25 Warning Signs of Identity Theft: How To Tell If You're a Victim

Would You Know If Someone Stole Your Identity?

Identity theft is the fastest growing crime in America with tens of millions of victims every single year [*]. Even worse, the latest research shows that over 50% of identity theft victims are repeat victims [*].

But what makes identity theft so dangerous is that it’s often hard to spot — before it’s too late.

Criminals and con artists work in the shadows to steal your personal information, ruin your credit with debts, and take over your online accounts. It’s only when you notice missing money, are contacted by debt collectors, or worse, that you know you’ve become a victim.

Identity theft can strike anyone at any time. And while there are plenty of ways you can make yourself a less-desirable target, there’s no guaranteed way to prevent identity theft.

Instead, the earlier you can spot the warning signs of identity theft, the better chance you’ll have of shutting down scammers before they can do too much damage.

In this guide, we’ll give you a clear checklist of the signs of identity theft to look out for and what to do if you think you’re a victim.

{{show-toc}}

What Are The Worst Identity Theft Risks Right Now?

Identity theft is a constantly evolving crime — and knowing what criminals are after can help you identify their attacks more easily. Here are the most common types of identity theft to watch out for in 2024:

• Credit card and bank fraud: Scammers are almost always financially motivated. Fraudsters impersonate banks, government officials, or well-known companies to steal your credit card numbers, get access to your bank account, and commit financial fraud.
• Government benefits fraud: Benefits and tax fraud has boomed in the wake of the pandemic. Fraudsters use stolen Social Security numbers (SSNs) to make bogus claims in your name.
• Online account takeovers: Scammers are more interested in your online accounts than even your SSN. Identity thieves use sophisticated phishing and social engineering attacks to gain access to your Social media, email, and online bank accounts, to commit online identity theft.
• Investment scams: By some estimates, crypto investment scams cost Americans tens of billions in 2022 [*]. The popular “pig butchering scam” has become an especially dangerous threat — targeting people on dating sites and social media and tricking them into investing on phony crypto exchanges.
• Data breaches: Every year, billions of pieces of personal information are stolen from company databases and leaked to the Dark Web. If your passwords, SSN, or email address are leaked, it can put you in extreme risk of identity theft. You can check if your sensitive data has been compromised using Aura’s free Dark Web scanner.

25 Warning Signs of Identity Theft

If you notice any of these warning signs of identity theft, your bank account, identity, and reputation could be at risk.

1. Unfamiliar charges on your bank statement

As soon as you receive your monthly bank statement, read every transaction. Look for anything unfamiliar, no matter how small. For added security, be sure to regularly scan your bank account activity before the final statement arrives at the end of each month.

If you notice any unfamiliar purchases, immediately contact your bank. You may be required to open a new bank account to protect your financial assets.

2. Strange or unrecognized credit card charges

Just as you should do with a bank statement, check your credit card statements line-by-line and verify every transaction.

It’s easy to focus only on big items. But often, scammers start with a small “test” purchase to verify that your credit card account is active. Catching these tiny transactions can alert you before they attempt to make a larger purchase.  

If you spot suspicious transactions, contact your credit card company immediately. Dispute the transactions and get a new card.

In the event that you find unauthorized transactions on your credit card, it’s possible that your card number, email address, phone number and other personal details are floating around on the Dark Web.

💡 Related: Is Aura Worth It? Here's How To Know →

3. New credit cards or loans in your name

Most of us remember signing up for a new credit card or loan. So if you learn there’s a new line of credit opened in your name that you never signed up for, this is an immediate warning sign that you’re a victim of identity theft. In this case, you should freeze your credit immediately.

You could learn about a new credit card through a letter in the mail, an email, or a phone call from the new lending company. But often, thieves associate the card with another address, and you won’t get notified.That’s why you should regularly check your credit history.

You can request a free credit report from AnnualCreditReport.com which gathers data from the three major credit bureaus — Equifax, Experian, and TransUnion.

That’s why you should regularly check your credit history. You can request a free credit report from AnnualCreditReport.com which gathers data from the three major credit bureaus — Equifax, Experian, and TransUnion.

Of course, if you don’t want to deal with all of this hassle, Aura can monitor your credit for you.

4. Unexpected calls from debt collectors

If you’re receiving calls from collection agencies you’ve never heard of, it’s possible an identity thief has racked up thousands of dollars worth of debt in your name.

