By Jeffrey Barnett, Founder and Managing Principal, Fintegrity LLC
Updated April 2026
The Scale of the Problem
Identity theft remains one of the most pervasive financial threats facing Americans, and high-net-worth individuals are particularly attractive targets. The more assets you have, the more a thief stands to gain by impersonating you.
The numbers are sobering. In 2024, the Federal Trade Commission received 6.5 million consumer reports encompassing fraud, identity theft, and other complaints. Of those, 1.1 million were identity theft reports—up 9.5% from 2023. Total reported fraud losses reached $12.5 billion, a 25% increase over the prior year.
Credit card fraud was the largest identity theft category, accounting for 449,076 reports—43.9% of all identity theft filings. Email was the most common contact method scammers used to reach victims, with 371,664 reports, while phone scams carried the highest median loss per victim at $1,500. Investment scams were the most financially devastating category overall, responsible for $5.7 billion in losses. Florida, Georgia, and Nevada had the highest per-capita identity theft rates in the country.
These figures almost certainly understate the problem. Many victims never file a report. If you manage significant assets, you should assume that your personal information has been exposed in at least one data breach and act accordingly.
Credit Freezes: Still the Gold Standard
The single most effective step you can take to prevent identity theft related to credit fraud is to freeze your credit files at all major reporting agencies. A credit freeze prevents anyone—including you—from opening a new credit card, loan, or lease in your name. When you legitimately need to access your credit, you temporarily lift the freeze using a security PIN known only to you.
Credit freezes have been free by federal law since September 2018. Before that legislation, agencies in some states charged fees of $5 to $10 per freeze, which discouraged adoption. There is no longer any financial reason not to freeze your files.
Be aware that credit reporting agencies would prefer you purchase their “credit lock” or “credit monitoring” services instead. These products generate revenue for the agencies but provide inferior protection compared to a statutory credit freeze. A freeze is governed by federal law; a lock is governed by the agency’s terms of service, which the agency can change at any time. Stick with the freeze.
Where to Freeze Your Credit Files
I recommend freezing your files at all six of the following bureaus and registries. Most lenders check one or more of the first three, but the others are used by banks, telecommunications providers, and utility companies.
- Equifax: equifax.com/personal/credit-report-services/credit-freeze
- Experian: experian.com/freeze/center.html
- TransUnion: transunion.com/credit-freeze
- National Consumer Telecom and Utilities Exchange (NCTUE): nctue.com/Consumers
1FTC, Consumer Sentinel Network Data Book 2024, https://www.ftc.gov/data/consumer-sentinel
2Economic Growth, Regulatory Relief, and Consumer Protection Act (S.2155), signed into law May 24, 2018. - Innovis: innovis.com/personal/securityFreeze
- ChexSystems: chexsystems.com/security-freeze/place-freeze
Credit card companies and other lenders typically check one or more of the first three bureaus before issuing new lines of credit. Cell phone providers check with the NCTUE before setting up accounts. Banks often check with Innovis and ChexSystems to verify customer identities when opening new accounts. Freezing all six closes the gaps that a thief might otherwise exploit.
Modern Threats You Should Know About
Credit freezes remain essential, but the threat landscape has evolved significantly. Several newer attack methods deserve your attention.
SIM Swapping. In a SIM swap attack, a criminal convinces your mobile carrier to transfer your phone number to a device they control. Once they have your number, they can intercept text-message verification codes sent as part of two-factor authentication—giving them access to bank accounts, email, and brokerage platforms. This attack is particularly dangerous for high-net-worth individuals because criminals specifically target people whose accounts are worth the effort.
AI-Powered Phishing. Scammers now use artificial intelligence to generate highly convincing phishing emails that lack the grammatical errors and formatting mistakes that once made them easy to spot. More alarmingly, AI-generated voice deepfakes can mimic the voices of family members, colleagues, or executives with startling accuracy. A caller who sounds exactly like your spouse or business partner asking you to authorize a wire transfer may not be who they claim to be.
Synthetic Identity Fraud. Rather than stealing your identity wholesale, some criminals combine fragments of real information—such as a legitimate Social Security number—with fabricated details to construct an entirely new identity. These synthetic identities are used to open accounts, build credit histories, and eventually “bust out” with large fraudulent charges. Because the identity is partly fictional, the fraud can go undetected for months or years, and the real person whose information was used may not discover the problem until significant damage has been done.
Practical Steps Beyond the Credit Freeze
In addition to freezing your credit files, I recommend the following measures:
- Use authenticator apps instead of SMS for two-factor authentication. Apps such as Google Authenticator, Microsoft Authenticator, or Authy generate codes locally on your device and cannot be intercepted through a SIM swap. Where available, hardware security keys (such as YubiKey) provide even stronger protection.
- Be skeptical of urgent requests, even from known contacts. If you receive an unexpected call, text, or email asking you to move money, share credentials, or take immediate action—regardless of who it appears to be from—verify the request through a separate, trusted channel before acting. Call the person back at a number you already have on file, not the one provided in the suspicious message.
- Monitor your credit regularly. Even with a freeze in place, review your credit reports periodically for unauthorized activity. You are entitled to free weekly credit reports from each of the three major bureaus through AnnualCreditReport.com.
- Place a PIN on your mobile carrier account. Contact your carrier and request a port-out PIN or account transfer lock. This makes SIM swap attacks substantially more difficult.
- Freeze your children’s credit files as well. Minors are frequent targets of synthetic identity fraud because their Social Security numbers have no existing credit history. A freeze on a child’s file costs nothing and prevents a thief from building a fraudulent credit history under your child’s name.
The Bottom Line
The threat of identity theft is not going away. It is growing in scale, sophistication, and financial impact every year. A credit freeze at all six bureaus and registries remains the single most important defensive measure you can take. Pair it with authenticator-based two-factor authentication, healthy skepticism toward urgent requests, and regular credit monitoring, and you will have substantially reduced your exposure.
If you have questions about protecting your financial identity or would like to discuss how identity theft risks factor into your broader financial plan, I welcome the conversation.
Disclaimer: This article is for informational purposes only and does not constitute investment, legal, or tax advice. Fintegrity LLC is a registered investment adviser regulated by the New Jersey Bureau of Securities.