As you may have read, I recently lost my wallet. There's a good chance it was stolen. Inside my wallet were my driver license, several credit cards and, unfortunately, my social security card, which was only in my wallet because I was starting a new job the next morning and would need it to prove my citizenship.
Naturally, the first thing I did was call my banks and cancel my credit cards. I then used Debix to file a fraud alert with all three credit reporting agencies.
Last week I got a letter purporting to be from Equifax informing me that they would not place a fraud alert on my account until I sent them copies of several additional documents proving my identity and current address. There are a few problems with this:
- I have no way of knowing if the letter is actually from Equifax. Anyone who knows that I lost my wallet could also have guessed that I would file a fraud alert, and could have sent this letter in an attempt to trick me into giving them sensitive information. It's unlikely, but it's a possibility.
- The letter insists that I send proof of my current address, but the address it lists is actually my previous address, since I just moved. I can't prove that I live at my previous address, because I don't live there anymore, and if I provide proof of my current address, Equifax won't accept it because they don't know my current address.
- I have already provided Equifax, via Debix, with my full name, social security number, date of birth, and my past few addresses. This is more than enough information for them to positively identify me.
According to the Fair Credit Reporting Act, Equifax seems to be on shaky ground here:
§ 605A. Identity theft prevention; fraud alerts and active duty alerts [15 U.S.C. §1681c-1]
(a) One-call Fraud Alerts
(1) Initial alerts. Upon the direct request of a consumer, or an individual acting on behalf of or as a personal representative of a consumer, who asserts in good faith a suspicion that the consumer has been or is about to become a victim of fraud or related crime, including identity theft, a consumer reporting agency described in section 603(p) that maintains a file on the consumer and has received appropriate proof of the identity of the requester shall--
(A) include a fraud alert in the file of that consumer, and also provide that alert along with any credit score generated in using that file, for a period of not less than 90 days, beginning on the date of such request, unless the consumer or such representative requests that such fraud alert be removed before the end of such period, and the agency has received appropriate proof of the identity of the requester for such purpose; and
(B) refer the information regarding the fraud alert under this paragraph to each of the other consumer reporting agencies described in section 603(p), in accordance with procedures developed under section 621(f).
When Debix contacted Equifax, they were acting on my behalf, they asserted in good faith that I had a suspicion that I would become a victim of fraud, and they provided Equifax with more than enough identifying information for Equifax to positively identify my credit record.
Unfortunately, the FCRA doesn't actually define what constitutes appropriate proof of identity. However, since the other two credit agencies accepted my filing and activated fraud alerts, that would seem to imply that they thought I provided enough proof.
Why are Equifax's requirements more stringent? How does this protect consumers in any way? Their strictness doesn't provide any additional protection for consumers. What kind of identity thief would actually want to activate a fraud alert? And even if they did, what good would it do them?
The identity thief would get a phone call the next time I tried to open a line of credit and they would be able to allow or deny the creation of that account. If they allowed it, they'd derive no additional benefit (since they already have my identity). If they denied it, I would instantly know that something was wrong and could contact the credit agency to get things sorted out.
The only thing Equifax's refusal does is cause me more inconvenience and increase the risk that an identity thief will be able to get away with committing fraud using my identity while I'm trying to figure out how I can possibly give Equifax more proof than I already have.
Thanks Equifax.
Comments
No title
This post here might help you
Re: No title
Awesome. Thanks Ben!
No title
i just filed a experian fraud alert and they to requested more proof such as, a copy of drivers license,bank statement,etc. but that was for a seven year fraud alert. the 90 day alert was done right away, and sent to the other agencies including equifax without addtional proof.
No title
I just recently had an estranged parent access my credit report, change information on it and actually try to put derogatory info in my file. Equifax nor Experian would allow me to place an alert on my file and would not tell me how the request for the information came in. TransUnion however were very helpful and are mailing me a copy of the forged letter. Anyone can get your personal information and request a report, alter info and make it difficult for you to prove who you are once that info has been altered. Nothing has changed to assist people in protecting themselves other than it has become big business to sell products that claim they are protecting and monitoring your information.
Lisa P
No title
Just my additional two cents on Equifax. When consumer write them to add a fraud alert, Equifax replied by asking more information such as copy of SSN, DL, W2. My response has always been ignore and write the other two credit bureaus Experian and TransUnion since they will add the fraud alert. Equifax request for additional information should always be denied for the following reaons:
1. you do not know who will get your information - could be Equifax people that will steal your identity (a possibility) 2. like mentioned some where above that it is unlikely the bad guy is the one that initiate a fraud alert to your credit file. 3. it is just not very smart to send your full information to a stranger.
No title
The other two credit reporting agencies are generally very friendly, and easy to use. Equifax just wants to sell you products to protect your information. Info on you that they sell to others and make a handsome profit on.
Trouble with Equifax
I too have had a bunch of trouble with Equifax. The others are great to work with.
