It can happen in a moment. You get a text that looks like it’s from your bank, or an email with a link you clicked before you thought twice. You get a phone call from someone who knew just enough to sound legitimate. Or maybe you didn’t notice anything at all until an unfamiliar account appeared on your credit report.
However it happens, the feeling is the same: a sinking realization that you might have been scammed or hacked, and now you need to do damage control.
Americans lost $27.3 billion to identity fraud in 2025, and a record 3,322 data breaches occurred in 2025 alone. Nearly a quarter of Americans report being a victim of identity theft, and fraud tactics are becoming more effective, not just more frequent. The percentage of people who actually lost money after being contacted by a scammer nearly doubled in a single year! This is not a rare or unusual experience. It is, unfortunately, an increasingly common one.
What matters most when it happens is speed and clarity. Here’s exactly what to do.
Step 1: Contact Your Financial Institutions Immediately
Your first calls should be to your bank, credit card companies, and any investment firms where you hold accounts, especially if you believe financial accounts have been accessed or compromised.
When you reach them:
- Report the suspicious activity and ask what they are seeing on their end
- Ask whether they can freeze or lock affected accounts while you sort things out
- Request new account numbers and cards if existing ones may have been exposed
- Change your passwords and PINs immediately (don’t reuse anything from before)
- Ask about placing fraud alerts on your accounts
Most major financial institutions have dedicated fraud teams available around the clock. Don’t wait until business hours.
Step 2: Report the Activity
File a report with the FTC at IdentityTheft.gov.
This is the federal government’s official resource for identity theft victims. When you report there, the site generates an FTC Identity Theft Report and a personal recovery plan based on the details you provide. The Identity Theft Report can be used when disputing fraudulent accounts or working with creditors.
If you create an account, the site will walk you through each recovery step, update your plan as needed, track your progress, and pre-fill forms and letters for you. If you don’t create an account, you’ll need to print and save your Identity Theft Report and recovery plan right away.
File a police report if personal information was stolen.
A police report creates an official record that can be valuable when disputing fraudulent accounts with creditors or proving to institutions that the activity was not yours. Bring your FTC Identity Theft Report with you.
A Consumer Federation of America Report found that only only 14% of financial fraud victims reported their identity theft or fraud to authorities. The most common reasons are that they didn’t feel enough was lost to warrant it, weren’t sure how to do it, or simply didn’t want to. But reporting matters, both for your own recovery process and because these reports help law enforcement track patterns and protect others.
Step 3: Place a Fraud Alert and Consider a Credit Freeze
Contact each of the three major credit bureaus to place a fraud alert on your credit file (information below). A fraud alert notifies lenders to take extra steps to verify your identity before opening new accounts in your name.
You only need to contact one bureau to place an initial fraud alert — they are required to notify the others. However, for a credit freeze, you must contact each bureau separately.
A credit freeze is the stronger protection. It prevents creditors from accessing your credit report entirely, which means no new accounts can be opened in your name by anyone (including you). It is free, and it can be lifted temporarily when you need to apply for credit.
Here’s where to do it for each bureau:
- Equifax: freeze.equifax.com | 888-298-0045
- Experian: experian.com/consumer/security_freeze.html | 1-888-397-3742
- TransUnion: transunion.com/credit-freeze | 1-888-909-8872
Important note: a credit freeze must be temporarily lifted if you want to open a new account, apply for a loan, or in some cases, apply for a new job, so keep track of where you’ve frozen and the process for unfreezing.
Step 4: Review Your Credit Reports
Request your credit reports from all three bureaus at AnnualCreditReport.com. This is the official, federally mandated free source for credit reports and the only one recommended by the FTC.
When reviewing your reports, look for:
- Accounts you don’t recognize
- Hard inquiries you didn’t initiate
- Addresses or employers listed that aren’t yours
- Any accounts showing past-due balances for debts you don’t owe
If you find unauthorized activity, dispute it directly with the creditor or institution involved, and with the credit bureau reporting it. Both are required by law to investigate.
Step 5: Secure Your Digital Access
Once you’ve addressed the immediate financial exposure, turn to your digital security. This step is often skipped, but it’s essential because compromised credentials are frequently how fraud spreads from one account to many.
- Change passwords immediately on all financial accounts, email accounts, and any other sensitive logins, especially if you’ve reused passwords across sites
- Use a password manager to generate and store strong, unique passwords for each account
- Update security questions on any accounts that use them, and don’t use answers that could be found through social media or public records
- Enable two-factor authentication (2FA) everywhere it’s available, especially for financial accounts and email
One in ten Americans admits to not using two-factor authentication on financial accounts, but it’s a simple step that adds a meaningful layer of protection. If this applies to you, now is the time to change that.
Step 6: Monitor Closely in the Weeks That Follow
Identity theft recovery isn’t always resolved in a single day. Fraudulent activity can surface in waves, sometimes weeks after the initial breach, so consistent monitoring matters. Each month:
- Review bank and credit card statements carefully and frequently
- Check investment accounts for any unusual activity or unauthorized transactions (contact your financial planner if you want an extra pair of eyes!)
- Set up transaction alerts on all accounts so you’re notified in real time of any activity
- Continue checking your credit reports periodically for new unauthorized accounts
If you’re working with a financial planner, loop them in, particularly if investment accounts may have been affected, or if the fraud could have implications for your broader financial plan.
Step 7: Notify Other Parties If Needed
Depending on what information was compromised, additional notifications may be necessary:
- Your employer if your Social Security number may have been misused or if employment-related identity theft is suspected
- The IRS if you believe your SSN has been used to file a fraudulent tax return or claim a refund. The IRS has a dedicated Identity Protection PIN program that can prevent future fraudulent filings. More information is available at irs.gov/identity-theft-central
- Your health insurance provider if you suspect medical identity theft, which can affect both your coverage and your medical records
Step 8: Keep a Record of Everything
Document every step you take. This may feel tedious in the moment, but a clear record can be invaluable when disputing accounts, working with law enforcement, or resolving issues with creditors.
Keep track of:
- Every phone call, including date, time, who you spoke with, and what was said
- Every report filed and its confirmation number
- Every letter sent and received
- Any fraudulent charges and the steps taken to dispute them
Save everything in one place — a folder, a binder, a dedicated email folder — somewhere you can find it quickly if you need to reference it.
Should You Consider Identity Theft Protection Services?
Identity theft protection services are offered by companies like LifeLock, Experian IdentityWorks, and others, and can monitor for signs of fraud across credit files, the dark web, and other data sources, and alert you if your information appears somewhere it shouldn’t.
These services typically carry a monthly or annual fee. Whether they’re worth it depends on your situation: how much exposure you’ve had, how much time you have to monitor things yourself, and how much peace of mind is worth to you. They are not a replacement for the steps above, but they can add an ongoing layer of surveillance that’s difficult to replicate manually.
If you’re considering one, it’s worth discussing with your financial planner as part of a broader conversation about your financial security.
A Final Note: You Are Not Alone in This
Being scammed or having your identity stolen is disorienting, frustrating, and for many people, deeply unsettling. It can feel like a violation and sometimes feelings of shame or embarrassment go along with it.
What matters now is acting quickly, staying organized, and working through the steps methodically. The damage is almost always recoverable. The sooner you act, the better positioned you’ll be.
If you have questions about how identity theft might affect your financial plan, or want help thinking through next steps, we’re here to help our clients. Not a client yet? Talk to us about becoming one!