MONEY & IDENTITY
Some of the links in this guide pay us a small commission if you sign up. We only recommend tools we use and trust. It never costs you extra, and it helps keep the lights on at Making Sense Of Security.
Identity theft has a tell. By the time most victims realize they’ve been hit, an attacker has had access for months — sometimes years. New credit cards, fake bank accounts, fraudulent tax returns, even arrest records under your name. Average detection lag: 7 months, according to the FTC.
The earliest signs are subtle: an unexpected piece of mail from a creditor you’ve never heard of, a denied credit application, a small charge on your card you can’t quite place. Most people brush these off. The thieves count on it.
By the end of this 2,000-word guide you’ll know the 12 earliest warning signs, the immediate steps when you spot one, and the monthly five-minute habit that makes ongoing detection automatic.
By the end of this guide your accounts and devices will be safer.
12 early warning signs, the immediate response when you spot one, and a monthly detection habit.
Quick snapshot
| What you’ll learn | 12 early warning signs, the immediate response when you spot one, and a monthly detection habit. |
| Skill level | Beginner-friendly · Pairs with the ‘Freeze Your Credit’ guide |
| Time required | 10 minutes to read; 5 minutes/month ongoing |
| What you’ll need | Just attention and your existing accounts |
| Risk if you skip this | Months of undetected fraud — accounts opened in your name, tax-refund theft, ruined credit |
| PDF kit | ✅ Download at the bottom of this page |
Why this matters
The FTC’s 2024 Consumer Sentinel data logged about 1.4 million identity-theft reports. The IRS separately tracked over $5 billion in tax-related identity-theft fraud last year. Most victims weren’t targeted personally — they were victims of breach databases that ended up in attackers’ hands.
The reason early detection matters: every month of undiagnosed identity theft compounds. Credit cards become loans, become accounts, become judgments, become arrest warrants under your name. Cleaning up six months of fraud is a different project than cleaning up two days.
The good news: the warning signs below are real. Knowing them moves the average detection time from months to days. The five-minute monthly habit at the end of this guide makes ongoing watch automatic.
Before you start
No tools required. This guide is about pattern recognition and habit-building. The 12 warning signs work for anyone, regardless of how digitally engaged they are.
If you suspect ongoing identity theft right now: stop reading and go to IdentityTheft.gov immediately. The FTC’s site walks you through the formal recovery process. Come back to this guide afterward to set up ongoing detection.
Pair this guide with How To Freeze Your Credit — credit freezes prevent most new-account fraud; this guide catches the fraud that slips through anyway (existing-account takeovers, tax fraud, medical-ID theft).
Step 1 — Watch for unfamiliar mail
Physical mail you don’t recognize is the single most common early sign. Watch for: bills from doctors you’ve never seen, debt collection letters for accounts you don’t recognize, credit card offers in unfamiliar names, IRS notices about returns you didn’t file.
Even if you’ve gone digital, occasional pieces of physical mail still carry signals. Don’t toss anything addressed to you with a vendor name on it without opening it. The thief is counting on the assumption that ‘must be junk.’
Step 2 — Notice missing mail you’d normally expect
Equally telling: bills, statements, or other expected mail that suddenly stops arriving. A common identity-theft tactic is filing a change-of-address form to redirect victims’ mail to the attacker.
If your monthly credit-card statement, utility bill, or bank notice doesn’t come this month, don’t assume it’s a postal delay. Check directly with the company. A redirected address is a major red flag.
Step 3 — Review every credit-card and bank statement monthly
Look for transactions you don’t recognize. Don’t just glance at the total — scan every line. Thieves often start with small test charges ($1–$5) before larger ones to verify the card works.
Set up transaction alerts at every bank/card: every transaction over $1 (or $25, your choice) triggers an instant text or email. Catches fraud in minutes, not months.
Step 4 — Check your free credit reports quarterly
Visit AnnualCreditReport.com. You’re entitled to a free report from each bureau every week (pandemic-era rule still in effect). Stagger them: Equifax in January, Experian in April, TransUnion in July, Equifax again in October.
