Don’t assume that the risk of having your identity stolen lasts only as long as you are alive. More than two million dead Americans become victims of identity theft each year.

To an identity thief, the recently deceased are ideal targets. Unlike the living, the dead never notice that they are being victimized and don’t take steps to stop these crimes.

There is a system in place that is supposed to prevent this—when Americans die, their Social Security numbers are added to the Social Security Administration’s “Death Master File.” Once that occurs, credit-reporting agencies note the deaths in their files and credit issuers should not issue new credit.

But this process can take months, leaving plenty of time for identity thieves to strike. During these months, it falls to surviving spouses, heirs and executors to protect the identities of the deceased. It’s in their best interests to do so.

Although these spouses, heirs and executors are not legally responsible for financial losses caused by postmortem identity theft—it’s the duped creditors who are left holding the bag—these crimes can cause them major headaches as they struggle to convince creditors and bill collectors that the debts are not the responsibility of the estate.

And if the executor of the estate is not paying close attention, identity theft could even go unnoticed, meaning that fraudulent account withdrawals might not be corrected and/or fraudulent bills might be paid, reducing the size of the estate.

Here’s what you should do…


If you are a surviving spouse or heir, take the following actions to reduce the odds that identity thieves will steal the deceased’s identity…

Edit the obit. Do not mention the deceased’s home address, birthday or mother’s name in his/her obituary. Some identity thieves scour the obituaries for potential targets, and this information could be useful to them.

Watch the wallet. There have been cases of hospital or emergency services personnel stealing credit cards from the wallets of the deceased. These thieves sometimes leave most of the contents of the wallet in place in order to decrease the odds that a loved one will realize anything is amiss. What to do: Cancel the deceased’s credit cards as soon as possible. Carefully check the final bill for charges that occurred after the deceased went to the hospital and/or passed away.

Discard the deceased’s documents with care. Identity thieves have been known to pick through garbage cans outside the homes of the recently deceased. They’re hoping that heirs threw out sensitive paperwork while cleaning out the house. Documents that should be shredded with a paper shredder include tax returns…financial account statements…credit card statements…bank account statements…and anything with a Social Security number.

Relocate the wake. If you hold a wake or reception in the deceased’s home, an identity thief (or burglar) could show up, claim to be an old friend of the deceased and then slip away from the crowd to steal sensitive information, credit cards and small valuables. Also, an employee working for the caterer, florist or cleaning company you hire for the event could be a crook bent on ID theft.

Prevent oversharing on social media. Some identity thieves search the social-media accounts of the recently deceased to find the facts they need. If the deceased has Facebook and/or other such accounts, log into each of these and ­either delete the accounts (assuming that you can gain access)…or, if you prefer to leave the accounts open as a way to remember the deceased, at least confirm that the account settings restrict access to only a small circle of family members and friends.

Also read through the posts, deleting any that mention ID-related information such as mother’s maiden name or birth date. If you do not log into the account because you don’t have the password and cannot find it near the deceased’s computer, report the death to the social-media site. This often leads to the account being shut down or ­“memorialized” in a way that could at least limit access, though this can vary depending on the site and the settings that the deceased selected.

Have the deceased’s mail held at the post office or forwarded to the estate’s executor. Otherwise, mail containing account information and other sensitive data might sit in the deceased’s mailbox where an identity thief could grab it. Exceptions: This is not necessary if a spouse or some other trusted loved one still lives at the deceased’s address…and/or the deceased has a post office box or locking mailbox.


Even if you take all the right steps to safeguard your deceased loved one’s sensitive information, he/she still could be victimized by an identity thief. There have been so many data breaches of retailers, financial institutions, government agencies and others in recent years that the information an identity thief needs might already be in circulation. What’s more, postmortem identity theft sometimes is committed not by a stranger, but by a family member who has access to the deceased’s sensitive information.

Informing key agencies and institutions about the death can at least contain the damage that a postmortem identity thief can do. Obtain copies of the death certificate as soon as possible—death certificates typically are available through the funeral home or mortuary—and send them along with letters reporting the death to…

Government agencies including the IRS, Social Security Administration, Department of Motor Vehicles and the tax authority in the deceased’s state. This should prevent identity thieves from having duplicate driver’s licenses, Social Security cards or other documents issued to them in the deceased’s name. Notifying the IRS and state tax authorities promptly should prevent an identity thief from filing a phony tax return in the deceased’s name and receiving a refund.

The deceased’s creditors and other financial institutions. This includes investment companies and advisers, banks, credit unions, credit card issuers, lenders and insurance companies. If you are not certain which financial companies the deceased used, go through his recent mail, checking account registers, filing cabinets, recent tax returns and wallet in search of clues. Or identify these creditors and financial companies by obtaining a free copy of one of the deceased’s credit reports at

To obtain this report, you will have to provide identifying information about the deceased, including his Social Security number. It generally is easier to obtain the credit report before the credit-­reporting agencies are informed of the death. After they learn of it, extra steps might be required for the estate’s executor to obtain a copy.

The three major credit-reporting agencies. Ask Equifax, Experian and TransUnion to place a “deceased alert” on your loved one’s file. This is like putting a security freeze on the file—it prevents the credit-reporting agency from releasing the file, which should, in turn, prevent new credit accounts from being opened in the deceased’s name. Send certified copies of the death certificate along with brief letters identifying the deceased by full name, Social Security number, last five years of addresses, date of birth and date of death to…

• Equifax, PO Box 740241, Atlanta, GA 30374

• Experian, PO Box 4500, Allen, TX 75013

• TransUnion, PO Box 2000, Chester, PA 19016.

Helpful: If there are signs that identity theft is occurring despite your efforts—these signs might include money disappearing from the deceased’s accounts…or account mailings arriving from creditors that the deceased did not have—the estate’s executor should call the credit-reporting agencies and the deceased’s financial institutions as quickly as possible to confirm that they received the death certificate and placed a death alert on the file or account. The executor also should call the Social Security Administration and ask whether the deceased’s Social Security number has been added to the Death Master File. If it hasn’t, explain that identity theft is occurring and ask whether anything can be done to speed along the process.

Related Articles