How to Read Your Credit Report

Since the Equifax breach, we have all become painfully aware that our personal credit information is in the wild.  Identity theft is something that could happen to any of us.  Even the FBI, in a recently released report, says, “Given the hacks we’ve seen in recent years, there are few people who haven’t had their identity stolen.”

There is little any of us can do about the information disclosures that have happened as a result of the Equifax and other similar breaches.  The information is out there, in the hands  of criminal groups who will be selling it and using it to execute financial frauds in our names.  The only solution for us now is vigilance.

Recommended actions you can take include setting up a fraud alert or a credit freeze, and checking your credit report for any irregularities.  Some credit card companies are providing free credit report monitoring for their cardholders, and these services watch for changes in your credit history and the creation of new credit accounts, alerting you to changes by email.

The best idea is to periodically pull a copy of your credit report yourself and go through it for changes or irregularities.  You are allowed one free credit report per year from each of the 3 major credit bureaus, Experian, Equifax, and Trans Union.  You can pull them all at the same time, or divide the year into thirds and pull them at intervals such as January, May and September.

The only place to go for this service is  Do not be fooled by cleverly misspelled alternative sites run by cybercriminal groups, or other web sites promising the same service, but for a fee.  The FBI recommends using the above site only.

What should you be looking for?

  • Names and addresses – Make sure your credit history shows only names you would have used, including maiden name, and alternatives (i.e. Bob for Robert).  Look at the street addresses where you have lived.  Any locations you have not lived at?  This could be signs of a fraudster or identity thief.
  • DOB and SSN – Check to make sure that your birth date and social security number are correct.
  • Employer – The report will show your current employer.
  • Credit accounts – There will be a list of the companies you have credit accounts with, and this includes all credit cards, any automobile loans, home mortgages, and any retailers such as furniture or appliance stores where you may have opened a credit account.  Anything showing that you don’t know about bears investigation.
  • Payment history – Do you always pay on time?  Or do you pay late?  This information is also in your credit report.  If you are seriously past due on an account you can’t place, this could be fraud.
  • Collections – If any accounts in you name are so seriously past due that they have gone to a collection agency, it will show in the report.  If this information is a surprise to you, it could indicate a credit fraud.
  • Credit History Pulls – There will be a list of organizations and companies who have pulled your credit report.  This list may include employers, banks, utility companies, cell phone companies, and landlords.  Any requests from companies yo do not recognize should be a red flag for fraud.

There is a great example of a credit report on

If you find incorrect information, you need to write to the credit bureau to correct the information and for a review of that record.  You can add an explanatory note to your own credit file.  You also need send a dispute letter to the creditor (bank, lender, or credit card company) in the report.  This is also a good time to look at credit cards and accounts that you do not need or no longer use, and close those accounts.  This usually will improve your credit score over time, and eliminates other avenues for identity thieves to use.

More information:


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.