7 mins read

Identity theft in Australia – How to check if someone is using my identity? 

How to check if someone is using my identity in Australia? 

A serious crime in Australia, identity theft has become a more pressing issue as customer information is increasingly stored online, as shown by recent hacks to Optus and Medibank.  

While it can be hard to detect until after the perpetrator has taken action with your details (withdrawing funds etc.), you can pre-emptively take precautions to protect sensitive personal information. Should you see evidence of identity theft against you, there are steps to follow, such as contacting the relevant institution and police. 

What is identity theft? 

The Office of the Australian Information Commissioner (OAIC) defines identity fraud as “[fraud that] involves someone using another individual’s personal information without consent, often to obtain a benefit”. Previously, this practice was limited to forging or stealing important or sensitive paper documents. However, new ways to defraud individuals have emerged as this information has moved online.  

Identity theft is only one category of fraudulent behaviour. Fraud is the blanket term encompassing various criminal activities, including mail and healthcare fraud. If you believe you are a victim of any fraudulent behaviour whatsoever: contact your local police station (do not call 000 as this is for emergencies only).  

‘Personal information’ covers a wide range of details concerning an individual, all of which may get used for illicit activities, including:  

  • Name
  • Date of birth
  • Address
  • Signature
  • Licence information 
  • Medicare details
  • Health fund information
  • Passport details
  • Personal photographs
  • Bank login information 

How common is identity theft in Australia? 

According to data released by the Australian Bureau of Statistics: an estimated 0.8% of Australians (159,600) were victims of identity theft in 2021/22. This information mirrors the data from the previous reporting period (20/21), revealing that identity theft Australia cases are not trending downward, as hoped, but has a low prevalence.  

There remains a steady incidence rate for this fraud, reinforcing the need to protect sensitive information. Additionally, 2.5% of Australians reported being a victim of online impersonation, classified differently due to the lack of obtained material benefit. 

According to the ABS data, criminals used sensitive information in the following ways: 

  • To obtain money from a bank account, superannuation, or investments or shares (56% or 300,000) 
  • To open new accounts, including phone and utilities (16% or 84,000)
  • To apply for a loan or gain credit (7.9% or 42,300)
  • To provide false information to the police (3.3% or 17,700). 

What are the most common ways that your identity may get stolen? 


‘Phishing’ describes a criminal impersonating an institution you are a client or member of at the time. Such an institution may include your bank, utility provider, internet service provider, members club or other organisation.  

Typically, criminals falsely claim that an action needs urgent attention for your account, your permission is required, or even that they are responding to another fraud. Once you give them details, they can access your account and sensitive information using your identity. Examples of phishing have used company branding, tone, language, and imagery to increase complexity and hoodwink victims. 


‘Smishing’ describes a communication, often over text or email, asking for details concerning a parcel you didn’t order or a product you don’t have. While the sender may appear to be a legitimate business suffering a communication error or logistics problem, it is important not to disclose private information to any unknown entity until they are verified. If you are confident you did not order the item described: do not reply and report the sender.  

Cyber criminal

What are the impacts of having your identity stolen? 

Financial loss 

Criminals using identity theft often seek financial gain. They may steal money from your account or apply for a loan or fake credit card in your name, saddling you with debt. Your stolen details may also get used for applying to Centrelink programs or claiming medical benefits. Financial loss often accompanies any fraud, and identity theft is no exception.  


Identity theft can shake an individual badly. Many people don’t believe it will happen to them until after the fact. It is a traumatic experience – especially for older people who may be more easily confused. Victims of identity theft should consider seeking counselling or support to assist them with recovery.  

Time wasted 

Dealing with the ramifications of identity fraud can be a painstaking exercise. Credit cards may need replacing, multiple parties will be involved (such as your bank, police etc.), and there may be a lengthy legal process to follow if the perpetrator gets identified. Additionally, money stolen from bank account holdings can take significant time to be reimbursed.  

Credit score impacts 

If a criminal applies for a loan, utility, phone or other product in your name, it may negatively impact your credit score (at least temporarily). If you are a victim, report the theft to the police, your bank and the reporting bureaus (Equifax, Experian and Illion). Doing so may help rectify any impact on your credit score. 

How to check if someone is using your identity (and protect against theft) 

It can be hard to find out if someone is using your identity as there is no free identity theft check silver bullet. It is critical to remain vigilant. The following are some suggestions to check if you are a victim of identity theft or looking for warning signs. If unsure, it may be worth contacting the police.  

