New account fraud -- where criminals use stolen personal information to open bank accounts, credit cards, and loans in your name -- has become one of the fastest-growing forms of identity theft. In 2025, new account fraud losses reached an estimated $7 billion, and the number of victims surged 31% compared to the prior year. Unlike account takeover fraud, which hijacks your existing accounts, new account fraud creates entirely new financial relationships that you may not discover for weeks or months. Here is what you need to know to protect yourself.
New Account Fraud vs. Account Takeover
Account takeover (ATO) happens when a criminal gains access to your existing bank account or credit card. New account fraud is different: the criminal uses your stolen personal data -- name, Social Security number, date of birth, address -- to open brand-new accounts you never applied for. Both are serious, but new account fraud is harder to detect because the accounts do not appear on your existing statements or login dashboards.
How Big Is the Problem?
New account fraud has exploded in recent years. According to Javelin Strategy and Research's 2026 Identity Fraud Study, combined identity fraud losses totaled $38 billion in 2025, affecting 36 million victims. New account fraud saw one of the sharpest increases, with victims jumping 31% year-over-year. The FTC logged over 503,000 reports of credit card fraud in just the first three quarters of 2025 alone -- the most common identity theft category the agency tracks.
The financial toll is staggering. New account fraud costs U.S. consumers approximately $5.3 billion in direct losses, while businesses shoulder an additional $20 billion in costs from fraudulent accounts, chargebacks, and fraud mitigation.
How Criminals Open Accounts in Your Name
To open a new account, a criminal typically needs a few key pieces of your personal information:
- Full legal name
- Social Security number
- Date of birth
- Current or former address
- Phone number and email address
Where do they get this data? There are several common sources:
- Data breaches: Social Security numbers were involved in two-thirds of all data breach reports in 2025. When a company is breached, your personal information can end up for sale on dark web marketplaces within days.
- Data broker sites: People-search websites like Spokeo, BeenVerified, and WhitePages aggregate and sell your name, address, phone number, age, relatives, and more. This data gives criminals the building blocks they need to pass identity verification checks.
- Social engineering: Criminals supplement stolen data by researching social media profiles and even calling company contact centers to extract additional personal details.
- Synthetic identity creation: Some fraudsters combine your real Social Security number with a fabricated name and date of birth to create an entirely new identity that can bypass traditional fraud checks.
Once armed with enough information, criminals apply for credit cards, personal loans, auto financing, or bank accounts online -- often in minutes. Because the application uses your real identity details, it may pass automated verification systems without triggering alerts.
Data Brokers Are Part of the Problem
In a documented federal case, a defendant posed as a debt collector to gain access to a commercial data broker's database, then downloaded homeowners' personal information and used it to file fraudulent credit card applications. Your personal data sitting on people-search sites is not just a privacy concern -- it is an active tool for identity criminals.
Warning Signs of New Account Fraud
Because new account fraud does not affect your existing accounts, it can fly under the radar. Watch for these red flags:
- Unexpected credit inquiries: Hard inquiries on your credit report from companies you never contacted
- Unfamiliar accounts: New accounts appearing on your credit report that you did not open
- Collection notices: Bills or collection calls for debts you do not recognize
- Credit score changes: Sudden unexplained drops in your credit score
- Mail from unknown creditors: Approval letters, statements, or cards arriving for accounts you never applied for
- IRS notices: Tax documents showing income from employers you never worked for
7 Steps to Protect Yourself
1. Freeze Your Credit at All Three Bureaus
A credit freeze is your single most effective defense against new account fraud. It prevents lenders from pulling your credit report, which blocks most fraudulent applications. Freezes have been free at Equifax, Experian, and TransUnion since 2018, and you can temporarily lift them whenever you need to apply for legitimate credit.
2. Place Fraud Alerts
A fraud alert requires creditors to take extra steps to verify your identity before opening new accounts. An initial fraud alert lasts one year and only needs to be placed at one bureau -- it is automatically shared with the other two. Victims of identity theft can place an extended fraud alert lasting seven years.
3. Monitor Your Credit Reports
Check your credit reports regularly through AnnualCreditReport.com. Look for accounts you do not recognize, addresses you have never lived at, and hard inquiries you did not authorize. Many credit monitoring services also provide real-time alerts for new account openings.
4. Remove Your Data From Data Brokers
Every piece of personal information available on people-search sites makes it easier for criminals to impersonate you. Removing your data from data broker sites reduces the raw material available for new account fraud. PrivacyOn removes your personal information from over 100 data broker sites and continuously monitors for re-listing, cutting off one of the primary sources criminals use to build identity profiles.
5. Use Strong, Unique Passwords and Enable Two-Factor Authentication
Credential theft surged 160% in 2025, with 1.8 billion logins stolen. Use a password manager to generate unique passwords for every account, and enable two-factor authentication (2FA) wherever possible -- especially on email, banking, and financial accounts.
6. Set Up Account Alerts
Enable transaction alerts and login notifications on all financial accounts. Most banks and credit card companies offer real-time push notifications for new transactions, password changes, and account modifications.
7. Review Your Mail and Statements
Do not ignore unexpected mail from financial institutions. Approval letters, PIN mailers, and account statements for accounts you did not open are clear signs of new account fraud. Report them immediately.
What to Do if You Are a Victim
If you discover that someone has opened accounts in your name, act quickly:
- Contact the fraud departments of each company where fraudulent accounts were opened and request immediate closure
- File a report with the FTC at IdentityTheft.gov to create an official recovery plan
- File a police report with your local law enforcement
- Place an extended fraud alert or credit freeze at all three bureaus
- Dispute fraudulent accounts on your credit reports with each bureau
- Document everything -- keep copies of all correspondence, dispute letters, and police reports
Why Proactive Data Removal Matters
Credit freezes are essential, but they are not a complete solution. Synthetic identity fraud can bypass freezes by pairing your real Social Security number with a fabricated name. And a freeze does nothing to stop criminals from using your stolen data for non-credit fraud like tax fraud, medical identity theft, or government benefits fraud.
The most effective defense is a layered approach: freeze your credit, monitor your reports, and reduce the amount of personal data available about you online. PrivacyOn helps with that last critical layer by continuously scanning and removing your personal information from data broker sites -- making it significantly harder for criminals to assemble the identity profile they need to commit new account fraud in your name.