PanicStation.org
UK USA
us Death, bereavement & serious family crises accounts accessed after death • identity theft deceased person • suspicious login alerts after death • hacked account deceased loved one • fraud using dead person's identity • ghosting identity theft • unexpected password reset messages • unfamiliar charges after death • new credit opened in deceased name • debt collector letters for deceased • takeover of email account • phone number takeover after death • sim swap warning texts • executor sudden fraud worry • bereavement scam warning signs • compromised accounts estate admin • someone using deceased identity • security alerts after funeral

What to do if…
you receive alerts that accounts are being accessed after a death and you suspect identity misuse

Short answer

Treat it like an active takeover: secure the deceased person’s email/phone (password resets), then immediately notify the affected providers and the credit bureaus so the credit file is marked and harder to misuse.

Do not do these things

  • Don’t click links inside “security alert” emails/texts; go to the provider directly via the official website/app.
  • Don’t repeatedly try passwords or “poke around” if you think someone else is actively in the account — you can trigger lockouts and lose access while recovery details are changed.
  • Don’t share extra personal details publicly (full DOB, address history, security-answer type info) in posts or online memorials.
  • Don’t assume “it’s impossible because they’re deceased” — credit and tax-related misuse can still happen.

What to do now

  1. Capture the evidence while you’re calm enough to do it.
    Screenshot the alerts (service name, time/date, device/location if shown). Start a simple log: who you contacted, when, and what they said (including case numbers).

  2. Secure the “master keys” first: email + mobile number.

    • If the alerts involve an email account (or the deceased used it for banking), sign in via the official site/app and change the password and enable MFA/2-step verification.
    • If you suspect the deceased’s phone number is being used (unexpected one-time codes, “number moved”, service stops working), contact the mobile carrier and ask to lock the account/SIM and add stronger authentication (for example, a port-out/SIM-swap PIN).

  3. Call the fraud departments for any account named in alerts.
    For banks/cards, payment apps, investment accounts, utilities with stored payment methods, and major online marketplaces:

    • Tell them the account-holder has died and you’re seeing signs of unauthorized access.
    • Ask them to freeze transactions/online access pending review, and to flag for suspected fraud/impersonation.
    • If funds moved, ask what documentation they need and request they preserve relevant records.

  4. Notify the credit bureaus to add a “deceased” notice and reduce new-credit fraud.
    Contact one of the three nationwide credit bureaus (Equifax, Experian, or TransUnion) to report the death and ask for the credit file to be marked deceased.

    • Typically, when one bureau adds the deceased notice, it will notify the other two — but confirm this during your request.
    • They may require a copy of the death certificate and proof you’re authorized to act (for example, executor/personal representative documentation, if you have it).

  5. Create a federal identity theft report.
    Use IdentityTheft.gov to generate an Identity Theft Report and a recovery plan you can print/save. This often helps when disputing fraudulent accounts or credit entries.

  6. Confirm Social Security has the death recorded (especially if benefits were involved).
    Funeral homes often report the death if you give them the Social Security number — but don’t guess. If you need to report it yourself, SSA accepts death reports by phone or in person (not online or by email).

  7. If you see IRS/tax signs, follow IRS “deceased person identity theft” steps.
    If you receive IRS notices about a return you didn’t file, or suspicious tax documents for the deceased: keep the letters, don’t ignore deadlines, and follow IRS identity theft guidance for deceased-person misuse.

  8. If you are executor/personal representative: keep proof and authority documents together.
    Keep in one place: certified death certificates, court/estate authority paperwork (if available), the alert screenshots, and all reference numbers from bureaus/FTC/providers.

What can wait

  • You do not need to determine “who did it” today.
  • You do not need to close every account immediately—prioritize the accounts tied to alerts and anything that can create new debt or move money.
  • You do not need to decide about lawsuits or formal complaints right now; focus on stopping further misuse and preserving records.

Important reassurance

Getting login alerts after a death can feel like the loss is happening again. You’re not being “paranoid” — quick lock-and-notify steps are the practical way to stop this from becoming months of extra stress.

Scope note

These are first steps to stabilize and prevent further misuse. Cleaning up credit reports, reversing transactions, and resolving tax/benefit issues may take follow-up with each organization involved.

Important note

This guide is general information for urgent first steps and is not legal, financial, or law-enforcement advice. Procedures and documentation requirements vary by institution and state; if you’re unsure, ask each provider’s fraud/bereavement team exactly what they need from you.

Additional Resources
Support us