How Predictor-Consequence Relationships Vary Across Identity Theft Subtypes

Abstract

While prior research has examined predictors and consequences of identity theft, minimal scholarship has analyzed whether predictors of financial and emotional harms vary across identity theft subtypes. Using the 2021 NCVS–ITS, this exploratory study tests interactions between seven forms of identity theft and demographic and situational factors to assess their potential moderated effects on out-of-pocket monetary losses and distress following victimization. In addition to identifying significant sociodemographic risk factors underlying more severe outcomes, we find that data breach notifications are associated with reduced distress for victims of misused bank accounts and opening new accounts. Such results indicate that predictors interact with identity theft subtypes in complex ways to shape consequences, revealing context-specific mechanisms of harm that have important implications for policy and practice.

Keywords

identity theft victimization financial losses distress interactions moderators

Introduction

Identity theft victimization is a significant problem in the United States, impacting 9% of American adults in 2021 and resulting in more than $16 billion in losses (Harrell & Thompson, 2023). According to recent data, about 12% of identity theft victims who have had money taken end up paying out-of-pocket losses, while 80% report experiencing distress following victimization (Harrell & Thompson, 2023). Most public knowledge on identity theft victims comes from the nationally representative National Crime Victimization Survey – Identity Theft Supplement (NCVS–ITS) which measures identity theft in its 2021 iteration through five forms of existing account misuse (i.e., banking, credit card, email, social media, and other accounts), opening new accounts in the victim’s name, and other fraudulent misuses of one’s sensitive personal information (U.S. Bureau of Justice Statistics, 2023). As researchers have begun to disaggregate these categories, our knowledge of the predictors and consequences of identity theft subtypes has improved. For example, we know that credit card victimization often produces less severe consequences than other forms of identity theft (Copes et al., 2010; Maher et al., 2025), and that different forms of identity theft carry distinct victimization risks shaped by demographic characteristics such as gender, age, race/ethnicity, and income (Nevin et al., 2025).

Despite past evidence that identity theft’s consequences can vary based on both its subtype and sociodemographic factors (e.g., Copes et al., 2010; Maher et al., 2025; Nevin et al., 2025), scholars have not yet systematically assessed whether risk factors for victimization predict different consequences across the full range of identity theft subtypes. Most previous studies have examined only a limited set of identity theft categories or have combined them together, overlooking that various subtypes can involve different post-victimization processes, including resolution procedures and experiences of ongoing risks depending on the personal information that was compromised.

The current study uses the 2021 NCVS–ITS to explore whether the associations between established individual-level predictors of identity theft victimization and negative consequences are impacted by the forms of identity theft experienced by victims. Specifically, we evaluate whether certain groups (based on different demographic and situational characteristics) are at greater risk of financial and/or emotional harm when victimized by various identity theft subtypes. Our research questions ask: How do different identity theft subtypes interact with individual-level predictors of victimization to shape consequences related to out-of-pocket monetary losses ( RQ1 ) and distress ( RQ2 )? The first outcome highlights that victims of identity theft can incur monetary losses that may not be recovered or reimbursed, while the second outcome acknowledges that there are broader psychosocial consequences (that may also intersect with financial costs). This analysis uses a moderation design to test interactions between seven unique identity theft subtypes and demographic and situational factors to identify potential context-specific mechanisms through which victimization produces different harms; that is, who is most vulnerable, under which subtype, and under what circumstances?

Overall, our research aims to contribute new empirical insights by uncovering factors that may exacerbate the harms experienced by victims for each of the measured identity theft subtypes in the 2021 NCVS–ITS. By better understanding the conditions that can amplify or mitigate harmful outcomes, this research can inform policy that ensures institutional responses provide equitable and accessible responses for victims belonging to vulnerable groups.

