How to Check If Someone Is Using Your Identity: A Step-by-Step Guide

Identity theft doesn’t always announce itself. Most people find out weeks or months after the fact when a debt collector calls about an account they never opened, or they try to file taxes and the IRS says someone already beat them to it.

By then, the damage is done. The faster you check, the faster you can stop it. If you want to start by seeing what personal information about you is publicly available online, the same information a thief could use, Social Catfish’s reverse search tools let you run a search on yourself by name, email, phone number, or image to see what’s out there.

Here’s how to check every major area where identity theft shows up.

How Common Is Identity Theft in 2025?

More common than most people assume. The FTC received over 1.1 million identity theft reports in 2024, a 9.5% increase from the year before, and 2025 is on pace to break that record, with reports in just the first three quarters already surpassing the full-year 2024 total.

According to a 2025 Gen Digital survey, roughly 1 in 4 Americans report having been a victim of identity theft at some point. The average financial loss among victims in 2025 was over $7,600, and nearly half of the victims who sought help from the Identity Theft Resource Center said their issues were still unresolved a full year after discovery.

The sooner you catch it, the less you’ll have to undo.

Step 1: Check Your Credit Reports

This is the single most reliable place to catch identity theft early. Your credit report shows every account opened in your name, every hard inquiry, and every lender who has checked your credit history.

What to look for:

• Accounts you don’t recognize credit cards, loans, utility accounts, cell phone plans
• Hard inquiries you didn’t authorize (each one represents a lender checking your credit before extending it)
• Addresses or phone numbers listed that you’ve never used
• Incorrect employment history (thieves sometimes use stolen identities to obtain work)
• Co-signers on accounts you didn’t approve

How to check: Visit AnnualCreditReport.com, the only federally authorized free credit report site. You can pull reports from all three major bureaus: Equifax, Experian, and TransUnion. Check all three separately, not just one. Lenders don’t always report to all three, so fraud that shows up on Experian may not appear on TransUnion.

If you find something suspicious, you can place a fraud alert with any one of the three bureaus (they’re required to notify the others) or a credit freeze, which prevents any new credit from being opened in your name until you lift it.

Step 2: Review Your Bank and Credit Card Statements

Criminals often start small, a $4 charge here, a $12 subscription there, specifically to test whether you’re paying attention before going bigger.

What to look for:

• Small unfamiliar charges, especially recurring ones
• Duplicate transactions for the same amount
• Transfers or withdrawals you didn’t initiate
• Automatic payments set up without your knowledge
• Charges from merchants or services in cities you haven’t visited

What to do: Go through at least the last 60–90 days of statements line by line. If you find something suspicious, contact your bank or card issuer immediately. Most will freeze the account, issue a new card, and investigate. Set up transaction alerts if your bank offers them. Getting a text for every charge is one of the fastest ways to catch fraud in real time.

Step 3: Watch for Suspicious Mail (and Missing Mail)

Your mailbox is a surprisingly accurate fraud detector if you know what to look for.

Red flags to watch for:

• Bills or collection notices for accounts you never opened
• Credit card offers or new cards arriving that you didn’t apply for
• Statements from financial institutions you don’t have accounts with
• IRS or state tax notices referencing income you didn’t earn or a return already filed
• Explanation of Benefits (EOB) from your health insurer for medical services you didn’t receive

Missing mail is also a warning sign. If a bill you normally receive stops showing up, a thief may have changed your billing address to intercept it and hide their activity. Contact the sender directly if a regular bill goes missing.

Step 4: Check for Tax Identity Theft

Tax identity theft is one of the most disruptive forms of fraud, and most people don’t discover it until they go to file their own return.

Signs your tax identity may have been stolen:

• The IRS notifies you that more than one return was filed under your Social Security number
• You receive a notice about income from an employer you’ve never worked for
• Your tax refund is smaller than expected, or the IRS says one was already issued
• You receive an IRS Letter 5071C or similar verification notice

What to do: If you suspect tax identity theft, contact the IRS Identity Protection Specialized Unit at 1-800-908-4490. You can also file Form 14039 (Identity Theft Affidavit) to flag your account. Going forward, request an IRS Identity Protection PIN (IP PIN), a six-digit number required on your return each year that prevents anyone else from filing under your Social Security number.