  • Regularly check bank account, utility, and phone bill statements for unusual or fraudulent activity, or have an authorised, trusted financial advisor do so. The same extends to the activity in your tax returns. Any unusual activity should be queried and followed up with the provider. Report identity theft to the authorities as soon as it is identified.  
  • Check your credit score regularly with all major bureaus. Any abrupt or unusual changes should be referred immediately to the reporting bureau and brought to the police if unexplained. 
  • Speak to friends and family to see if they have had any unusual interactions. If they’ve received any communication from a profile or account claiming to be you that you did not send, or you think “there is someone using my phone number”: contact the police.  
  • Learn the warning signs for phishing and smishing attempts, and keep an ear out for any news about widespread fraud within your area or network. Do not reply to any email or text from an unknown number or suspicious email address. Fake ID consequences may arise from any engagement with such parties.   
  • Keep track of important documents. If your licence, medical paperwork, passport or any other document is missing – you may be a victim of identity theft. Important mail is also potentially sensitive, so it may be worth reporting undelivered items.
  • Use security features such as 2-Factor Authentication (2FA) or biometric security (as found in SmartID by CreditorWatch) to help secure accounts and sensitive information.   

What should you do if you suspect you are a victim of identity theft? 

The Office of the Australian Information Commissioner (OAIC) officially recommends you take the following steps if you suspect identity theft: 

  • Report the fraud 

The first step you should take is to report the incident to your local police station (do not call 000 as this is for emergencies only). Request a police report or reference number so you have evidence that you reported the issue, as your bank or provider may require this documentation..Then, contact the organisation or agency that issued your identity document, and your financial institution and tell them what happened. Additionally, you may report cybercrime securely to the Australian Cyber Security Centre at ReportCyber. 

  • Change your passwords 

Immediately change your account passwords and close any unauthorised accounts. Consider using complex passwords up to 25 characters long, including numbers and symbols, to make it harder for hackers to guess them.  

  • Seek expert advice 

It may be worth contacting IDCARE, Australia’s national identity and cyber support service, to get expert advice from a specialist identity and cyber security counsellor. 

  • Get a copy of your credit report 

Identity theft can damage your credit history and credit score. It is worthwhile getting a copy of your credit report to check for evidence of fraud, such as a credit card opened in your name or your business name. You’re entitled to a free credit report once every three months. This will also show which organisations have recently checked your credit history, so you can tell them not to authorise a new account in your name. 

You may also want to reach out to credit reporting bodies and request a ban period be placed on your credit report. During a ban period, the credit reporting body won’t use or disclose your credit report or add new information to it. 

  • Consider whether you may need a victims’ certificate 

A victims’ certificate may help you with problems in your personal or business affairs caused by identity crime. You can apply for a Commonwealth Victim’s Certificate from the  Department of Home Affairs, or from some states and territories, depending on the type of identity crime that occurred. 

Verify the identity of customers with SmartID from CreditorWatch 

Identity thieves aren’t just looking to defraud individuals – they look to do the same with businesses. Your business must be able to verify that every customer is who they claim to be to mitigate risk. Thankfully, SmartID from CreditorWatch uses sophisticated biometric technology, government data sources and liveness checks to streamline the verification process during onboarding. Verification is completed in seconds so the application can proceed securely and quickly. 

Saving time and money, SmartID leverages Ocular Character Recognition, Multi-Level Encryption, and Data Validation to deliver unparalleled security and data accuracy. With net fraud on the rise in Australia, you must take steps now to verify customers before unscrupulous criminals unlock access to your business. Acting preemptively may save your team a lot of time and money. 

To verify your customers and protect your business – speak to our expert team today.  

cyber attacks Cyber criminals cyber risks cyber security cybercrime identifytheft
Sarah Ward
Business Development Specialist | Credit management and Collections
Sarah is a highly experienced business risk, credit management, collections and business development specialist with over 10 years of experience. She is an expert in identifying and mitigating risks and has helped numerous businesses gain a deep understanding of the latest trends in credit management. Sarah’s recent work includes writing about high-risk businesses and how to identify them and providing insights on using a risk assessment tool like CreditorWatch’s RiskScore to make informed decisions. She also emphasises the importance of performing due diligence on new clients to assess their credit risk and mitigate cash flow risk. Additionally, Sarah has also written about cash control and how to improve debtor management. Sarah’s recent work includes writing about high-risk businesses and how to identify them and providing insights on using a risk assessment tool like CreditorWatch’s RiskScore to make informed decisions. She also emphasises the importance of performing due diligence on new clients to assess their credit risk and mitigate cash flow risk. Additionally, Sarah has written about cash control and how to improve debtor management.
14-Day Free Trial

Get started with CreditorWatch today

Take your credit management to the next level with a 14-day free trial.

You might also like

fake account button

Fake bank accounts - What to do about fraudulent banking accounts

Cyber security

Proactive measures to tighten up your cyber-security - Q&A

Hey, Wait…

Subscribe to our newsletter

You’ll never miss our lat news, webinars, podcasts etc. Our newsletter is sent our regularly so don’t miss out.