For more than 14 consecutive years, the number-one complaint made to the Federal Trade Commission has involved identity theft. You cannot turn on your television or fire up a browser without hearing or reading about some sort of massive data breach that has exposed the personal information of tens of millions of consumers. And in the more extreme cases of identity theft the victims can be left with credit reports polluted with incorrect information caused by the activity of a fraudster.
That’s the bad news. The good news is that consumers enjoy some substantial identity-theft protections under a variety of federal statutes. For example, the Fair Credit Billing Act caps your financial exposure to fraudulent credit card use at no more than $50. Similarly, the Electronic Funds Transfer Act caps your financial exposure to fraudulent debit card use to no more than $500, assuming you contact your bank as soon as possible. And finally, the Fair Credit Reporting Act requires credit reporting agencies, including the three national credit reporting companies (Equifax, Experian and TransUnion), to block information resulting from identity theft within 4 business days of receiving an identity theft report and some other required forms from the consumer.
When you file a dispute with the credit bureaus, they will contact the companies that reported the contested information the bureaus have on file—e.g., the issuer(s) of credit card(s) the thief has misappropriated—to verify the disputed information. While this investigation is taking place, the relevant entries in your credit file will be marked “in dispute” so that anyone who pulls your credit reports during the investigation will clearly see that you are questioning the validity of those items. Credit scoring models also recognize when credit-file entries are in dispute, and do not allow them to lower your credit score.
In identity-theft dispute cases, the CRCs also offer consumers the option of adding fraud alerts to their credit reports. The alerts let lenders know that credit applications they receive for that individual may be fraudulent, and that they should confirm the applicant’s identity before issuing any loans. Fraud alerts come in a variety of types and can last for as little as 90 days or as long as 7 years. Any lender accessing the consumer’s credit report or credit score will receive the alert, which is meant to stop fraudulent applications from becoming fraudulent accounts.
If you instruct any of the three national credit reporting companies (CRCs – Equifax, Experian or TransUnion) to place a fraud alert on your credit file, that credit reporting agency will contact the other credit reporting agencies and, in turn, they too will add fraud alerts to your credit reports in their system. As a result of this process, you won’t have to contact all three of the major credit reporting agencies independently to add separate fraud alerts. It doesn’t matter which credit reporting agency you contact first, because all three are obligated to share the fraud alerts with the other two.
The reason it’s so important to monitor your credit reports is it’s unlikely that anyone other than you will know if you’ve been the victim of credit-related fraud. And unless you regularly review copies of your credit reports (available free every 12 months at AnnualCreditReport.com), you may not even know that you’ve been a victim of fraud.
This underscores the importance of always knowing what’s on your credit reports, even if you’re not in the market for a new loan or credit card. Ultimately, it’s up to you to know when to seek help for identity theft. Once you alert the appropriate authorities that you’ve been the victim of credit fraud, they can help you by blocking data from your credit reports, closing your accounts, or adding the appropriate fraud alerts.