Literature Review

Identity theft is broadly defined as the theft and misuse of another person’s private or sensitive information (e.g., legal name, date of birth, address, credit/bank account numbers, usernames/passwords, social security numbers, etc.) for personal gain or to inflict financial and/or emotional harm (see McNally & Newman, 2008; Reynolds, 2023). While identity theft can include the physical appropriation of private documents, personally identifiable information is becoming increasingly accessible in online environments (Holt & Lee, 2022; Lee, 2023). In the United States, the most comprehensive effort to measure identity theft victimization involves the NCVS–ITS. First administered in 2008, the NCVS–ITS now provides self-report estimates of seven distinct forms of identity theft, including the misuse of a (1) credit card, (2) bank account, (3) email account, (4) social media account, and (5) other existing accounts; (6) the opening of new accounts in the victim’s name; and (7) other fraudulent misuses of personal information such as applying for government benefits. The misuse of email and social media accounts were additions to the newest 2021 wave of the NCVS–ITS. Recent estimates indicate that 23.9 million U.S. residents aged 16 years and older were victims of identity theft in 2021, with the most prevalent subtypes being misused credit cards, bank accounts, and email/social media accounts (Harrell & Thompson, 2023). We differentiate these subtypes in our analysis to consider potential variation in their predictors, consequences, and reporting and recovery processes, as supported by the existing literature (e.g., Copes et al., 2010; Maher et al., 2025; Nevin et al., 2025).

In the United States, the victim-support landscape has some general resolution procedures that are available to identity theft victims, including reporting to financial institutions, credit reporting agencies, law enforcement, and government agencies (Identity Theft Resource Center, 2018). Most American victims report to credit card companies or banks (67%), while only about 7% report to the police (Harrell & Thompson, 2023). Since 2015, the Federal Trade Commission has also offered resources through the IdentityTheft.gov website, where victims file an online report about their circumstances and receive a personal recovery plan, alongside tips for immediate and long-term response actions (FTC, n.d.). Most formal assistance in the post-victimization process focuses on addressing financial losses, including disputing fraudulent transactions and correcting credit reports, with relatively limited attention to addressing social and emotional harms. Resolution procedures may also vary depending on the accounts or personal information that is misused; for example, compromised email and social media accounts often require reporting directly to online platforms. As such, the current study considers the diversity of circumstances and harms experienced by victims, suggesting implications for more targeted victim assistance in the United States context.

Predictors of Identity Theft Victimization

Prior research has identified a broad range of sociodemographic and behavioral factors as significant predictors of identity theft victimization. From a demographic perspective, higher income has been consistently associated with heightened risk of experiencing various forms of identity theft victimization (Maher, 2024; Maher et al., 2025; Reyns & Henson, 2016), particularly those involving credit card or bank account misuse (Burnes et al., 2020). Higher levels of education have similarly been found to increase the odds of victimization (Burnes et al., 2020; Maher, 2024; Maher et al., 2025). Age also relates to identity theft victimization, with research finding that older individuals are more vulnerable to credit card-related identity theft, yet are less susceptible to bank account-related victimization (Maher et al., 2025; Nevin et al., 2025). Additionally, individuals who are married have reduced victimization risk, while having a physical or cognitive disability increases the likelihood of victimization (Burnes et al., 2020; Maher, 2024; Maher et al., 2025).

The literature has reported mixed results for race and gender in terms of their relation to different subtypes of identity theft. For example, Harrell and Thompson (2023) found that White individuals have elevated risks of overall identity theft victimization relative to those identifying as non-White, while Burnes et al. (2020) found that their susceptibility is particularly for credit card and bank account misuse. In contrast, other studies have observed that non-White (i.e., Black and Hispanic) individuals have a heightened risk of experiencing misused bank accounts and having new accounts opened in their name (Copes et al., 2010; Hu et al., 2023; Nevin et al., 2025; Reyns & Henson, 2016). Gender effects are also inconsistent. Recent research by Nevin et al. (2025) found that men were more likely to experience credit card-related victimization, whereas women were more likely to experience bank account misuse.

Another aspect of the literature highlights (modifiable) behaviors that can increase or decrease the risk of identity theft victimization (see Berk, 2018). Accordingly, prior research has revealed that frequent online shopping, online banking, and disclosure of personal information online significantly increase the likelihood of being victimized by identity theft by creating greater exposure to potential offenders (Burnes et al., 2020; Reyns & Henson, 2016). However, empirical evidence regarding the efficacy of protective behaviors remains inconclusive. Some protective behaviors, such as shredding documents containing sensitive information and regularly monitoring financial statements and credit reports, have been found to reduce the likelihood of identity theft victimization, while other behaviors such as changing online account passwords are associated with either reduced, unchanged, or even increased victimization risk across these same studies (Burnes et al., 2020; Maher, 2024; Maher et al., 2025). In a similar manner, the use of security software, purchasing credit monitoring services, and enrolling in identity theft insurance predict higher victimization risks (Burnes et al., 2020; Maher, 2024; Maher et al., 2025). Finally, previous research has found that prior victimization by data breaches, hacking incidents, and phishing attacks significantly increases the likelihood of subsequent identity theft victimization (Burnes et al., 2020; Reyns & Henson, 2016).

