I Had My Identity Stolen and Here’s How They Did It

📌 Editor's Note: This article is a guest contribution by Anne Pryor.

I never thought it would happen to me.

As a LinkedIn expert, I understand the importance of strong passwords and online identity management. I’m also an artist, selling to international collectors and companies. 

I was interested in getting into non-fungible tokens, or NFTs, so I researched the most popular, reputable NFT companies (or “marketplaces”). I read through the reviews and found a marketplace I thought was safe.

I then set up an online account. The process was just like setting up a new bank account. They asked for all pertinent personal information, my bank routing number, and account number. Because I wasn’t completely sold on their safety and security, I created a new bank account specifically for this venture. That was the best thing I ever did.

How I Became a Victim of Identity Theft

After six months, I received an email from someone interested in the artwork that I had posted on the NFT marketplace. I replied but received no response.

Two weeks later, I received an alert from the NFT-connected bank account, stating that I had made a withdrawal of $500. I didn’t think anything of it because I had written a check from that account. The following day, I was notified about an additional withdrawal for $1,500. That didn’t seem right.

I immediately called the bank’s fraud department. The representative said that someone had logged into my account for 45 minutes. During that time, my alert settings were changed, the two withdrawals were approved, and an additional withdrawal of $5,000 had been initiated.

My bank account was hacked. Someone got into my account and changed the alert settings. Luckily, they neglected to adjust the email settings to delete my email address. The bank thought it was me because the thief had all my personal information.

Because I saw my email notification before the money could leave my account, my bank was able to stop the transfers. I ended up closing the account and switching banks. The ordeal was incredibly stressful and created ripple effects for months afterward.

Related: Have I Been Hacked? How To Recognize & Recover From a Hack →

What to Do If Your Identity Has Been Stolen

If your account has been hacked or your identity has been stolen, take these necessary steps to protect yourself:

Contact your bank

If you think you’re a victim of identity fraud, immediately call your bank’s fraud department. You may have to fax a letter proving your identity and detailing the issue. Place a hold on all of your accounts and check-in with the fraud department weekly to “clawback” any money stolen.

Open new bank accounts

When opening a new bank account, use a different Personal Identification Number (PIN). Create a unique, complex, and long password (18 characters with letters, numbers, and symbols). Ensure that your bank account password is different from all other passwords. Check your account settings to confirm your email address and phone number are listed. Set up email and text alerts and two-step verification (also known as two-factor authentication).

Contact your credit card companies

After handling matters with your bank accounts, promptly contact your credit card companies and other financial institutions to let them know your identity has been compromised. Change the login credentials and PIN for all accounts and review statements for suspicious transactions. At this point, your creditors will be alerted of all future attempts made to get credit in your name and will not issue any credit without first verifying your identity.

Contact all credit bureaus

Reach out to all four credit bureaus (Equifax, Experian, TransUnion, and newcomer, Innovis) to dispute any errors you’ve identified on your credit reports and ask them to remove the fraudulent information from your file. They will investigate your claims, which may take a month or more. After all phone conversations, send a follow-up email or certified letters to keep a paper trail.

Submit an “Identity Theft Complaint/Affidavit”

You can file this report with the Federal Trade Commission (FTC), the nation’s consumer protection agency that collects identity theft information. Contact the FTC’s Identity Theft Hotline at 877-ID-THEFT (877–438–4338).

File a police report

Document the theft by filling out a police report at your local police department. The police might not do anything, but you’ll have the report on file for the bank. Be sure to keep a copy of the police report and case number in your files.

How to Avoid Future Identity Theft

1. Enable verifications and alerts :  Add two-step verification and alert settings to all your online shopping and social media accounts.
2. Freeze your credit: As a precaution, ask the credit bureaus to freeze your credit. When you need to apply for credit, it’s simple to lift the freeze temporarily. I suggest doing this for your kids as well since identity thieves can target anyone with a Social Security number (SSN).
3. Use strong passwords and establish a password-protection strategy : Choose new, non-obvious password combinations for all websites, subscription services, and mobile apps you frequently visit. Rather than saving your login credentials, consider using a vetted secure password manager for personal and family usage. 
4. Keep your money safe : To protect your credit card information, make purchases on retailers’ websites or Amazon instead of Facebook and Instagram. Be sure to log out of your Amazon, social media, bank, and online shopping accounts nightly. Go through all mobile apps attached to login credentials and delete any you don’t use.

It’s essential to make sure that your family members are using these tips, too, especially when using shared devices or usernames. Having learned about identity theft and prevention the hard way, I hope my experience will provide you and your family with guidance to help educate and protect against identity theft.

Related: The Top 10 LifeLock Competitors & Alternatives For 2023 →