Look for: accounts you don’t recognize, addresses you don’t recognize, employers you don’t recognize, hard inquiries you didn’t authorize. Each is a potential indicator.
Step 5 — Watch for IRS / tax-related notices
Thieves love tax season. Identity theft can be quite active during tax times. Tax-refund identity theft is a separate fraud category. Signs: an IRS notice that more than one return was filed under your SSN, a return rejected because one was already filed, an unexpected refund or refund-balance notice.
If any of these arrive: call the IRS Identity Protection Specialized Unit at 800-908-4490 and visit IdentityTheft.gov immediately. File IRS Form 14039 (Identity Theft Affidavit).
Step 6 — Watch for medical bills you don’t recognize
Medical identity theft — using your insurance for someone else’s care — is a fast-growing category. Signs: bills from providers you’ve never seen, EOBs (Explanation of Benefits) for procedures you didn’t have, claims being denied because your coverage limits are exhausted.
Review your insurance EOBs every month. They’re often dismissed as junk; they’re actually your front-line detection. If something looks off: call your insurer immediately and request a fraud review.
Step 7 — Notice unexpected denials of credit
If you apply for a credit card or loan and get denied — and you have generally good credit — pull your credit report. The denial reason letter will list which bureau was used and why; investigate from there.
Sometimes identity theft drops your score below acceptable thresholds without you noticing. The application denial is the wake-up call.
Step 8 — Watch your phone for SIM-swap signs
Suddenly losing all cellular signal while in a normal coverage area can mean your number was just transferred to an attacker’s SIM. They use this to bypass SMS-based 2FA on your bank accounts.
If your phone goes dark unexpectedly: call your carrier from another phone immediately. Treat the next 24 hours as critical — change passwords on financial accounts, even if you can’t reach the bank yet.
If you stop here, you have already done more for your security than 95% of people. If you want to go further, the next section is for you.
PRO TIP
Five Minutes A Month. Catch Months Of Fraud.
Review every credit card and bank statement, line by line.
Pull one of your three free credit reports (rotating quarterly).
Open every EOB and provider bill, even ones you don’t expect.
Verify all transaction alerts arrived and matched your activity.
If You Want To Go Further: Power-User Upgrades
Power-user upgrade #1 — Subscribe to a credit monitoring service
Free options: Credit Karma (covers Equifax + TransUnion), Experian’s free product. Paid options like Aura, IdentityForce ($10–$30/month) add dark-web monitoring, social-security tracking, faster alerts.
Trade-off: free services use your data for advertising.
Power-user upgrade #2 — Get an IRS Identity Protection PIN
Visit IRS.gov and apply for an IP PIN — a 6-digit number required to file your tax return. Without it, fraudulent filings get blocked automatically. Free; available to any US taxpayer.
Trade-off: you must remember the PIN every tax season.
Power-user upgrade #3 — Subscribe to dark-web monitoring
Have I Been Pwned (free), Mozilla Monitor, or paid services like Aura watch breach databases for your email, phone, SSN. Alert when your info appears in a leak.
Trade-off: paid versions $5–$20/month.
Power-user upgrade #4 — Lock your USPS mail
Sign up for Informed Delivery at USPS — gives you email previews of incoming mail before it arrives. Catches mail-redirect fraud immediately.
Trade-off: requires a USPS account.
Power-user upgrade #5 — Monitor SSA earnings statement
Once a year, check your Social Security earnings record at SSA.gov. Income reported under your SSN that you didn’t earn means employment-identity theft.
Trade-off: 5 minutes once a year.
Power-user upgrade #6 — Check your DMV record
Order your state DMV record annually. Driver’s-license identity theft (issuing a new license under your name to someone else) is rare but devastating when it happens.
Trade-off: $5–$15 per state.
Common mistakes & pitfalls
Mistake — Throwing away unfamiliar mail without opening it.
Fix — Open everything addressed to you with a vendor name. Mail is the earliest warning channel.
Mistake — Skimming statements instead of reading line by line.
Fix — Scan every transaction. Thieves test with small charges before going big.
Mistake — Ignoring small unexplained charges.
