As you may have read, I recently lost my wallet. There's a good chance it was stolen. Inside my wallet were my driver license, several credit cards and, unfortunately, my social security card, which was only in my wallet because I was starting a new job the next morning and would need it to prove my citizenship.
Naturally, the first thing I did was call my banks and cancel my credit cards. I then used Debix to file a fraud alert with all three credit reporting agencies.
Last week I got a letter purporting to be from Equifax informing me that they would not place a fraud alert on my account until I sent them copies of several additional documents proving my identity and current address. There are a few problems with this:
- I have no way of knowing if the letter is actually from Equifax. Anyone who knows that I lost my wallet could also have guessed that I would file a fraud alert, and could have sent this letter in an attempt to trick me into giving them sensitive information. It's unlikely, but it's a possibility.
- The letter insists that I send proof of my current address, but the address it lists is actually my previous address, since I just moved. I can't prove that I live at my previous address, because I don't live there anymore, and if I provide proof of my current address, Equifax won't accept it because they don't know my current address.
- I have already provided Equifax, via Debix, with my full name, social security number, date of birth, and my past few addresses. This is more than enough information for them to positively identify me.
According to the Fair Credit Reporting Act, Equifax seems to be on shaky ground here:
§ 605A. Identity theft prevention; fraud alerts and active duty alerts [15 U.S.C. §1681c-1]
(a) One-call Fraud Alerts
(1) Initial alerts. Upon the direct request of a consumer, or an individual acting on behalf of or as a personal representative of a consumer, who asserts in good faith a suspicion that the consumer has been or is about to become a victim of fraud or related crime, including identity theft, a consumer reporting agency described in section 603(p) that maintains a file on the consumer and has received appropriate proof of the identity of the requester shall--
(A) include a fraud alert in the file of that consumer, and also provide that alert along with any credit score generated in using that file, for a period of not less than 90 days, beginning on the date of such request, unless the consumer or such representative requests that such fraud alert be removed before the end of such period, and the agency has received appropriate proof of the identity of the requester for such purpose; and
(B) refer the information regarding the fraud alert under this paragraph to each of the other consumer reporting agencies described in section 603(p), in accordance with procedures developed under section 621(f).
When Debix contacted Equifax, they were acting on my behalf, they asserted in good faith that I had a suspicion that I would become a victim of fraud, and they provided Equifax with more than enough identifying information for Equifax to positively identify my credit record.
Unfortunately, the FCRA doesn't actually define what constitutes appropriate proof of identity. However, since the other two credit agencies accepted my filing and activated fraud alerts, that would seem to imply that they thought I provided enough proof.
Why are Equifax's requirements more stringent? How does this protect consumers in any way? Their strictness doesn't provide any additional protection for consumers. What kind of identity thief would actually want to activate a fraud alert? And even if they did, what good would it do them?
The identity thief would get a phone call the next time I tried to open a line of credit and they would be able to allow or deny the creation of that account. If they allowed it, they'd derive no additional benefit (since they already have my identity). If they denied it, I would instantly know that something was wrong and could contact the credit agency to get things sorted out.
The only thing Equifax's refusal does is cause me more inconvenience and increase the risk that an identity thief will be able to get away with committing fraud using my identity while I'm trying to figure out how I can possibly give Equifax more proof than I already have.
Thanks Equifax.
Comments
No title
This post here might help you
Re: No title
Awesome. Thanks Ben!
No title
i just filed a experian fraud alert and they to requested more proof such as, a copy of drivers license,bank statement,etc. but that was for a seven year fraud alert. the 90 day alert was done right away, and sent to the other agencies including equifax without addtional proof.
No title
I just recently had an estranged parent access my credit report, change information on it and actually try to put derogatory info in my file. Equifax nor Experian would allow me to place an alert on my file and would not tell me how the request for the information came in. TransUnion however were very helpful and are mailing me a copy of the forged letter. Anyone can get your personal information and request a report, alter info and make it difficult for you to prove who you are once that info has been altered. Nothing has changed to assist people in protecting themselves other than it has become big business to sell products that claim they are protecting and monitoring your information.
Lisa P
No title
Just my additional two cents on Equifax. When consumer write them to add a fraud alert, Equifax replied by asking more information such as copy of SSN, DL, W2. My response has always been ignore and write the other two credit bureaus Experian and TransUnion since they will add the fraud alert. Equifax request for additional information should always be denied for the following reaons:
1. you do not know who will get your information - could be Equifax people that will steal your identity (a possibility) 2. like mentioned some where above that it is unlikely the bad guy is the one that initiate a fraud alert to your credit file. 3. it is just not very smart to send your full information to a stranger.
No title
The other two credit reporting agencies are generally very friendly, and easy to use. Equifax just wants to sell you products to protect your information. Info on you that they sell to others and make a handsome profit on.
Trouble with Equifax
I too have had a bunch of trouble with Equifax. The others are great to work with.
Send the info
Experian always asks for a copy of your drivers liscence and a utility bill to prove who you are. No one is trying to trick you. Just look at the address where the correspondence came from. If it say’s Allen Texas your okay. BTW, Fraud alerts don’t do jack. Creditors are supposed to contact you prior to extending credit with a fraud alert, however it doesn’t stop a thief from getting your credit pulled or opening checking accounts in your name. Try a credit freeze or that new thing LifeLock. Don’t screw around with this, my friend had her identity stolen and the thief was writing bad checks left and right. Also, fraud alerts actually hurt your credit. I had a credit manager tell me that. So mine was removed.