Deceased Identity Theft: Protecting the Recently Deceased

Deceased identity theft — sometimes called "ghosting" — occurs when a fraudster uses the personal information of a recently deceased individual to open credit accounts, file fraudulent tax returns, or claim government benefits. The problem is concentrated in the period immediately following death, before agencies and financial institutions have been notified and records updated. The Federal Trade Commission identifies deceased identity theft as a distinct fraud category under its broader identity theft types and definitions framework, recognizing that estates, surviving family members, and executors bear the practical burden of detecting and remedying this fraud.

Definition and scope

Deceased identity theft is the fraudulent use of a deceased person's Personally Identifiable Information (PII) — including Social Security number, date of birth, name, and address — to impersonate that individual for financial or legal gain. It is classified separately from synthetic identity fraud (which fabricates a composite identity) and from child identity theft (which exploits identities that have no established credit activity). Deceased identity theft exploits an existing, fully established identity that has entered a bureaucratic dead zone: the person is deceased, but their data remains active in credit bureaus, government databases, and financial institution records for a period ranging from days to months.

The Social Security Administration maintains the Death Master File (DMF), a database of reported deaths drawn from states' vital records offices, funeral homes, and family notifications (Social Security Administration, Death Master File). Fraud occurs most heavily in the gap before DMF records propagate to credit bureaus and lenders — a propagation lag that can exceed 90 days in some cases.

The FTC's IdentityTheft.gov platform provides specific guidance for family members managing deceased estate fraud, treating it as a reportable consumer incident even when the victim is no longer alive.

How it works

Fraudsters obtain a deceased person's information through four primary channels:

  1. Public obituaries — Death notices routinely contain full name, age, city of residence, and surviving relatives, providing partial data sufficient for account applications.
  2. Data brokers and breach-exposed records — Deceased individuals appear in major data breaches alongside living consumers; their records remain in compromised databases indefinitely.
  3. Mail interception — Physical mail addressed to the deceased continues arriving at the former residence, containing financial statements, insurance correspondence, and government notices. See mail theft and identity fraud for the broader mail exploitation landscape.
  4. Probate and court records — Probate filings are public documents in most U.S. jurisdictions and include the deceased's identifying information.

Once information is obtained, the fraud sequence typically follows a structured pattern:

  1. Fraudster applies for new credit using the deceased's SSN and name — a form of new account fraud.
  2. Address is changed to a fraudster-controlled location via a change-of-address submission.
  3. Credit accounts, store cards, or personal loans are opened and immediately drawn down.
  4. Tax returns may be filed in the deceased's name to claim fraudulent refunds — a variant of tax identity theft.
  5. Benefits claims — including Social Security survivor benefits or Medicare billing — are submitted fraudulently.

The IRS Identity Protection unit and the Social Security Administration are the two primary federal agencies involved in adjudicating posthumous fraud cases.

Common scenarios

Estate executor fraud: Creditors begin contacting the estate for accounts the deceased never opened. The executor discovers fraudulent credit lines when pulling a post-death credit report, which credit bureaus provide to authorized family members or legal representatives upon proof of death and legal standing.

Tax refund fraud: A fraudulent federal income tax return is filed using the deceased's SSN before the estate's legitimate return. The IRS's Return Integrity Verification Operations (RIVO) unit handles these disputes; the estate must file IRS Form 14039 (Identity Theft Affidavit) alongside the legitimate return. See the identity theft affidavit reference page for form structure and submission process.

Benefits continuation fraud: Social Security payments continue being deposited into a joint account or redirected via fraudulent direct-deposit changes. The SSA requires prompt notification of death — typically within the same calendar month — to halt payments. Failure to report can result in the estate being required to return improperly received funds.

Medical billing fraud: A deceased person's Medicare or Medicaid number is used to bill for services never rendered. This intersects with medical identity theft and falls under the jurisdiction of the HHS Office of Inspector General.

Decision boundaries

Estates and family members navigating this fraud category face distinct decision points that differ from standard living-victim identity theft response:

Freeze vs. notification: A credit freeze placed on a deceased person's file prevents new credit from being issued under that SSN. All three major credit bureaus — Equifax, Experian, and TransUnion — accept deceased freeze requests from legal representatives with supporting documentation (death certificate, proof of authority). This is distinct from a fraud alert, which requires a living victim to initiate and renew.

SSA notification vs. credit bureau notification: These are parallel, not sequential, processes. The SSA must be notified to update the Death Master File; credit bureaus must be notified separately with a copy of the death certificate to suppress the file. Neither notification automatically triggers the other.

Estate liability vs. personal liability: Fraudulent debts incurred in the deceased's name after death are not legally the responsibility of heirs under most state laws. However, disputes require documentation. The FCRA identity protection rights framework governs how credit bureaus must respond to disputes filed by authorized estate representatives.

When to involve law enforcement: Deceased identity theft meets the threshold for filing a police report — relevant to the identity theft reporting process — particularly when the fraud involves forged documents, redirected mail, or active criminal investigation by the IRS or SSA OIG.

References

📜 1 regulatory citation referenced  ·  🔍 Monitored by ANA Regulatory Watch  ·  View update log

Explore This Site

Regulations & Safety Regulatory References Tools & Calculators Password Strength Calculator