to file for unemployment or disability benefits. This can be done by setting up a fake account using your information and then collecting the benefits that are meant for you. Here are a few ways in which identity thieves can get a hold of your Social Security number to commit their crimes:

  • Unsecured websites: Personal information can be stolen through websites that do not offer the proper security measures. Make sure you are looking for the “s” in a website URL. It should appear as “https://” to confirm it is a secure website. 
  • Phishing attempts through emails and phone calls: Thieves will attempt to contact you with seemingly legitimate messages to create a sense of urgency, causing you to click on an unsafe link.
  • Posing as a government official or person of authority: Criminals will call you and identify themselves as a legitimate organization to influence you to give out your personal information. 
  • Theft of a wallet or purse: Keep your personal belongings close to you and safeguarded from thieves at all times. 
  • Mail theft: Criminals will rummage through trash cans to get their hands on anything that might contain your personal information, including your Social Security number.

Step 1:Recognize

Red Flags of Social Security Identity Theft

There are a few red flags that can help you spot Social Security identity theft. Here are a few to watch out for:

  • You receive calls or letters from unfamiliar companies or creditors.
  • You notice unexplained accounts on your credit report.
  • You receive bills or statements for accounts you did not open.
  • You receive a change of address notification from the post office that you did not request.
  • You receive tax notifications that are unexpected or unfamiliar.

Step 2:Immediate Actions

If you think you are the victim of Social Security identity theft, it is important to take action right away. Here are some steps to take:

  • Visit IdentityTheft.gov from the Federal Trade Commission to file a report and create a personalized plan for recovery.
  • Contact the credit bureaus to obtain a free copy of your credit report, and consider placing a freeze or alert on your credit.
  • If your Social Security card is lost or stolen, contact your local police department to file a theft report. Then call the Social Security Administration directly at 1-800-772-1213 to request a replacement.
  • If you suspect you are a victim of tax-related identity theft, contact the Internal Revenue Service (IRS) immediately to file a report at 1-800-908-4490 and complete an IRS Identity Theft Affidavit (IRS Form 14039).

Step 3:Report

Reporting any type of cybercrime, including Social Security identity theft, is imperative to help others avoid being scammed. As a society, the more people that report online scams and fraud, the more national reporting data that is collected, and the better chance law enforcement has to catch the criminals and decrease cybercrime.

Report to FTC

Step 4:Recover

Protect Yourself for the Future

Once you have notified the appropriate organizations, it is time to recover and reinforce your cybersecurity by implementing preventative measures.

  1. Keep your personal information safe. Be careful about who you give your Social Security number, health insurance account number, or other personal information to.
  2. Shred any documents that contain your personal information before you throw them away.
  3. Be cautious about giving your personal information over the phone or online. Make sure you know who you’re talking to and that the website is secure before you enter any sensitive information.
  4. Check your credit report carefully for any suspicious activity.

Take 5 Steps for Better Online Security

In addition, it’s important to strengthen your online security to help avoid all types of online scams. Take action to improve your digital posture by following these steps:

  1. Implement Multi Factor Authentication (MFA): Passwords are generally easy for scammers to crack, and even if you use strong passphrases, there’s still the possibility that a cybercriminal can obtain your passphrase in a data breach. Implementing MFA is a great way to maximize your security and ensure that you are the only one who can gain access to your accounts. MFA should be implemented on all accounts where it is available. Check your account’s security settings to see if it is something you can set up.
  2. Update Your Privacy Settings: Privacy settings allow you to control your personal information (name, address, phone number, date of birth, financial details, photos or videos, etc) and how that information is used. Review your privacy settings on all of your accounts including your social media accounts. Consider restricting who can see your friends list, contacts, photos and posts.
  3. Activate Automatic Updates: Automatic updates are a set of changes to an app, software or operating system that are automatically pushed by the developer to fix or improve it. Oftentimes, cybercriminals take advantage of security flaws to plant malicious software on your devices. By activating automatic updates, you will automatically patch security vulnerabilities to protect your data.
  4. Use a Password Manager or Create Strong Passphrases: A password manager is a software tool that securely stores all of your login credentials in one place, allowing you to create and manage strong, unique passwords for all of your accounts. If you are unable to afford a password manager, use strong passphrases. A passphrase is a combination of random words or a sentence that is much longer and more complex than a typical password. Using a passphrase instead of a password makes it much harder for hackers to guess or brute-force their way into your accounts.
  5. Learn the Elements of a Phishing Attempt: Familiarize yourself with the elements of a phishing email. Phishing emails tend to include a sense of urgency and multiple grammar and spelling errors. If they are asking you to reveal personal information, be suspicious. If you get a strange email, try contacting the company another way to confirm they sent that email. If the email is suspicious, mark it as spam.

TestimonialHear from Other Victims

Without Fightcybercrime.org, I don't know if I would have been able to react as quickly to protect my personal information.
Mary - Indianapolis, IN

Branding