This typically happens if your credit card is stolen, your bank account is hacked, or if you lose your wallet and it ends up in the hands of a criminal.

💡 Related: How Can Social Security Identity Theft Occur? [9 Ways] →

5. You're denied credit

Did you apply for a new line of credit that you’re surely qualified for, only to be rejected? It could be a sign that someone else has been abusing your credit.

As with many other warning signs on this list, check your credit report in the event of fraud. If you notice any suspicious activity, contact the merchants and your financial institutions immediately.

Many victims of identity theft have a declining credit score but don’t realize until it’s too late. If you are denied a new line of credit, it’s a serious red flag and you’ll need to take action immediately.

Aside from reviewing your credit history and contacting your credit card company, you’ll also want to head over to identitytheft.gov and file a claim with the FTC.

6. Bounced checks (if you know you have available funds)

If you write a check and it bounces, review your bank account activity immediately.

A bounced check could indicate that a criminal has accessed your bank account and withdrawn all of your cash or committed another bank scam. If that’s the case, contact your bank right away. You’ll need to change the password to your online banking profile and close the bank account completely.

Your bank will help you place “stop payments” on any pending transactions, as well as cancel and replace any debit cards that are associated with the compromised bank account.

💡 Related: How To Repair Your Credit After Identity Theft →

7. A sudden drop in your credit score

While your credit score isn’t a “hard” asset like cash or a credit card, it’s still one of your most valuable financial assets that should be tightly safeguarded.

Someone pretending to impersonate you may use your name to open new credit cards and loans that they never intend to pay back. The result? You’ll suffer a plummeting credit score.

If you see your credit score number dropping, investigate the cause immediately. Review your credit history and scan for sudden changes in your credit score, especially if you haven’t done anything that would cause a significant change.

For added security, consider a service like Aura that monitors your credit score and personal information. Aura has direct connections with all three of the major credit bureaus (Experian, Equifax, and TransUnion), which means you’ll receive fraud alerts up to 4x faster than competing services.

Here’s how Aura keeps your finances secure against identity thieves:

• One-click credit lock: Stop scammers from opening new accounts in your name by locking your credit with Experian.‍
• Credit reports: Get monthly credit updates and annual reports from the major credit bureaus.‍
• Financial transaction monitoring: Link your bank accounts and set alerts on spending activity to proactively stop almost all types of financial fraud.‍
• Bank account monitoring: Get a fraud alert if any unauthorized persons try to tamper with your bank account.‍
• Lost wallet remediation: If your wallet is lost or stolen, we’ll help you cancel any debit or credit cards and work with you on a recovery plan to secure your sensitive information.‍
• $1 million identity theft insurance: Every Aura plan comes with an insurance policy that covers eligible losses due to identity theft.

💡 Related: Aura vs. LifeLock: Which Service Is Right For You? →

8. Hard inquiries on your credit report

When you check your credit report, review the number of hard inquiries you’ve received. A business can make two kinds of requests to a credit reporting agency — soft inquiries and hard inquiries.

Your bank makes soft inquiries, as do companies that offer pre-approval. They’re nearly always harmless and often happen without your knowledge. But hard inquiries are different.

Hard inquiries must be approved before they happen. So if you see unfamiliar hard inquiries on your credit report, it’s an indication that someone else is applying for credit under your name.

9. Calls verifying unfamiliar purchases

A call, email, or text message attempting to verify an unfamiliar purchase is a classic warning sign of identity theft.

If you get one of these messages from your credit card company or bank, take it seriously. Investigate and report any unauthorized purchase attempts.

But remember that calls like these are also a common phishing scam. The only information you should provide is a simple “yes” or “no” to verify or flag the transaction.

If a strange caller contacts you to request more information, such as your name, account number, or password, it’s a scammer trying to steal your identity.

Another red flag to beware of is receiving unprompted text messages with 2FA verification codes from online services that you’re subscribed to.

For example, let's imagine you get a text message from PayPal containing a 2FA verification code that you didn’t ask for. This means someone is trying to hack your PayPal account. You should change your password immediately if this happens.

10. Your health insurance benefits limit is maxed out

While not as well-known as financial identity theft, medical identity fraud is a growing problem that should be taken seriously.

If your health insurance company sends you a message saying that you’ve reached your benefits limit, contact them immediately.

If a legitimate medical claim is denied due to an unexpected message from your health insurance provider, it’s a red flag and should be investigated immediately.

