Types of identity theft: A complete guide to every category of identity fraud

Identity theft is not one crime; it’s many. Each type exploits a different piece of your personal information, from your credit card number to your child’s Social Security number, and each leaves a different trail of damage. Here are the major categories you need to know.

Of these, financial identity theft is the most common category, accounting for over 40% of all cases reported to the Federal Trade Commission.¹ Credit card fraud alone generated 503,450 reports in the first three quarters of 2025, making it the single largest subcategory. Synthetic identity theft is the fastest-growing type, with U.S. lender exposure reaching $3.3 billion by the end of 2024, according to TransUnion.² 

Understanding the differences between these types can help you recognize specific warning signs and respond with the appropriate steps. OmniWatch helps monitor across multiple identity theft categories, providing real-time credit alerts, dark web monitoring, and AI-powered scam detection.

"We have uncovered alarming trends in relation to the human costs of identity crimes. The findings are not just data points. It is a signal that support is crucial for victims," said Eva Velasquez, President and CEO of the Identity Theft Resource Center, a nonprofit that has assisted identity crime victims since 1999.³

Why understanding the types of identity theft matters

Identity theft is not a single crime. It spans a broad range of schemes that target different aspects of a person's identity, from financial accounts and medical records to tax filings and children's Social Security numbers. 

The Federal Trade Commission received more than 1.15 million identity theft reports in the first 3 quarters of 2025.¹ Identity theft reports filed in the first nine months of 2025 already surpassed the full-year 2024 total, according to OmniWatch's analysis of FTC Consumer Sentinel data.

Each type of identity theft has its own distinct characteristics, warning signs, and recovery steps. Knowing which type you are dealing with can help you understand how to report it, which agencies to contact, and what protective measures to take. This guide from OmniWatch covers all the major types, what they look like, and how to respond.

Types of identity theft at a glance

Financial identity theft

It occurs when someone uses stolen personal information to make unauthorized purchases, open new credit accounts, take out loans, or drain existing bank and investment accounts. 

Victims often discover financial identity theft only after receiving unfamiliar collection notices, spotting unexplained charges on statements, or noticing a credit score drop. The stolen data may include credit card numbers, bank account credentials, Social Security numbers, or a mix of all three.

Financial identity theft can have long-lasting consequences. The Javelin Strategy & Research 2024 Identity Fraud Study found that traditional identity fraud losses totaled nearly $23 billion in 2023, with consumers spending an average of 10 hours resolving each case.⁵ OmniWatch monitors for financial identity theft through real-time credit alerts that flag unusual account activity as it happens.

Credit card fraud

OmniWatch's analysis of FTC data found that credit card fraud generated 503,450 reports in the first three quarters of 2025 alone, with a quarterly average of 167,817 reports, up significantly from the 2024 quarterly average of 112,272. 

Criminals obtain card information through phishing emails, data breaches, card skimming devices installed at ATMs or gas pumps, and dark web purchases. They often test stolen data with small transactions before attempting larger purchases.

As more payments move online, the opportunities for credit card fraud keep growing. Online identity fraud now represents more than 70% of all identity fraud activity, according to industry research.⁶ Consumers should review credit card statements regularly and set up transaction alerts with their card issuers so unauthorized charges are easier to catch quickly.

Medical identity theft

Medical identity theft occurs when someone uses another person's name, Social Security number, health insurance details, or Medicare number to obtain medical care, prescription drugs, or insurance reimbursements without authorization. 

This type of identity theft accounted for 10,116 reports in 2024 FTC data, according to Security.org.⁴ While less common than financial fraud, medical identity theft carries uniquely dangerous consequences: a thief's medical history can become merged with the victim's health records, potentially leading to incorrect diagnoses, wrong prescriptions, or dangerous treatment decisions.

The FTC's consumer guidance on medical identity theft recommends requesting medical records from all providers where your information may have been used. Reviewing Explanation of Benefits (EOB) statements regularly, even when you have not visited a provider, is one of the most reliable ways to detect this type of fraud.

Tax identity theft

Tax identity theft happens when someone files a fraudulent tax return using another person's Social Security number to claim a refund before the legitimate taxpayer files. 

Tax identity theft cases take significantly longer to resolve than other types. The IRS Taxpayer Advocate Service reported that identity theft victim assistance cases averaged 506 days to resolve in fiscal year 2025, down from 676 days the prior year.⁷ If your return is rejected, file IRS Form 14039 (Identity Theft Affidavit) and consider enrolling in the IRS Identity Protection PIN program, which assigns a unique six-digit code required on all future filings.