Identity Theft Consequences

The extant literature demonstrates that identity theft produces a myriad of significant financial, emotional, and social consequences, which reveals the breadth and depth of harms experienced by victims whose incidents are especially intrusive or prolonged. Financial consequences of victimization are most salient in public discourse and policy responses. In 2021, a majority of identity theft victims (58%) had money taken during the victimization, and over 12% of those victims paid out-of-pocket for losses, with an average loss of $790 (Harrell & Thompson, 2023). In addition to the direct financial losses, some victims face additional indirect costs such as legal or banking fees, which are not always reimbursed (Button et al., 2014; Harrell & Thompson, 2023; Identity Theft Resource Center, 2018). Identity theft victimization can also damage victims’ credit, leading to credit denials, increased insurance premiums, and diminished access to other financial resources (Identity Theft Resource Center, 2018).

Furthermore, identity theft victimization is associated with negative psychological and emotional consequences. In 2021, most victims (80%) reported some level of distress following victimization, with almost one-in-ten victims reporting severe distress (Harrell & Thompson, 2023). Identity theft can produce a range of other adverse symptoms, including fear, anger, anxiety, shame, and even suicidal ideation in severe cases (Button et al., 2014; Harrell & Thompson, 2023; Identity Theft Resource Center, 2018). Such consequences may intersect with social harms whereby identity theft disrupts victims’ interpersonal and family lives. Victims may endure reputational damage or face feelings of embarrassment and shame, all of which can produce a profound sense of isolation, erode trust in personal relationships, and compound emotional distress (Button et al., 2014). Relatedly, some victims report experiencing less social support from family members, friends, and employers following their identity theft victimization (Identity Theft Resource Center, 2018). Finally, identity theft victimization can contribute to physical ailments, such as headaches, fatigue, impaired concentration, appetite loss, and disrupted sleep, as well as the recurrence of pre-existing health conditions and the onset of new conditions (Button et al., 2014; Golladay & Holtfreter, 2017; Randa & Reyns, 2020). These findings demonstrate the potential for emotional consequences to cascade into broader health-related harms with meaningful implications for victims’ overall well-being.

It is also important to note that victimization is often experienced as a process whereby harms can emerge or be amplified at different stages from discovery to reporting and remediation (Condry, 2010; Jansen & Leukfeldt, 2018). Qualitative research in the United States and internationally have observed that reporting identity theft victimization can lead victims to feel frustration, disappointment, and distress when institutions fail to assist promptly, refer victims elsewhere, or do not appear to care to investigate cases (Button et al., 2014; Cross et al., 2016; Identity Theft Resource Center, 2018; Reynolds, 2024). Unfortunately, NCVS–ITS data do not enable researchers to isolate whether emotional, social, or physical tolls result from the incident or from reporting experiences as a form of secondary victimization. Collectively, past research illustrates the importance of recognizing the multidimensional nature of identity theft costs to best inform effective responses, assistance programs, and prevention strategies.

Variation in Identity Theft Consequences

Only a few studies have assessed factors that can exacerbate or mitigate consequences in the aftermath of identity theft victimization. Some of this research has provided important insights about the costs associated with certain identity theft subtypes. For instance, credit card misuse has generally been found to engender less severe consequences than other forms, likely due, in part, to the greater ability to recover monetary losses (Copes et al., 2010; Maher et al., 2025). This aligns with recent 2021 NCVS–ITS data showing that while credit card and bank account misuse most often result in money taken from victims, those most likely to actually incur out-of-pocket monetary losses were victims who experienced misuse of their bank accounts and other existing accounts (Harrell & Thompson, 2023).

Distress also varies across identity theft types. According to Harrell and Thompson (2023), only 9.8% of all identity theft victims report severe distress, yet over 10% of victims report severe distress for three identity theft subtypes: opening of new accounts (17.5%), other fraudulent misuses of personal information (13.7%), and bank account misuse (10.7%). Moreover, there is a connection between monetary losses and distress. Randa and Reyns (2020) found that victims who pay out-of-pocket for financial losses had higher odds of reporting moderate or severe distress when compared to victims who reported mild or no distress. Two other recent studies have reinforced that out-of-pocket losses can increase the number of emotional and physical symptoms for identity theft victims who report moderate or severe distress (Maher, 2024; Maher & Hayes, 2024).

