5 of the Most Common Identity Theft Scams (and How to Protect Yourself)

identity theft scams
frankpeters/Getty Images
Some of the links in this post are from our sponsors. We provide you with accurate, reliable information. Learn more about how we make money and select our advertising partners.

It happens more often than you might think — nearly 3 million times a year.

We’re talking about identity theft. When someone hijacks your name for their own purposes, it’s absolutely chilling — and potentially damaging.

Armed with the nine digits of your Social Security number, fraudsters can grab lines of credit and rack up significant debt in your name with shocking ease.

It’s best to catch them as early as possible.

How to Protect Yourself From Identity Theft Scams

An app called Credit Sesame helps you avoid identity theft by keeping a watchful eye your finances

Credit Sesame’s free identity theft protection will alert you to important changes in your credit report (like someone trying to apply for credit in your name), and it offers $50,000 in identity theft insurance.

Another good way to protect yourself is knowing what to look out for, especially because scammers will try just about anything to steal your info these days.

Keeping that in mind, here are five of the most common identity theft scams:

1. The W-2 Email Scam

The IRS issued an urgent alert about this growing ID theft scam in February.

Here’s how it plays out:

Someone at your employer’s payroll or HR department gets a fake email from a scammer pretending to be a high-level corporate executive.

The email requests copies of employees’ W-2 forms — basically asking for every employee’s personal information including their addresses, salaries and Social Security numbers.

In January, this happened to Scotty’s Brewhouse, a popular Indiana-based restaurant chain with 4,000 employees.

Once the scammers get their hands on this info, they can use it for their own nefarious purposes — like applying for credit lines or filing fraudulent tax returns to obtain bogus refund checks.

2. Email Subject Line: “A Notice From the Internal Revenue Service”

The IRS is also warning the public about this particular trick in its 2017 “Dirty Dozen” list of common tax-related schemes. Scams like this usually peak during tax season.

If you get an email purporting to be from the Internal Revenue Service, you should know that the IRS doesn’t initiate contact with taxpayers by email to request personal or financial information.

Don’t ever click on or respond to these kinds of emails.

If you receive one, report it by forwarding it to [email protected].

3. “This Is an Update From Norton Anti-Virus”

The authorities call this kind of scheme “Malware Based Phishing.”

It’s what happens when a scammer attaches a harmful computer program — or malware — onto emails or websites.

This computer program is made to look helpful, but it’s actually recording all your keyboard strokes and what websites you visit, then using what it learns to steal your identity.

One example is an email that’s disguised as coming from Norton Anti-Virus. It prompts you to install an updated web browser “to improve your computer security.”


When you click on the link, you’re just downloading malware.

To protect yourself, be super careful when downloading any program from the web. Contact the organization that supposedly sent you this email message, either by sending a separate email or making a phone call. Tell the company you got an email urging you to download a specific file, and you want to know if it’s legit.

4. Beware of the Skimmers

In identity theft terms, a “skimmer” is a device fraudsters install on an ATM or at a store’s checkout counter to copy the information from your debit or credit card.

It scans the data from your card’s magnetic strip and keeps it in an electronic storage device. That way, an identity thief can use your card to make unauthorized purchases.

Skimmers are not some bogus, imaginary urban legend. These suckers really exist.

Here’s an example from Consumerist of a bunch of cleverly disguised skimmers being discovered in a U.S. retail store just recently — much to the surprise of the store’s staff.

They’re also commonly found on gas pumps.

To prevent skimming, make it a habit to periodically check your credit report. (Hint: Credit Sesame helps with that, too.)

5. Sneaking in Through Your Google Search Results

You know the old saying, “If it looks too good to be true, it probably is”?

That applies to a scam called “search engine phishing,” according to the Center for Identity Management and Information Protection, a nonprofit research group.

Fraudsters create websites offering “too good to be true” bargains, and dangle them like bait. The website gets legitimately indexed into Google, Yahoo and other search engines.

And that’s where you’ll see the bait — an amazingly low price for a video game system, or an unusually high salary offer for a particular kind of job.

Once you click through to the scammer’s website, you’re induced to give up personal information in order to take advantage of such a great offer.

Tips to Protect Your Information

Knowing what to look for helps, but here are some other steps you can take to protect yourself from identity theft scams:

  • Sign up for a free identity protection service like Credit Sesame to keep tabs on your finances. It’ll inform you if someone applies for any kind of credit using your name.
  • Shred paper documents that include personal information before throwing them away.
  • Install anti-virus software and password protect your devices.
  • Use extreme caution when sharing personal information or account numbers online or over the phone.
  • Clear all your personal information off any digital devices before donating or selling them.
  • Contact the three major credit reporting agencies — TransUnion, Experian and Equifax — and place a freeze on your accounts to block any further credit applications made in your name.

If you suspect someone has stolen your identity, go to IdentityTheft.gov, the federal government’s one-stop resource for identity theft victims. It has checklists and sample letters to guide you through the recovery process.

Mike Brassfield ([email protected]) is a senior writer at The Penny Hoarder. He has personally been a victim of identity theft.