Child identity theft

Child identity theft occurs when a criminal uses a minor's Social Security number or personal information to open credit accounts, apply for loans, or access government benefits.

Children are particularly attractive targets because minors typically have clean credit histories and no existing financial accounts that might trigger fraud alerts. A thief can use a child's Social Security number, and the fraud may go undetected for a decade or more, until the child becomes an adult and applies for credit or housing. By that point, significant damage may already exist on a credit file the child never knew they had.

Synthetic identity theft

It occurs when a criminal combines a legitimate Social Security number with fabricated personal details, such as a false name, address, and date of birth, to construct an entirely new, fictional identity. Unlike traditional identity theft, synthetic identity fraud does not rely on stealing a complete real identity. Instead, it creates a hybrid that appears legitimate to most verification systems.

According to TransUnion's 2025 research, synthetic identities linked to newly opened accounts exposed U.S. lenders to more than $3.3 billion in potential losses by the end of 2024.² Synthetic identity fraud attempts grew 153% from the second half of 2023 to the first half of 2024.⁴ Fraudsters often spend months or years building credit files for synthetic identities before maxing out available credit and disappearing. Thieves frequently target Social Security numbers belonging to children, elderly individuals, or deceased persons.

Criminal identity theft

Criminal identity theft occurs when someone presents another person's identity to law enforcement during an arrest, traffic stop, or legal proceeding. 

The victim may later discover that they have a criminal record, outstanding warrants, or legal judgments attached to their name for crimes they did not commit. This can be one of the hardest types of identity theft to resolve because it requires navigating both the criminal justice system and the credit reporting system simultaneously.

Victims of criminal identity theft should file a report with local law enforcement, obtain copies of all relevant police records, and file an identity theft report at IdentityTheft.gov. Clearing a false criminal record can require working with attorneys and court systems, making it one of the most time-intensive types of identity theft to resolve.

Account takeover fraud

Account takeover fraud occurs when a criminal gains unauthorized access to an existing account, such as a bank account, email, or social media profile, and uses it for financial gain or further identity crimes. 

The Identity Theft Resource Center found that social media takeover was the most commonly reported form of identity misuse in 2025, affecting 35.3% of general consumer victims, up from 29.4% the prior year.³ In the business sphere, account takeover fraud was responsible for 31% of all reported fraud losses in the U.S., according to TransUnion's H2 2025 fraud report.⁸

Account takeover often begins with stolen credentials obtained through data breaches or phishing attacks. Enabling two-factor authentication and using unique passwords for each account are the most effective preventive measures. OmniWatch's dark web monitoring alerts members when their credentials appear on underground marketplaces, providing an early warning before account takeover can occur.

Employment identity theft

Employment identity theft occurs when someone uses a stolen Social Security number to gain employment. 

Victims may not find out until they file taxes, receive incorrect W-2 forms, or discover unreported income attributed to their Social Security number. Employment-related identity theft totaled 37,556 reported cases in 2024, a 20% year-over-year increase, according to Security.org.⁴ This type of theft can also create problems with government benefits eligibility and background checks.

Monitoring your Social Security statement annually through the Social Security Administration's online portal can help detect employment identity theft early. If unreported income appears on your account, contact the SSA immediately and file a report with the FTC. 

How to protect yourself against different types of identity theft

Place a credit freeze or fraud alert. A credit freeze blocks new creditors from accessing your credit file. A fraud alert requires creditors to verify your identity before opening accounts. OmniWatch offers a one-click credit freeze feature that simplifies this process across all three major bureaus.

Monitor credit reports regularly. Federal law entitles every consumer to one free credit report per year from each major bureau through AnnualCreditReport.com. Checking quarterly helps catch unauthorized accounts and inquiries before they compound.

Use unique passwords and enable two-factor authentication. Reused credentials are the primary entry point for account takeover fraud. Use a password manager and enable two-factor authentication on every account that supports it.

Enroll in identity monitoring. An identity protection platform like OmniWatch that combines credit monitoring, dark web surveillance, data breach alerts, and AI-powered scam detection provides coverage across multiple types of identity theft simultaneously.

File a report if you suspect any type of identity theft. The FTC's IdentityTheft.gov portal generates a personalized recovery plan and pre-filled dispute letters based on your specific situation. Filing early is the most important step in limiting damage, regardless of the type of identity theft involved.

Frequently asked questions about types of identity theft

This guide is published by OmniWatch. Follow OmniWatch on Facebook for ongoing guidance on identity protection, digital safety, and scam awareness.