Other research has contributed to our understanding of how sociodemographic factors impact identity theft victimization experiences (e.g., DeLiema et al., 2021; Irvin-Erickson, 2024; Maher et al., 2025; Reynolds, 2021). For instance, certain forms of disability are associated with increased risk of severe distress or distress-related symptoms (Irvin-Erickson, 2024; Maher et al., 2025). Furthermore, Reynolds (2021) observed that identity theft victims with higher incomes are less likely to suffer out-of-pocket monetary losses.

However, many of the aforementioned studies examine consequences for smaller subgroups of NCVS–ITS victims. For example, DeLiema et al. (2021) focused on financial and psychological consequences for a sample of victims aged 65 years and older, while other studies analyzed a much smaller subset of victims who report more substantial emotional and physical distress symptoms (Betz-Hamilton, 2022; Maher et al., 2025; Maher & Hayes, 2024).¹ Furthermore, because disaggregating identity theft subtypes into separate models can produce very small samples (see Reynolds, 2021), it is common for scholars to instead combine forms of identity theft, which then limits the ability to make inferences about variation in victim experiences (Holt & Turner, 2012; Randa & Reyns, 2020; Reyns & Henson, 2016).

In sum, past research has found that the costs of identity theft are unequally distributed, and that consequences vary based on the form of identity theft experienced as well as sociodemographic factors. Nonetheless, little is known about whether risk factors for victimization are linked to different consequences across a range of identity theft subtypes, suggesting a gap in the literature that requires a consideration of potential moderators when assessing victim outcomes.

Current Study

This is the first study that systematically examines how the relationship between individual-level predictors of identity theft victimization and financial and emotional costs may vary across all measured identity theft subtypes. Using a nationally representative sample of identity theft victims from the 2021 NCVS–ITS, we investigate two main research questions:

RQ1: How do identity theft subtypes interact with demographic and situational predictors to shape out-of-pocket monetary losses?

RQ2: How do identity theft subtypes interact with demographic and situational predictors to shape emotional distress?

Our goal is to explore potential moderators that can provide a deeper understanding of variation in victims’ experiences of negative consequences. For example, we assess whether levels of income impact the financial consequences for victims of misused bank accounts or credit cards. Based on past research (e.g., Reynolds, 2021), we hypothesize that higher levels of income will protect against out-of-pocket losses for forms of identity theft related to financial institutions, but the association between income and monetary losses may differ for other subtypes. Additionally, we expect that experiencing out-of-pocket losses will also heighten distress for victims of misused credit card and bank account subtypes, underscoring the importance of addressing financial harms to improve the general recovery experience of identity theft victims.

Uncovering significant interaction effects and linking them to underlying mechanisms offers practical value. Evidence that certain groups experience more severe consequences following distinct forms of identity theft can clarify their differing impacts on financial or emotional costs. Such insights can inform targeted support strategies, address inequalities in access to victim assistance services, and guide prevention or intervention efforts tailored to specific subtypes and at-risk populations, while creating new opportunities to support victim recovery. They may also help refine policies related to data breach notifications, including by identifying the subtypes for which notifications most effectively mitigate distress by reducing uncertainty or providing actionable steps to prevent further victimization.

Given the comprehensive moderation structure that we are testing in our analyses, we provide Figure 1 as a summary of the variables included in the models, including specifying the focal relationships between the seven identity theft subtypes and the two distinct outcomes, as well as differentiating our moderators and control variables.

Figure 1.

Summary of moderation analyses.

Methodology

Data

The current study analyzes data from the 2021 NCVS–ITS, which is a cross-sectional nationally representative sample of U.S. residents aged 16 years and older who have self-reported victimization by any form of identity theft. Our analytic sample includes 8,254 victims who experienced any of the measured identity theft subtypes, including the misuse of existing (1) bank accounts, (2) credit cards, (3) email accounts, (4) social media accounts, and (5) other existing accounts; (6) opening of new account(s) in the victim’s name; and (7) other fraudulent misuses of the victim’s personal information. The final sample size results from listwise deletion procedures whereby cases were excluded from the analyses if they contained missing data on any variables included in the models. To adjust for sampling biases, descriptive statistics were weighted with the NCVS–ITS person-weighting procedure to match the characteristics of the U.S. general population by accounting for unequal probabilities of selection into the sample (see Table 1).