Send the info
Experian always asks for a copy of your drivers liscence and a utility bill to prove who you are. No one is trying to trick you. Just look at the address where the correspondence came from. If it say’s Allen Texas your okay. BTW, Fraud alerts don’t do jack. Creditors are supposed to contact you prior to extending credit with a fraud alert, however it doesn’t stop a thief from getting your credit pulled or opening checking accounts in your name. Try a credit freeze or that new thing LifeLock. Don’t screw around with this, my friend had her identity stolen and the thief was writing bad checks left and right. Also, fraud alerts actually hurt your credit. I had a credit manager tell me that. So mine was removed.
Fraud Prevention - Personal Statement
You can “prevent fraud” by placing a personal statement on your credit file.
Simply add a small statement that says all credit request must be verified personally by contacting me on my cell phone xxx-xxx-xxxx. Why pay someone else for something you can do yourself? I will warn you though if your cell phone breaks it is inconvient/impossible to get new credit until that issue is resolved so don’t use this time to try out a new cell phone carrier who will run a credit check. You will be denied because nobody can get a hold of you.
Family Member Fraud Victims
Just a note, it is so much better to prevent fraud from happening than to try cleaning it up. It can turn into a full time job, especially if the perpetrator is a family member. Ways to protect yourself from family members?
1) You can “prevent fraud” by placing a personal statement on your credit file.
Simply add a small statement that says all credit requests must be verified personally by contacting me on my cell phone @ xxx-xxx-xxxx. Why pay someone else for something you can do yourself? I will warn you though if your cell phone breaks it is inconvient/impossible to get new credit until that issue is resolved so don’t use this time to try out a new cell phone carrier who will run a credit check. You will be denied because nobody can get a hold of you.
2) Add passwords to all your credit accounts and bank accounts if possible. My credit union will not give or deposit money without my password. They will also not change my mailing address either.
3) Don’t give a family member a personal check they can get your bank account info off of. Even if you trust that family member there is still a higher risk the “bad relative” will see it.
4) Dont’ broadcast your business! This can’t be said enough. If you don’t trust someone in your family, keep your whole life pretty private. Got a new job? Someone you mention it to might casually mention where your working to another family member. Don’t tell anyone where you bank at keep that info private. Paycheck loans don’t use the credit bureau’s, all they use are social security number, job verification, and two references. Therefore a fraud alert on your credit files won’t stop the bad relative from victimizing you again.
5) Shred your mail, all of it even the junk mail you think is harmless. Also shred your stickers off of your prescription bottles. If you want to know how much free info you are throwing into the dumpster, go through your own trash as an experiment just see how much you can find out about yourself.
6) Always file a police report! Typically if you are from a big city the police don’t have the time to mess with arresting your family member for identity theft. They are busy chasing murderer’s and drug lords. Your crime report goes to the bottom of the pile and proving it is really difficult. First of all the perpatrator is likely to say they had your permission. Also strained family relations and sympathy tend to prevent many family related cases from ever being prosecuted and the authorities know this. Why should they help you when you might feel sorry for your gambling addicted father later on and become uncooperative during prosecution? Sometimes family members are in on it as well “pretending to be victimized” so they can get it all wiped off their credit later with a fraud claim. This is why the credit bureaus will not take you serious as a victim unless you have filed an actual police report and included that number on your dispute. Keep in mind the creditor doesn’t care how they get their money, they just want their money back so if pestoring you 5 times a day might get you to pay the bill to prevent them from garnishment or harrassment they will do it.
7) If you have a small enough human resources department tell them you want to be notified if someone verifies your employment.
had a really bad experience with equifax myself
regarding account canceling. They not only wanted me to send a scan of my drivers license/passport but wanted a scan of my social security card. this is after “forgetting” I had already canceled.
http://laughing-anima.livejour
Don't send it
This is part of setting you up for identity theft and fraud. There are identity thieves working within Equifax. They bolster the need for id theft and fraud products which make them more money. File a complaint with your state attorney general. If you don’t here anything from them within 2-3 weeks, this would suggest they already know about it and something bigger is going on….I have a strong suspicion this is the case. If you’ve ever filed a complaint against them, then you are definitely a target. Whatever you do, do not provide a copy of your license, w2 form or social security number unless you want to become a victim of id theft.
As long as you get an initial 90 fraud alert placed on file with one credit bureau, that credit bureau MUST refer that fraud alert to the other credit bureaus by law. If they do not, they are in violation of the law. By refusing the place a 90 fraud alert (not an Extended Fraud Alert) upon a direct request from you or your personal representative (Debix in this case), Equifax also violates the law. The only way to force complaince when all else fails is to sue the CRA who doesn’t comply. This is why I sued Equifax for issues surrounding Fraud Alerts and other violations of Federal and State laws. Some companies such as Equifax only understand lawsuits and they know most consumers can’t afford to or find an attorney to sue them…so they keep breaking the law…it’s more profitable to break the law for them.
And just as indicated above, you should never send copies of your driver’s license or SSN card to a credit bureau, especially Equifax. I believe that information can and will be used to facilitate identity theft since they don’t have a firm grasp on their customer service agents, most of whom are overseas and could care less about you or your financial well being.