Preventing identity theft of a deceased spouse

July 8, 2015 16:38 by Consumer Ed

Dear Consumer Ed:

My husband passed away. What steps can I take to prevent someone from accessing his information and committing identity theft? 

Consumer Ed says: 

There are several things you can do to protect your late husband’s identity from theft.  First, report the death to the Social Security Administration by calling 800-772-1213.  Second, contact the IRS ( and send them a copy of the death certificate.  Third, contact the Department of Driver Services at 678-413-8600 or to cancel your husband’s driver's license; this will prevent duplicates from being issued to fraudsters.   Finally, avoid putting too much information in your husband’s obituary; thieves often target them to glean personal information for just the purposes you fear. For example, do not include his birth date.

You can also request that the three major credit reporting agencies place a “deceased alert” on your husband’s credit report.  Make sure you send this request via certified mail with "return receipt requested.”  Send copies of the death certificate to each of the three major credit-reporting agencies — Equifax, Experian and TransUnion — asking them to place a "deceased alert" on his credit report.  Each of these agencies has specific requirements to place the alert on the files, so you will need to contact all of them:

After placing the alerts on your husband’s credit files, you will want to obtain copies of your husband’s credit reports. Federal law entitles you to one free copy of your credit reports each year from each of the three credit reporting agencies.  You can request them through a single central source at or by calling 877-322-8228. In addition, as a Georgia resident, you are entitled to receive two additional copies of each credit report per year at no charge.  To receive these additional copies, you must contact the credit reporting agencies directly.

If you suspect someone is using your husband’s identity after viewing the credit reports (e.g., you’re seeing accounts you know he didn’t open, or are receiving bills or collection notices from that account, etc.), you should notify the police in your jurisdiction.  Make sure you have copies of records and/or correspondence relating to the fraudulent accounts or transactions—identity theft is easier to pursue when your suspicions are backed with concrete evidence. Then, you should also notify the Georgia Department of Law’s Consumer Protection Unit at 404-651-8600 or

If you have evidence that someone is using your husband’s identity to engage in fraudulent activity, make sure that you respond, in writing, to any creditor, collection agency, credit issuer, or utility company who contacts you about any suspect transactions, notifying them of your husband’s death (along with the date of his passing).  When you do so, include a copy of his death certificate.   Request an immediate investigation into these transactions, and ask that you be contacted with the results of the investigation; when you receive a report that confirms the suspect activity, insist on letters of clearance, which you should keep with the other estate papers.   Finally, if you're closing an individual account, make sure the financial institution where the account was held lists "Closed: Account Holder Is Deceased" as the reason.  For joint accounts, simply remove the deceased's name.  For more information on what you can do to prevent identity theft, please visit  

You may also want to read Consumer Action’s Digital Estate Planning Guide, which explains how survivors may access their loved one’s digital accounts:

If you enjoyed this post, make sure you subscribe to my RSS feed!

Rate This

How will new chip-and-PIN technology for credit/debit cards affect who is liable for a fraudulent transaction?

June 24, 2015 20:22 by Consumer Ed

Dear Consumer Ed:

I heard that the magnetic strip on debit and credit cards is going to be replaced with chip-and-PIN technology. How will that affect who is liable (consumer or merchant) in the case that a fraudulent transaction occurs?

Consumer Ed says: 

The financial responsibility for fraudulent credit card transactions currently lies with either the merchant or the issuer (the bank or the credit card company), depending upon the card’s terms and conditions.  However, this will change after October 15, 2015, which is the deadline for card issuers and merchants alike (with the exception of gasoline retailers, which have until October, 2017) to switch from magnetic strips to chip-and-PIN technology, also referred to as EMV (Europay, MasterCard and Visa). 

EMV is a joint effort conceived by Europay, MasterCard and Visa to ensure better security of card payments for those companies’ users.  Adoption of EMV cards and EMV-compliant terminals will purportedly result in a reduction of fraud stemming from counterfeit, lost and stolen cards. EMV cards, which have an embedded microprocessor chip that stores data and information, will rely on the embedded chips and compatible terminals to complete transactions, rather than swipe-and-sign methods currently used. 

Further, unlike magnetic-stripe cards, every time an EMV card is used, the card’s chip will create a unique transaction code that cannot be used again.  After the October 15, 2015 deadline, liability for fraudulent credit or debit card transactions that still use magnetic stripes will be shifted to the party that has not switched to EMV technology; note that this shift in liability won’t fall on the consumer, but is between the card-issuer and the merchant. 