Fix — $1.50 you can’t place is a test. Block the card immediately.
Mistake — Not reviewing EOBs from your health insurer.
Fix — Medical identity theft hides there. Open every EOB.
Mistake — Assuming credit monitoring catches everything.
Fix — Monitoring services lag the bureaus by days. Review your statements yourself.
Mistake — Waiting to act after spotting a sign.
Fix — Each day matters. File reports the same day you notice.
Mistake — Not freezing credit before something happens.
Fix — Freeze first; then watch. Both layers needed.
Pro tips
Pro tip 1. Set transaction alerts at $1 — yes, a dollar. Zero false alarms; instant fraud detection.
Pro tip 2. Photograph the front and back of every card in your wallet. Store the photos in your password-manager’s secure notes. If your wallet is stolen, you can call all the issuers within 30 minutes.
Pro tip 3. Never give your SSN over the phone unless you initiated the call. Banks, the IRS, and Medicare don’t cold-call asking for SSN.
Pro tip 4. Shred anything with your account number, address, or DOB before tossing. Mail-fishing thieves still exist.
Pro tip 5. Once a year, search your name + city + ‘arrested’ or ‘lawsuit’ in Google. Catches the rare case where someone’s used your identity in a legal context.
Frequently asked questions
How quickly can identity theft escalate?
Days to weeks. A thief with your SSN can open multiple lines of credit in 48 hours. Aged identity theft (months unspotted) often involves dozens of accounts.
If I freeze my credit, do I still need to watch for warning signs?
Yes. Freezes block NEW accounts but not existing-account takeover, tax fraud, medical-ID theft, or employment-ID theft. The watch is still required.
Where do I report identity theft?
Three places: IdentityTheft.gov (FTC), local police (for the police report most lenders require), and the affected institutions individually.
How long does cleanup take?
Simple cases: weeks. Complex cases involving multiple accounts or police records: 6 months to several years. Speed matters — start the clock the day you spot the first sign.
Are credit-monitoring services worth paying for?
Free options (Credit Karma, Experian free) cover the bases. Paid services add convenience and faster alerts. Neither replaces the credit freeze + monthly habit.
Can someone use my old expired credit-card numbers?
Generally no — the issuer rejects expired cards. But the address and DOB still on those statements are valuable to thieves. Shred old statements.
My elderly parent doesn’t notice these signs. How do I help?
Get added as a trusted contact on their bank accounts (most banks support this without giving you full access). Review their statements monthly with them. Help them open and react to mail. Consider freezing their credit.
Quick recap — do these in order
DO THIS RIGHT NOW
The 8-step recap.
1. Open every piece of mail addressed to you with a vendor name.
2. Notice any expected mail that suddenly stops arriving.
3. Read every line on every statement monthly.
4. Pull a free credit report quarterly — staggered across the three bureaus.
5. Open every health-insurance EOB. Question anything unfamiliar.
6. Watch for IRS notices about returns you didn’t file.
7. If you suddenly lose cell signal, call your carrier from another phone.
8. The day you spot a sign, file at IdentityTheft.gov + freeze if you haven’t.
Download the article kit
Print, share, save offline. Free with email signup: the 1-page Summary. Members get all four: Summary, Full How-To, Wallet Reference Card, and Companion Cheatsheet.
Summary (1 page)Full How-ToReference CardCompanion Cheatsheet
(Once MemberPress is installed, the Full How-To, Card, and Companion Cheatsheet become members-only; non-members see only the Summary.)
Mini glossary
Identity theft: the use of your personal information by someone else without consent.
Synthetic identity theft: thieves combine your real SSN with a fake name and date — harder to detect.
Medical identity theft: using your insurance information for someone else’s care.
Tax-refund fraud: filing a fake tax return in your name to claim the refund.
EOB: Explanation of Benefits — your insurer’s record of medical claims paid in your name.
FTC IdentityTheft.gov: the official federal site for reporting and recovering from identity theft.
Stay In The Loop
Weekly: the 3 scams trending this week — 2-minute read. No spam.
We won't send you spam. Unsubscribe any time.