What is identity theft?

Identity theft is the act of stealing someone’s personal, financial, or account information—often without their knowledge—to commit fraud. This stolen data can include everything from Social Security numbers and credit card details to login credentials and medical records. The goal is almost always the same: financial gain at the victim’s expense.

While identity theft often starts with a single piece of stolen data, its effects ripple through a person’s financial and emotional life. Criminals may use your information to open credit accounts, drain bank or retirement funds, file false tax returns, or impersonate you in medical or legal contexts. Even with strong personal habits, anyone can become a target—children, seniors, and working professionals alike.

The impact of identity theft includes:
 

• Drained bank or retirement accounts.
• Damaged credit scores that affect loan eligibility.
• Time-consuming recovery processes.
• Emotional distress for individuals and families.

Identity theft can happen to anyone—regardless of how careful they are. To help individuals and families protect themselves, Microsoft Defender¹ provides identity theft monitoring, credit alerts, and secure browsing tools. It works across your devices to detect threats early, monitor the dark web, and alert you to compromised data, and provide guidance and support during recovery. For added peace of mind, Defender provides insurance coverage, up to $1 million USD, to help cover legal and expert fees associated with restoration.²

Identity theft comes in many forms, each with unique risks. Understanding the most common types of identity theft helps you spot the warning signs early and take steps to protect your information.

Financial identity theft involves the illegal use of someone’s financial information—such as a credit card number, bank account, or Social Security number—to access funds or commit fraud.

Cybercriminals may:
 

• Make unauthorized purchases.
• Open new credit cards or loans.
• Withdraw money directly from accounts.

The consequences can be immediate and severe. Victims may find their bank accounts emptied, credit cards maxed out, or credit scores damaged—often before realizing their identity has been stolen.

Medical identity theft occurs when someone uses another person’s health insurance information to receive treatment, prescriptions, or other healthcare services.

This type of theft can:
 

• Corrupt medical records with false data.
• Compromise care quality due to inaccurate histories.
• Leave victims responsible for bills they didn’t incur.

Inaccurate health data also puts patients at risk during future treatments, making early detection critical.

Synthetic identity theft blends real and fake information—often a legitimate Social Security number with a fictitious name—to create a new identity.

Identity thieves can:
 

• Open bank accounts or apply for loans.
• Bypass standard fraud checks.
• Commit crimes under a false identity.

Synthetic identities are difficult to detect because they look legitimate to financial systems. They may go unnoticed for years, increasing the potential for long-term damage.

Identity thieves are after data that can be used to impersonate someone or gain access to financial accounts. This includes both digital and physical information—often collected without the victim’s knowledge.

The most targeted information includes:
 

• Social Security numbers or national ID numbers.
• Bank account and credit card details.
• Login credentials and passwords.
• Health insurance and medical records.
• Tax documents and employment history.
• Driver’s license or passport numbers.

Thieves use a variety of tactics to collect this information, including:
 

• Phishing scams: Fake emails or texts designed to trick people into revealing sensitive information.
• Data breaches: Large-scale cyberattacks on companies or institutions where customer data is exposed or stolen.
• Skimming devices: Hidden readers installed on ATMs or gas pumps that capture card details.
• Physical theft: Stolen mail, documents from trash, or lost wallets and devices.

Once stolen, this data may be sold on the dark web, used to access financial accounts, or exploited in more complex schemes like synthetic identity theft. 

Identity theft threats come from both digital and physical sources. Staying safe means understanding where attackers are most likely to strike—online and off.

Digital threats are increasingly sophisticated:
 

• Phishing emails often look legitimate and trick users into sharing sensitive details.
• Malware can infect a device to steal stored data or track keystrokes.
• Fake websites may mimic banks or retailers, capturing login credentials or payment info.

Even everyday browsing can carry risks. Public Wi-Fi networks, especially those without encryption, allow attackers to intercept data as it’s transmitted. Personal logins, payment details, and communications can all be exposed in seconds. Learn more about online identity theft risks.

Offline threats still matter, too:
 

• Dumpster diving is a simple but effective method. Criminals search trash for bills, tax documents, or bank statements.
• Mail theft can provide thieves with sensitive documents like pre-approved credit offers, healthcare records, or tax forms.
• Device theft, such as a stolen laptop, smartphone, or USB drive, can expose saved passwords, personal emails, financial apps, or synced cloud accounts if not properly secured.

Identity thieves exploit whatever vulnerabilities they find. Awareness of both online and offline identity theft threats is key to reducing your risk.

Detecting identity theft early can prevent deeper financial and emotional damage. Many warning signs are easy to overlook, especially if they seem minor at first. But small red flags often point to much bigger problems.

Here are some of the most common signs:
 

• Unfamiliar charges on your bank or credit card statements. These may start small to test whether your account is active before larger purchases are made.
• Missing mail, especially bills, tax forms, or account notifications. This could mean a thief has redirected your mail to hide fraudulent activity.
• Debt collection calls about accounts you didn’t open. If you’re hearing from creditors or collection agencies about unfamiliar debts, it’s time to investigate.
• New credit accounts or loans on your credit report that you didn’t authorize.
• Denied credit applications for unknown reasons, even if you have a strong credit history.

If any of these issues arise, it’s critical to take immediate action. Early detection increases your chances of limiting damage and restoring your identity quickly.

If you suspect identity theft, acting fast can limit the damage. The longer identity thieves have access to your data, the more harm they can do. Here's how to respond immediately and decisively:
 

1. Report the fraud.
   Contact your bank or credit card provider right away to report any unauthorized activity. Then, file a report with your local authorities and the Federal Trade Commission at IdentityTheft.gov.
   
   
2. Protect your credit.
   Notify one of the three major credit bureaus—Equifax, Experian, or TransUnion—to place a fraud alert on your file. This warns lenders to take extra steps before issuing credit. You can also request a credit freeze, which blocks access to your credit report entirely.
   
   
3. Secure your accounts.

• Change passwords on all affected accounts. 
• Use multifactor authentication (MFA) wherever possible.
• Monitor your bank, credit, and investment accounts closely for unusual activity.

Even after the immediate response, recovery can take time. Keep detailed records of who you contact, what steps you take, and any updates to your credit or financial statements. These actions are essential parts of recovering from identity theft and rebuilding your security.