Act fast. Stay safe. Recover with a clear plan.
Use this playbook to contain fraud quickly, document every action, and reduce ongoing identity risk.
Bureau resources included:
Rapid response playbook
Step 1: How do I lock down my credit in the first 10 minutes?
Place security freezes with Experian, Equifax, and TransUnion immediately. A freeze blocks new hard-pull credit applications until you lift it, which is your fastest defense against follow-up account fraud.
Step 2: Which accounts should I secure first?
Start with primary email, bank logins, and payment apps. Update passwords to unique passphrases and force sign-out on all sessions. Then rotate shopping, social, and utility accounts tied to that same email.
Step 3: What is the fastest way to check active fraud?
Review your current 3-bureau report and recent card/bank transactions together. Look for unknown inquiries, new tradelines, mailing-address changes, and micro-charges that indicate takeover testing.
Step 4: Should I file reports right away?
Yes. File an identity-theft report at IdentityTheft.gov, then follow your financial institutions dispute workflows. Keeping one timeline with timestamps and ticket numbers accelerates recovery and reimbursement.
Step 5: How do I stop long-tail attacks after day one?
Enable two-factor authentication on every critical account, set transaction alerts, and re-check bureau files weekly for 30 days. Fraud rings often retry once they see initial defenses appear.
Step 6: When should I contact support?
If you find unknown inquiries, new accounts, or ongoing unauthorized transactions, contact support immediately with screenshots and timestamps. We can help sequence bureau and account responses in priority order.
Protect Yourself Now
12 practical protections to reduce repeat attacks and long-tail identity damage.
How often should I rotate passwords?
Immediately after an incident, then rotate high-risk accounts every 60 to 90 days. Use a password manager and avoid reusing any previous phrases.
Why does 2FA matter after a breach?
Even if credentials leak again, a second factor blocks most automated takeovers. Prefer authenticator apps or passkeys over SMS when available.
Do I need fraud alerts if I already froze credit?
Yes. Fraud alerts add another verification requirement and improve notification visibility. Freeze plus alerts is stronger than either layer alone.
Should I check dark-web or breach monitors?
Yes. Breach-monitoring alerts help identify which credential sets are circulating so you can prioritize resets before attackers weaponize them.
What should I watch in bank activity?
Monitor ACH debits, card-not-present charges, and new payees. Turn on push alerts for any transfer above a small threshold.
How can I protect tax-related identity risk?
Create and secure your IRS account, file taxes early, and respond quickly to any tax transcript or filing notices you did not request.
Why review utility and telecom accounts?
Fraudsters often open phone, cable, and utility lines because they are less monitored than banks. Add account PINs where possible.
What if my phone number is at risk?
Set a SIM-lock/passcode with your carrier and require in-store identity verification for SIM swaps. This protects SMS-based recovery paths.
How should families handle shared risk?
If one household member is breached, rotate shared account credentials and verify all authorized users. Criminals pivot laterally across family records.
What role do credit reports play weekly?
A weekly review catches new inquiries and tradelines before statement cycles close, giving you faster dispute windows and less downstream damage.
Should I save evidence from suspicious activity?
Yes. Keep screenshots, confirmation emails, chat transcripts, and call-reference numbers in one folder to support reimbursement and investigations.
How do I know when risk is lowering?
When no new unauthorized events appear across 30 to 60 days and bureau files remain stable, you can shift to monthly monitoring while keeping freezes active.
Bottom Checklist
- Change all high-risk passwords now
- Enable 2FA for email, bank, and payment apps
- Check breach-monitor alerts and exposed credentials
- Review your latest 3-bureau report
- Contact ChoiceIdentity support with urgent evidence
Need urgent help? Email support@choiceidentity.com.