- There is a very high likelihood that if your credentials are stolen you will experience identity theft.
- Targeted credentials include Passports, Driver Licences, Credit Cards, Bank Statements, Tax Statements, Medicare Cards and utility bills.
- The most common ways credentials are stolen is because of unsecured letterboxes, not checking mail daily and house burglaries where the credentials are easily accessible.
- The risk to someone who has had their credentials stolen is usually a “credit risk” – a criminal applying for credit in your name. The average time between theft and misuse is five days.
- Shared living located along key transport corridors are more targeted than other residential types.
- Be aware of what credentials are attractive to identity thieves and where you keep them.
- Ensure you have proper physical security in your home and with your letterbox.
- If you are going away, arrange for someone to collect your mail and keep an eye out.
- If you live in an apartment or dual living, talk to other residents or the body corporate about assessing the security of your mail and residence.
- Arrange for alternative ways to receive your credentials and statements than by mail (eg. collecting in person or receiving statements by email).
- Lock your credentials away in a place that’s not obvious in your home.
Detection & Response
- Make a mental note of when you are likely to receive credentials and statements and don’t delay chasing them up if they don’t arrive.
- Check your credit report once a year – it’s free to do so. Check out our Fact sheets on Credit Reports.
- If you suspect credentials and statements are stolen, let the issuing organisation know, notify your bank and ask for more security, and place a ban on your credit file (it’s free to do this and it will prevent most criminals from getting credit in your name).
- or call 1800 595 160(Aus) / 0800 121 068(NZ).
For more information on identity theft please see our other fact sheets;
Identity Care Australia & New Zealand Ltd (IDCARE) provides identity and cyber security incident response services (the Services) in accordance with the following disclaimer of service:
IDCARE is Australia and New Zealand’s national identity and cyber incident community support service. We are a not-for-profit charity.
- The Services provide do not constitute legal advice. IDCARE recommends that you consult a solicitor in relation to your legal rights and obligations, including but not limited to your legal rights or obligations under Australian and international privacy and data protection laws.
- While every effort has been made to ensure the accuracy of the information in this product or service, to the maximum extent permitted by law all conditions, terms, representations, and warranties (in each case, whether express or implied) in connection with the provision of the Services which might otherwise be binding upon IDCARE are excluded.
- IDCARE’S liability for any loss or damage suffered by any person or organisation (including, without limitation, any direct, indirect or consequential loss or damage) arising out of or in connection with the Services (including without limitation liability for any negligent act or omission, or statement, representation or misrepresentation of any officers, employees, agents, contractors or consultants of IDCARE) shall be limited to the fees paid by you to IDCARE in respect of the Services. For the avoidance of doubt, this limitation of liability extends to any liability arising from any actions performed or not performed as a result of any recommendations made in course of providing the Services.
- The Services provided by IDCARE are intended to be provided solely to the initial recipient of this document or service and IDCARE will not be liable to any other person who may receive this document.
While every effort has been made to ensure the accuracy of the information in this alert, IDCARE disclaims any liability to any person in respect to any actions performed or not performed as a result of the contents of the the Services or any accompanying data provided. Wider dissemination may be permitted by authority in writing from IDCARE’s Managing Director. If you would like to provide feedback please use our Feedback Form.