Social Security Identity Theft: Prevention and Response

Social Security identity theft occurs when a fraudster obtains and misuses another person's Social Security number (SSN) to access government benefits, open fraudulent accounts, or evade tax obligations. The scope of the problem is significant: the Federal Trade Commission received 1.4 million identity theft reports in 2022 (FTC Consumer Sentinel Network Data Book 2022), with government documents and benefits fraud among the top reported categories. This page covers how SSN-based identity theft is defined, the mechanisms fraudsters use, the scenarios most commonly encountered, and the decision framework for determining how to respond. For a broader orientation to Social Security program structure, the Social Security resource index provides foundational context.

Definition and scope

Social Security identity theft is the unauthorized acquisition, transfer, possession, or use of another individual's SSN with the intent to commit fraud or other crimes, as defined under 18 U.S.C. § 1028 (Identity Fraud) and 18 U.S.C. § 1028A (Aggravated Identity Theft). The Social Security Administration (SSA) distinguishes between two primary categories of misuse:

Benefit fraud occurs when a person uses a stolen SSN to claim Social Security retirement, disability, survivors, or Supplemental Security Income (SSI) benefits to which they are not entitled.

SSN misuse occurs when the number is used outside the SSA benefit context — for example, to obtain employment, file fraudulent tax returns, open credit accounts, or obtain medical services.

These categories are not mutually exclusive. A compromised SSN may simultaneously appear in a fraudulent benefit claim, an IRS filing, and a financial institution's records. The Social Security number reference page details the legal framework governing SSN issuance and permissible use.

How it works

SSN theft follows a chain of acquisition, exploitation, and concealment. Understanding the mechanics at each stage informs both prevention and detection.

Acquisition methods include:

  1. Data breaches — Large-scale exposures of employer, healthcare, or financial records that contain SSNs in bulk. The 2017 Equifax breach exposed the SSNs of approximately 147 million individuals (FTC v. Equifax settlement).
  2. Phishing and social engineering — Fraudulent emails, phone calls, or text messages that impersonate the SSA, IRS, or financial institutions to trick individuals into disclosing their SSN.
  3. Physical document theft — Stolen mail, discarded records, or theft of Social Security cards and tax documents.
  4. Dark web purchase — SSNs exposed in prior breaches are frequently sold on criminal marketplaces, often bundled with dates of birth and addresses.

Exploitation methods depend on the fraudster's objective:

Concealment typically involves redirecting correspondence — changing the address on SSA records, suppressing IRS notices, or using a drop address — so that the victim does not receive alerts for an extended period.

Common scenarios

Three scenarios account for the majority of SSN-based fraud cases reported to the SSA's Office of the Inspector General (OIG):

Scenario 1: Benefits claimed under a stolen identity. A fraudster files for Social Security disability or retirement benefits using a victim's SSN, often targeting individuals who are deceased or elderly and unlikely to be monitoring their accounts. Survivors and disability benefits are also targeted; see the Social Security disability benefits and survivors benefits pages for eligibility context that may help identify irregularities.

Scenario 2: Wage fraud affecting the earnings record. An unauthorized worker uses a victim's SSN for employment. The employer reports those wages to the SSA, inflating or distorting the victim's Social Security earnings record. This can affect future benefit calculations, particularly the Primary Insurance Amount, which is derived from a worker's 35 highest-earning years.

Scenario 3: Tax return fraud linked to SSN. The IRS uses SSNs as the primary taxpayer identifier. Fraudsters who file first receive any legitimate refund. When the real filer submits their return, the IRS flags it as a duplicate. The IRS Identity Protection PIN (IP PIN) program, administered at irs.gov/ippin, provides a 6-digit code that prevents duplicate returns.

Decision boundaries

Responding effectively to SSN-based identity theft requires distinguishing between incident types and matching the response to the correct agency or mechanism.

SSA-specific fraud vs. broader identity fraud:
If the misuse involves Social Security benefits directly — a claim filed in the victim's name, a changed direct deposit account, or phantom wages on the earnings record — the primary reporting channel is the SSA OIG hotline (1-800-269-0271) or the online fraud reporting form at oig.ssa.gov. If the misuse extends to credit, banking, or tax filings, the FTC's IdentityTheft.gov generates a recovery plan and coordinates multi-agency reporting.

Active fraud vs. precautionary response:
When fraud has already occurred (e.g., a fraudulent claim is confirmed), immediate steps include placing a fraud alert with the three major credit bureaus — Equifax, Experian, and TransUnion — under 15 U.S.C. § 1681c-1, and requesting a credit freeze under 15 U.S.C. § 1681c-1(i), which is free under federal law. When exposure is suspected but no fraud is confirmed (e.g., an SSN appeared in a data breach), a precautionary credit freeze and enrollment in the SSA's mySocialSecurity portal to monitor the earnings record are the proportionate initial steps.

Card replacement vs. SSN reassignment:
A replacement Social Security card does not change the SSN; it is issued only when the physical card is lost or damaged. SSN reassignment is available only in documented cases of ongoing harassment or abuse, not routine fraud, per SSA policy (SSA Program Operations Manual System, RM 00205). Victims who need a replacement card should review the Social Security card replacement page for the documentation requirements. For assistance navigating a report or recovery process, how to get help for Social Security provides agency contact guidance.

References

Read Next

Social Security Numbers: What They Are and How to Protect Yours This page covers how SSNs are structured and assigned, the circumstances that most commonly require producing or protecting... Social Security Earnings Record That record directly determines eligibility for retirement, disability, and survivors benefits, as well as the monthly dollar... Social Security Disability Benefits Eligibility depends on both a worker's medical status and their prior payroll tax contributions, distinguishing SSDI from...