Table 1.

Descriptive Statistics (N = 8,254).

Variables	% or M (SD)	Range
Out-of-pocket monetary losses
No $ losses	89.1%
Any $ losses	10.9%
Distress
Not at all	20.6%
Mild	46.5%
Moderate	23.4%
Severe	9.5%
Misuse of bank account	31.2%
Misuse of credit card	37.6%
Misuse of email account	9.2%
Misuse of social media account	17.4%
Other account misuse	10.7%
Opening of new account(s)	6.4%
Other fraud involving personal information	8.9%
Prior identity theft victimization (outside of past year)	18.1%
Breach notification (within in past year)	24.5%
Routine Protective Behaviors Scale	0.55 (0.33)	0–1
Purchase Protective Behaviors Scale	0.09 (0.25)	0–1
Offender known	5.5%
Gender
Men	45.9%
Women	54.1%
Age (years)	48.19 (17.06)	16–90
Marital status
Not married	48.4%
Married	51.6%
Household income
Below $25,000	12.2%
$25,000–$49,999	17.5%
$50,000–$74,999	16.9%
$75,000–$99,999	15.7%
$100,000 or more	37.9%
Education
Less than high school graduate	5.2%
High school graduate	18.5%
Some post-secondary education	18.7%
Post-secondary graduate	38.3%
Advanced degree graduate	19.2%
Race/ethnicity
White	70.6%
Black	10.7%
Hispanic or Latinx	11.5%
Other	7.3%
Disability	15.3%

Note. Values are weighted using the NCVS–ITS person-weighting procedure.

Measures

Our main dependent variables reflect important financial and psychosocial consequences of identity theft victimization. RQ1 assesses the various impacts of different subtypes of victimization on Out-of-Pocket Monetary Losses while considering interactions with important demographic and situational predictors. This dichotomous variable is coded with two categories (0 = No $ Losses and 1 = Any $ Losses). RQ2 examines Distress as another outcome, which is captured in a question that asks respondents “How distressing was the misuse of your personal information to you?”. This ordinal variable is coded into four ranked categories: 0 = Not at all, 1 = Mild, 2 = Moderate, and 3 = Severe. We opted to measure distress with this holistic question rather than using a symptom-based measure because the NCVS–ITS items for distress symptoms are follow-up questions only asked to respondents who report moderate or severe distress, which would exclude many relevant cases who report lower levels of distress.² It is important to note that these outcome variables derive from NCVS–ITS instructions that specify that the respondent is considering their most recent victimization incident within the survey reference period.

To address both research questions, we included the seven forms of identity theft found in the NCVS–ITS as our focal independent variables. Respondents indicated whether they were victimized within the past year for each of the subtypes (0 = No, 1 = Yes), which involve either the unauthorized misuse or attempted misuse of the victim’s personal information for a variety of purposes. Five forms of victimization involve the misuse of existing accounts without the respondent’s permission: Misuse of Bank Account (including checking or savings), Misuse of Credit Card, Misuse of Email Account, Misuse of Social Media Account, and Other Account Misuses (which includes other existing accounts such as utilities, online payment, insurance, telecommunications, entertainment, etc.). Opening of New Account(s) is based on a question that asked about someone using or attempting to use the victim’s personal information to open any new accounts (e.g., phone, credit card, bank, loans, online payment, etc.). Finally, Other Fraud Involving Personal Information (or simply Other Fraud) captures unauthorized uses of personal information for some other fraudulent purpose such as getting medical care, a job, or government benefits; renting an apartment or house; misidentifying oneself to the police, or something else.