In this type of identity theft, a fraudster poses as you in order to receive healthcare. The scammer will receive free medical treatment under your insurance policy, depleting your health coverage and leaving you uncovered.

11. Unfamiliar medical bills

A scammer can receive medical treatment using your identity, leaving you stuck with medical bills that you didn’t receive care for. If you receive strange or unfamiliar medical bills, contact your insurance company and healthcare provider immediately to alert them of fraud.

💡 Related: What Can a Scammer Do With Your Medicare Number? →

12. Inaccurate information in your medical files

There are a few ways you might discover a new and inaccurate condition noted in your medical records.

You might learn about the change through your healthcare provider via unexpected medical bills, or from your insurance company. In the latter case, you could get a notification that your health insurance has refused to cover you for preexisting conditions you don’t have.

Health fraud of this type can be particularly difficult to resolve, so get in contact with your healthcare and insurance provider immediately.

13. Someone stole your income tax refund

A clear warning sign of tax identity fraud is if someone has fraudulently filed taxes under your name. If you get a notification from the IRS before you actually filed your taxes, this is a red flag.

The motivation? Scammers want to claim your tax return payout. If this happens, report it to the IRS, the Federal Trade Commission, and be sure to file a police report for identity theft.

💡 Related: Stolen Tax Refund Check? Here’s How To Get Your Money Back →

14. There’s a warrant out for your arrest

Even if you’ve never committed a crime, a criminal could have stolen your information and provided it to law enforcement, making you a target.

If you learn there’s a warrant out for your arrest you could be the victim of criminal identity theft. Take action immediately and contact your local law enforcement to provide proof of your identity and innocence.

15. Reported income that’s not yours

Another common form of tax fraud is when someone else uses your Social Security number to get a job. This is often done to avoid a background check or prove eligibility for hiring. (Even worse, it's very difficult to change your SSN, even after identity theft.)

If you receive tax documents from an employer you don’t know, it’s a strong indicator of identity theft.

💡 Related: How To Tell If You're a Victim of Employment Identity Theft →

16. Missing mail

Are you missing important bills or statements in the mail? Identity thieves can reroute your bills or statements by using a change-of-address scam. Some may also steal important documents from your mailbox to try and obtain your personally identifying information or even commit deed fraud.

Contact your insurance, bank, and credit card company if you’re missing medical bills or financial statements. You should also verify that these companies have your correct address on file.

💡 Related: Someone Stole My Mail. What Should I Do? →

17. Your utilities are suddenly shut off

If your utility provider or cell phone service suddenly gets cut off, it could be due to identity theft.

Similar to rerouting your bills and financial statements, scammers can transfer utilities to another address and even send cellular service to an unauthorized phone number.

In the case of a data breach, you could be the victim of a sophisticated type of hack called SIM swapping. T-Mobile was recently hacked, which impacted over 50 million customers [*].

If your utility service has been cut unexpectedly, contact your utility provider right away to verify your information and resolve any service interruptions.

18. Your ID is lost or stolen

After losing your wallet, you probably worry most about the cash or credit cards. But a stolen driver's license or missing ID can be far more costly in the long term.

If you eventually find your wallet and notice that your driver’s license is missing, you may become the victim of identity theft.

If you’re worried about identity theft after losing your ID, Aura can monitor all of your personal info — including your driver’s license, passport number, Social Security number, and more.

As a reminder, never keep your Social Security card in your wallet or purse, and don’t carry too many credit cards in your wallet.

💡 Related: Stolen Phone? Don't Panic! Follow These Steps ASAP →

19. Unfamiliar bills or packages arrive at your home

Strange bills from unfamiliar services likely means that a scammer has applied for new accounts in your name. If you receive unfamiliar packages in the mail, it could be due to several types of schemes.

One of the most common is health insurance fraud, where your insurance company is overcharged for health supplies you never ordered. Another red flag would be receiving new credit card bills for an account you never opened.

If you get any mysterious packages or bills in the mail, contact the company that has sent them and alert them of fraud. You should also review your own financial accounts for suspicious activity, and change all your passwords immediately.

20. You can’t sign in to an account

You attempt to sign into a website that you visit all the time, like Facebook Marketplace. You’re usually signed in automatically, but this time, you're prompted to re-enter your password.

