Engaging Service Providers

<  Back to Fact Sheets
Service providers

Service providers are organisation that transact with your identity information. These organisations can be government or business, such as telecommunication providers, financial institutions, retail outlets, postal services, and document issuing organisations. Service providers can assist in understanding whether an error is actually identity misuse, how to protect your existing accounts, and if there has been misuse, what precise information about you was misused (for example the credentials used by the criminal). Put simply, they can be critical in understanding what has happened and how to protect and respond. Brace yourself; experiences can be highly variable.

Understanding what has happened:

Criminal exploitation of accounts and/or personal information can often present in ways that can look like a transaction or change of account details. It’s important to validate whether what’s experienced is actually a suspected crime or merely a mistake by the service provider. Here are some tips on engaging with service providers when trying to understand what is happening:

  • Put in writing your concerns or at the very least document what you have asked.
  • Ask what and how they will respond to your questions.
  • Ask for a unique reference number to ensure you have an identifier for your request for information.
  • If your request relates to a transaction, ask for specifics about the transaction, such as when did it occur, via what channel, what information was provided and related “evidence” about the transaction.
  • Ask for any documentation from the provider regarding the event, such as a billing account number, a service number, a ‘welcome letter’ or invoice.
  • Contact information about an escalation point within the service provider just in case you are not satisfied with their response.

Note that not all service providers will give you an option to call. Technology companies are known for difficult customer engagement channels.

Protecting Yourself:

When requesting that a service provider assists in protecting you:

  • Ask what your service provider can do to increase the security of your account and information. Some service providers may be able to increase account monitoring or disable the ability for your account to engage overseas – such as transfer money overseas (if you don’t have a need).
  • Ask your service provider to place a note on your file / customer account record if you suspect that someone already has or intends to access the account to make changes.
  • If you have to put things in writing or prove who you are, ask the service provider to acknowledge that you have done this in writing.
  • Ask whether there are any costs associated with increasing your security and related terms and conditions.

Responding when things take a turn:
  • In most cases you are entitled to know what information was used to identify you during the suspected fraudulent transaction. This information is vital.
  • Request written confirmation that your identity was misused with the service provider – this may assist in being reissued a new driver licence number in Queensland and NSW if this was misused.
  • Report to Police and contact IDCARE.
  • Check your credit reports – you may need to request for them to be corrected.
  • If your service provider is a government agency, financial institution, superannuation fund or telco, you can escalate complaints to the relevant ombudsman.

For additional support or information, contact IDCARE by submitting a Get Help Form or call 1800 595 160 (Aus) or 0800 121 068 (NZ).


Identity Care Australia & New Zealand Ltd (IDCARE) provides identity and cyber security incident response services (the Services) in accordance with the following disclaimer of service:

  • IDCARE is Australia and New Zealand’s national identity and cyber incident community support service. IDCARE is a not-for-profit and registered Australian charity.
  • The Services provided do not constitute legal advice. IDCARE recommends that you consult your own legal counsel in relation to your legal rights and obligations, including but not limited to your legal rights or obligations under Australian and international privacy and data protection laws.
  • While every effort has been made to ensure the accuracy of the content provided, to the maximum extent permitted by law all conditions, terms, representations, and warranties (in each case, whether express or implied) in connection with the provision of the Services which might otherwise be binding upon IDCARE are excluded.
  • IDCARE’S liability for any loss or damage suffered by any person or organisation (including, without limitation, any direct, indirect or consequential loss or damage) arising out of or in connection with the Services (including without limited liability for any negligent act or omission, or statement, representation or misrepresentation of any officers, employees, agents, contractors or consultants of IDCARE) shall be limited to the fees paid by you to IDCARE in respect of the Services. For the avoidance of doubt, this limitation of liability extends to any liability arising from any actions performed or not performed as a result of any recommendations made in the course of providing the Services.
  • If you would like to provide feedback please use our Feedback Form.


IDCARE is here to provide you with specialist support and guidance when faced with a cyber and identity related issue. Contact one of our Identity & Cyber Security Case Managers to learn more about our Support Services and how we can help you.   

Get help

Submit a web request

Call Centre Icon


1800 595 160

Mon - Fri: 8am - 5pm AEST

QLD: 07 3555 5900
ACT & NSW: 02 8999 3356
VIC: 03 7018 2366
NT, SA & WA08 7078 7741

Call Centre Icon

call our NEW ZEALAND

0800 121 068

Mon - Fri: 10am - 7pm NZST

AKL: 09 884 4440