PanicStation.org
UK USA
uk Death, bereavement & serious family crises accounts accessed after death • identity misuse after bereavement • suspicious login alerts deceased • hacked account after someone died • fraud using deceased details • ghosting identity theft • unexpected password reset emails • new device sign-in alerts • unfamiliar transactions after death • debt letters for deceased person • new credit in deceased name • takeover of email account • phone number takeover after death • sim swap warning messages • executor sudden fraud worry • bereavement scam signs • compromised accounts after funeral • someone using dead person's identity • security alerts estate admin

What to do if…
you receive alerts that accounts are being accessed after a death and you suspect identity misuse

Short answer

Treat this like an active account takeover: secure the email/phone that controls password resets, then urgently tell the affected providers and block new credit being opened in the deceased person’s name.

Do not do these things

  • Don’t click links in “security alert” emails/texts; go to the provider by typing the address or using the official app.
  • Don’t keep “testing logins” repeatedly if you think an attacker is active — it can trigger lockouts and give time for recovery details (email/phone) to be changed.
  • Don’t post or share extra personal details about the death (dates of birth, address history, account names) in public messages or obituaries.
  • Don’t assume it’s “just spam” if the alert mentions real devices, real services, or password resets you didn’t request.

What to do now

  1. Pause and capture the basics (2 minutes).
    Write down: which service, what the alert said, date/time, and any device/location info. Take screenshots. Start a simple log of every call/email you make (with reference numbers).

  2. Secure the “master keys” first: email + mobile number.

    • If the alert relates to an email account (or the deceased’s email is used for banking), sign in directly and change the password and turn on 2-step verification.
    • If you suspect the deceased’s mobile number is being used (unexpected OTP codes, “SIM changed”, calls/texts not arriving), contact the mobile network and ask them to block/lock the SIM and add stronger security on the account (so numbers can’t be ported or SIM-swapped easily).
      These two things often control password resets for everything else.

  3. Contact the affected providers immediately (fraud/bereavement teams).
    For any bank, card, insurer, investment platform, or payment account mentioned in alerts:

    • Tell them the account-holder has died and you’re seeing signs of unauthorised access.
    • Ask them to freeze risky activity, block online access until reviewed, and note the account for suspected impersonation/fraud.
    • If money has moved, ask what they need to treat it as an unauthorised transaction and to preserve records.

  4. Use the UK death-notification shortcuts (if you haven’t already).

    • Tell Us Once is available for deaths registered in England, Scotland, and Wales (not Northern Ireland). If you have a Tell Us Once reference, use it to reduce gaps in government records.
    • Consider the Death Notification Service to notify multiple participating banks/building societies at once (it reduces missed notifications, though each firm still does its own checks).

  5. Reduce the risk of new credit being opened in the deceased person’s name.

    • Contact the UK credit reference agencies — Experian, Equifax, and TransUnion — and ask how to add a “deceased” flag/notice to the deceased person’s credit file.
    • Requirements vary; they may ask for a copy of the death certificate and evidence you’re handling the estate (for example, executor/administrator paperwork if you have it).
    • If you’re authorised to access it, request the deceased person’s statutory credit report to check for any new accounts or searches you don’t recognise.

  6. Report it through the national reporting route.
    Make a report via Report Fraud (the UK’s national fraud reporting service; some guidance still refers to “Action Fraud”). Even if you’re not sure yet, a report creates a reference that can help when disputing credit entries or chasing providers.

  7. Reduce incoming post that can be used for fraud.
    If you’re getting marketing mail in the deceased person’s name at their address, use a UK suppression service (for example, The Bereavement Register or Deceased Preference Service) to reduce mail that could be intercepted.

  8. If you are the executor/administrator: keep proof together.
    Put in one folder (paper or digital): death certificate copies, your authority to act (if you have it yet), the alert screenshots, and a contact list of every organisation you’ve spoken to.

What can wait

  • You do not need to work out “who did it” right now.
  • You do not need to settle the estate, close every account, or contact every organisation today—focus on the accounts tied to the alerts and anything that can create new debt.
  • You do not need to decide about legal action immediately; preserve evidence and stop further misuse first.

Important reassurance

This is a common and very upsetting situation after a death—especially because automated alerts can feel like a fresh shock. You’re not overreacting: quick “lock it down + notify” steps are what prevent long, messy fallout later.

Scope note

These are first steps to stabilise and prevent further misuse. Cleaning up credit files, reversing transactions, and estate/legal steps may need follow-on help from the providers involved (and sometimes specialist advice).

Important note

This guide is general information for urgent first steps and does not replace legal, financial, or law-enforcement advice. Processes vary by organisation and by where the death was registered; if you’re unsure, ask each provider’s bereavement/fraud team exactly what they need from you.

Additional Resources
Support us