Each time you enter your password, it returns an error. If you’re locked out of an account, this means someone hacked your account and changed your password. Immediately try all possible recovery options and contact customer support if you’re stuck.

In order to further enhance your password safety:

• Avoid storing sensitive passwords in Google Chrome or Safari Keychain.
• Use Google Authenticator or Authy for 2FA instead of SMS, when possible.
• Use Face ID on your mobile device for as many online services as possible.
• Choose a strong, unique password for all your online accounts.
• Use a secure password manager that streamlines all your password management.
• Always keep your mobile apps and device operating software updated to the most recent versions. When you are prompted to update your software, always do it.
• Never browse public Wi-Fi due to vulnerabilities. Always use a secure VPN for all your devices.
• Try Aura for ultimate peace of mind — there’s a 14 day free trial which includes Antivirus and VPN for up to 10 devices, password manager, identity theft protection and credit monitoring.

21. An account looks different when you log in

Today’s identity thieves are experts at using your online footprint to launch all different types of cyber attacks.

If you login to one of your online accounts, and the website has a different “look”, this means you were targeted in a phishing attack and tricked into signing in from a fake website portal.

Usually, these fake websites have design flaws and spelling errors. The imposter websites dupe you into logging in so they can steal your username and password.

If you accidentally opened a spam email, never click any links! But scammers have become more sophisticated, and they’re able to create spam emails that look just like the real thing.

If you’ve clicked on a phishing link, immediately change your username and password on the real site and add two-factor authentication.

22. Suspicious login attempts to your social media or other accounts

If you get alerts about login attempts that weren’t yours, it could be an identity theft warning sign.

A login attempt notification means that someone tried to scam you online and access your account but couldn’t figure out your password. If this happens, you should set up two-factor authentication and use a password manager to create strong, unguessable passwords.

If a hacker has successfully accessed your social media accounts or Apple ID, you should immediately change your password and remotely sign out of all sessions. Be sure to review your DMs and account history in case the hacker tried to scam any of your family members or friends while pretending to impersonate you.

💡 Related: How to Protect Yourself from Identity Theft (11 Steps) →

23. Authentication messages for accounts you don't recognize

If you’ve received verification texts or emails for an account you didn’t set up, it means a hacker is using your email to open new accounts.

Never click on any links or verify any accounts that you didn’t create. In these instances, you should change the password on your email account, enable 2FA, and monitor it for any other suspicious alerts.

24. Emails alerting you of a data breach

Unfortunately, data breaches have become far too common.

Nearly everyone today has gotten one of these emails before. A company lets you know that your information — along with millions of other customers — has been hacked. And of course, they recommend changing your password immediately.

However, the consequences of a data breach can go far beyond just one site. If you reused that password on many other sites, you should go change all your passwords immediately. This is why you should never recycle the same password for multiple online accounts.

25. You receive a fraud alert

Fraud alerts are a smart way to prevent identity theft before it happens, not after it’s too late.

That’s where Aura comes in. Even if you have no idea what to do if your identity is stolen, Aura has your back. Our all-in-one Digital Security solution continually scans possible vulnerabilities and proactively alerts you of any online security threats.

In the event of confirmed identity fraud, Aura’s remediation team will walk you through a recovery plan to secure all of your accounts and personal data.

💡 Related: The Top 10 LifeLock Competitors & Alternatives For 2024 →

Don’t Get Scammed! How To Protect Yourself From Identity Theft

If you see any of these signs, you could be the victim of identity theft. As you go through the steps of recovering your identity, make sure to protect yourself from future attacks. 

Here’s what you can do to protect yourself from identity theft:

• ‍Learn to recognize the warning signs of a phishing attack. Phishing — where scammers send fake emails, texts, calls, or social media messages pretending to be someone they’re not — is still one of the most common ways that identity theft happens. Here’s a guide on how to prevent phishing attacks.‍
• Regularly check your credit report and bank statements. Scammers are almost always after your financial accounts. Check for the warning signs of identity theft — such as strange charges on your bank statement or accounts you don’t recognize. An identity theft protection service like Aura can monitor your credit and statements for you and alert you to any signs of fraud. ‍
• Consider signing up for identity theft protection. Aura’s top-rated identity theft protection monitors all of your most sensitive personal information, online accounts, and finances for signs of fraud. If a scammer tries to access your accounts or finances, Aura can help you take action before it’s too late.

Try Aura’s 14-day free trial for immediate protection while you’re most vulnerable.‍