The change in technology is unlikely to have much of an effect on consumers’ liability for fraudulent debit and credit card transactions.  This is because under the Federal Fair Credit Billing Act, your liability for unauthorized credit card charges is capped at $50. However, once the suspected sham transaction is reported, consumers aren’t held responsible for any further amounts fraudulently charged to their cards.  It’s a bit different for debit cards:  if an ATM or debit card is reported missing before someone uses it, the holder isn’t responsible for any unauthorized transactions; but, if someone uses the ATM or debit card before it’s reported lost or stolen, the amount the holder is liable for depends on how quickly the loss is reported. 

Debit card losses fall along the following scale:  Consumers aren’t responsible for any amounts if the missing card is reported before any unauthorized charges are made; for missing cards reported within two business days after the holder learns of the loss or theft, the amount is capped at $50; for unauthorized charges reported 2 business days after the holder learns of the loss/theft, but less than 60 calendar days after the bank sends its statement to the cardholder, amounts are capped at $500; and for unauthorized charges reported after 60 calendar days, the cardholder is responsible for all charges.

To limit any liability you may have for purchases you didn’t make, or for transactions that may get charged to a card that has been lost or stolen, make sure you report the suspect purchases (or the loss or theft of the card) as soon as possible to the card’s issuer.  Follow up with a letter to your issuer to further document the report, and make sure you update your records to keep track of the issuer’s actions taken to nullify the transaction.  You can learn more about how to protect yourself by visiting the Office of Consumer Protection’s website at

If you enjoyed this post, make sure you subscribe to my RSS feed!

Rate This

How can I protect my children from identity theft?

March 6, 2014 20:43 by Consumer Ed

Dear Consumer Ed:

I really want to protect my children from identity theft.  At what age should I check to see if they have a credit report and whether it contains any suspicious information?

Consumer Ed Says:

Most parents apply for their children's Social Security numbers (SSN) very soon after their children are born, and a SSN is all that's required to open most credit accounts.  Therefore, it's never too early to take steps to protect your children from identity theft.  You should contact each of the three credit reporting companies, Experian, Equifax, and Transunion, to request your children's credit reports so that you can examine them for fraudulent activity.  When you contact each company, ask for a manual search of your children's files.  The companies may require copies of the children's birth certificates, Social Security cards, your government-issued identification cards, and proof of address.  You can contact the companies by visiting their websites:,, and

In addition to getting your children's credit reports from the three credit reporting agencies, there are additional steps that you can take to protect your children from identity theft:


  • Keep all documents that contain your children's personal information safely locked up. 
  • Avoid carrying your children's Social Security cards with you.
  • Do not share your children's SSNs unless you know and trust the other party.
  • If someone asks for your children's SSNs, ask why they want them, how they'll safeguard them, how long they'll keep them, and how they'll dispose of them. If you're not satisfied with the answers, do not share the numbers, and ask to use other identifiers.
  • Before you share personal information on the internet, make sure you have a secure connection.  A secure website has a lock icon in the address bar and a URL that begins with "https."
  • Also, use strong passwords, and keep them private.  If you use a password to sign into a website, log out of the site when you're finished.
  • Use a computer with updated antivirus and firewall protection. Don't send any personal or financial information through an unsecured wireless connection in a public place.
  • Limit the chances that your children's information will be stolen or misused at school by finding out who has access to your children's personal information.  Also, read the notices that schools are required to send explaining your rights under the Family Educational Rights and Privacy Act (FERPA).  That law protects the privacy of student education records, and gives you the right to opt out of the release of directory information to third parties, including other families.
  • Safely dispose of personal information.
  • Be alert to phishing scams, where criminals send an email, text, or pop-up message that looks like it's from a legitimate organization.  A phishing message asks the recipient to click on a link or call a phone number, and to share personal or financial information.
  • Share all of these safety tips with your children, especially if your children use the internet.


You should begin looking into the possibility that your children are victims of identity theft if you or your children have experienced any of the following warning signs:


  • You or your children were turned down for government benefits because the benefits are being paid to another account using one of your children's SSNs;
  • The Social Security Administration, Internal Revenue Service (IRS), or some other government agency asks you to confirm that your children are employed, even though your children have never had jobs;
  • You or your children received a notice from the IRS saying the children didn't pay income taxes, or that the children's SSNs were used on other tax returns; and/or
  • You or your children received collection calls or bills for products or services you didn't purchase or receive.


If you know or suspect your children have been victims of identity theft, contact each of the three credit reporting agencies.  Explain that your children are minors, and cannot legally enter into any type of contract.  To prove that your children are minors, send the credit reporting agencies a completed copy of the Uniform Minor's Status Declaration (make sure you ask each company for its mailing address).  Next, send a letter to each credit reporting company. Ask them to remove all accounts, account inquiries, and collection notices from the credit files associated with your children's names or personal information.  It won't be a quick process, but it shouldn't take more than 90 days from the date you get an acknowledgment of your request.

For more information, visit the Federal Trade Commission's website at

If you enjoyed this post, make sure you subscribe to my RSS feed!

Rate This