When a criminal steals your account number and security code, they often are planning to use that account to make purchases. Your credit report is not consulted for purchase transactions. So, in such cases, you should consider contacting your card issuer and request a new account number. At minimum, you should check your account online to see if there has been any activity which you do not recognize.
The system of fraud alerts that has been in place for decades in the credit reporting systems was designed specifically to help people who are identity theft victims, or have reason to believe they may be, to stop credit fraud resulting from that identity theft.
In the Target incident and similar data breaches, neither a temporary security alert nor a fraud victim statement on your credit report will stop the thief from using your credit card account.
But the alerts may help protect affected consumers from new credit fraud if the identity thief attempts to open new credit accounts using their stolen information.
These services are available at no charge to anyone who is a victim of identity theft, or who has reason to believe they may be a victim:
Temporary Security Alert (90 days)
You can add a temporary, initial security alert to your credit report. You can do so at experian.com/fraud. The alert is free and lasts for 90 days. That gives you time to get a copy of your credit report, which is also free, and ensure there is no credit fraud appearing on your report.
The alert is sent every time a lender or other business requests a copy of your credit report.
The alert says:
Fraudulent applications may be submitted in my name or my identity may have been used without my consent to fraudulently obtain goods or services. Do not extend credit without first verifying the identity of the applicant. I can be reached at XXX-XXX-XXXXEXTXXXXX. This Security Alert will be maintained for 90 days beginning MM-DD-YY.
Initial security alerts are intended for people who know or have reason to believe they are at increased risk of credit fraud. For example, they may have lost their wallet or purse, or they may have received a notice that their identifying information was compromised as the result of a computer data breach.
For those individuals a temporary security alert may be all that is needed. If they find their wallet or purse, or the data is recovered and has not been accessed, they have no need to continue the alert because the threat no longer exists.
Extended Fraud Alert
Also known as a victim statement, the extended alert statement says:
Fraudulent applications may be submitted in my name or my identity may have been used without my consent to fraudulently obtain goods or services. Do not extend credit without first contacting me personally and verifying all application information at DAY XXX-XXX-XXXXEXTXXXXX or EVENING XXX-XXX-XXXXEXTXXXXX . This victim alert will be maintained for seven years beginning MM-DD-YY.
In order to add a victim statement you must first file a police report or valid identity theft report. A victim statement lasts seven years, and like an initial security alert, is provided to every business that requests your credit report.
Experian and the other national credit reporting companies share initial security alerts and fraud victim statements when they are requested by a consumer. When one of the credit reporting companies is contacted, it will automatically notify the others to add the alert, as well.
The credit reporting companies implemented the one-call process a number of years ago. They recognized the importance of making it as easy as possible for people at high risk of identity theft or who already were victimized to add the alerts so that they could begin the recovery process.