Step 5: Check for Medical Identity Theft

Medical records stolen from a breach are worth 20 to 50 times more on the black market than financial data, and medical identity theft can follow you for years in the form of incorrect records, denied coverage, and unexpected bills.

What to look for:

• Medical bills for treatments, procedures, or prescriptions you didn’t receive
• Explanation of Benefits (EOB) statements showing services at facilities you’ve never visited
• Notices that your health insurance benefits are exhausted when they shouldn’t be
• Incorrect entries in your medical history, wrong blood type, conditions you don’t have, medications you’ve never been prescribed

How to check: Request a copy of your medical records from your healthcare providers and review them for inaccuracies. Contact your insurance company and ask for a full list of claims filed under your policy.

Step 6: Check for Unemployment and Benefits Fraud

During and after the pandemic, fraudulent unemployment claims surged dramatically. This type of fraud can surface in unexpected ways.

Warning signs:

• A notice from your state unemployment office about a claim you never filed
• Your employer contacts you about an unemployment claim filed in your name while you’re still employed
• You receive a 1099-G tax form showing unemployment income you never received
• Your state benefits system shows active claims you didn’t initiate

What to do: Report it to your state’s unemployment office immediately and request that the fraudulent claim be flagged. Also, file a report with the FTC at IdentityTheft.gov, which will generate a personalized recovery plan.

Step 7: Search Yourself Online

This step gets overlooked, but it matters. A thief using your identity often leaves a digital trail of fake accounts in your name, personal details on people-search sites, or your information listed at addresses you’ve never lived at.

Social Catfish lets you search yourself by name, email address, phone number, or image to see what comes up across social media, public records, dating sites, and people databases. This is useful for:

• Finding out what personal information is already publicly available and could be used against you
• Spotting fake accounts or profiles using your name and photos
• Checking whether your address, phone number, or email appears somewhere unexpected
• Verifying what a potential thief or anyone else would find if they searched you

Running a search on yourself is one of the fastest ways to see your own exposure before someone else exploits it.

Step 8: Monitor the Dark Web

Personal data stolen in breaches is often sold on the dark web before the victim has any idea it happened. Email addresses, passwords, Social Security numbers, and financial account details from major breaches often circulate for months or years.

Free starting point: Visit HaveIBeenPwned.com and enter your email address to see if it has appeared in any known data breaches. The site maintains a database of billions of stolen credentials and will show you exactly which breaches exposed your information.

If your email or password has been compromised, change those credentials immediately on any accounts where you reuse them and enable two-factor authentication everywhere it’s available.

What to Do If You Find Evidence of Identity Theft

If any of the steps above surface something suspicious, act quickly:

• Place a fraud alert or credit freeze with all three credit bureaus (Equifax, Experian, TransUnion)
• File a report with the FTC at IdentityTheft.gov, you’ll receive a personalized recovery plan and official documentation
• File a police report with your local department. This creates an official record useful for disputing fraudulent accounts
• Contact the fraud departments of any financial institutions, creditors, or agencies involved
• Document everything, screenshots, statement copies, letters, and call logs with dates and representative names

The FTC’s IdentityTheft.gov walks you through the process step by step and generates dispute letters you can send directly to creditors.

FAQ

The Bottom Line

Identity theft rarely feels dramatic when it starts. It’s a small charge you almost ignored, a bill you didn’t recognize, a credit inquiry that seemed off. The people who catch it fastest are the ones who check regularly, not just when something feels wrong.

Go through your credit reports, bank statements, and tax records now. Search yourself online to see what’s already out there. Social Catfish can help you see your own digital footprint the same way a thief would, so you can get ahead of it before the damage starts.