To explore the interactions between various identity theft experiences and important individual-level predictors, we positioned a selection of sociodemographic and situational factors as potential moderators in the regression analyses. Gender is a dichotomous variable coded as 0 = Men and 1 = Women. Age is a continuous variable coded in years from age 16 to 90 years. Household income represents an ordinal measure of household income using the following five categories: 0 = Below $25,000, 1 = $25,000 to $49,999, 2 = $50,000 to $74,999, 3 = $75,000 to $99,999, and 4 = $100,000 or more. Race/Ethnicity measures the respondents’ self-identification based on four categories (0 = White, 1 = Black, 2 = Hispanic or Latinx, and 3 = Other). The final demographic moderator is self-identified Disability (0 = No, 1 = Yes). In terms of situational predictors, we tested the potential moderated effects of Prior Identity Theft Victimization outside the past year and Breach Notification within the past year, which are both coded as 0 = No and 1 = Yes. The former considers any of the identity theft subtypes, while the latter asks about receiving a notice from a public or private institution about the compromising of one’s personal information. For RQ2, we also assessed Out-of-Pocket Monetary Losses as another moderator.

Lastly, we included a set of control variables in all regression models.³ Marital Status is coded as 0 = Not Married and 1 = Married. Education is measured with five categories (0 = Less than High School Graduate, 1 = High School Graduate, 2 = Some Post-Secondary Education, 3 = Post-Secondary Graduate, 4 = Advanced Degree Graduate). Offender Known captures whether the victim knew or learned anything about the person who procured or misused their personal information (0 = No, 1 = Yes). We also constructed two scales for protective actions taken in the past 12 months to minimize the risk of victimization, while ensuring that such scales excluded actions taken in response to a recent victimization (see Burnes et al., 2020).⁴ Routine Protective Behaviors Scale averaged together five dichotomous items (i.e., checked credit report, checked banking or credit card statements for unfamiliar charges, changed a password on any financial accounts, destroyed documents containing identifying information, and used security software to protect against credit card theft; α = .71). Purchase Protective Behaviors Scale averaged together two dichotomous items (i.e., purchased credit monitoring services or identity theft insurance and purchased identity theft protection services; α = .63).

Analytical Strategy

Using Stata18, we performed multiple regression techniques to assess the consequences experienced by victims (N = 8,254). For RQ1, we conducted a logistic regression to predict the log-odds of having any out-of-pocket monetary losses (vs. the reference group composed of victims who did not have losses). For RQ2, we employed a proportional odds (or ordered logistic regression) model to estimate the log-odds of being in higher vs. lower categories of distress. Specifically, the model estimates the cumulative odds of being in a given distress category or in any higher ranked distress category. For both analyses, we report coefficients as odds ratios (OR) and discuss estimated effects of predictors while holding constant other variables in the models.

Baseline regression analyses involve a full model containing all individual predictor variables which are predicting outcomes of out-of-pocket monetary losses (Table 2) and distress (Table 4). After performing these baseline analyses, we estimated separate models for interactions involving each of the potential moderators (i.e., gender, age, income, race/ethnicity, disability, prior identity theft victimization, breach notification, and monetary losses for RQ2), while controlling for all aforementioned independent and control variables. In other words, we analyzed a separate model for all gender interactions (e.g., Misuse of Bank Account × Gender, Misuse of Credit Card × Gender, etc.), for all age interactions, and for all others according to this pattern. Table 3 summarizes the statistically significant interactions between identity theft subtypes and the potential moderators when predicting out-of-pocket monetary losses, while Table 5 summarizes the significant interactions when predicting levels of distress. Results for each of the regression analyses included within the summary tables are available upon request. The aforementioned Figure 1 offers a visual representation of the moderation analysis and the role played by each of the included variables.

Table 2.

Logistic Regression Predicting Out-of-Pocket Monetary Losses (N = 8,254).

Predictors	Odds ratios	SE
Misuse of bank account (vs. No)	3.448***	0.331
Misuse of credit card (vs. No)	2.100***	0.207
Misuse of email account (vs. No)	1.184	0.175
Misuse of social media account (vs. No)	0.705**	0.095
Other account misuse (vs. No)	3.167***	0.364
Opening of NEW ACCount(s) (vs. No)	1.141	0.189
Other fraud involving personal information (vs. No)	1.071	0.183
Prior identity theft victimization (vs. No)	0.921	0.097
Breach notification (vs. No)	0.824	0.082
Routine Protective Behaviors Scale	0.500***	0.063
Purchase Protective Behaviors Scale	1.232	0.213
Offender known (vs. No)	3.225***	0.402
Gender (vs. Men)
Women	1.154	0.092
Age	1.000	0.002
Marital status (vs. Not Married)
Married	0.960	0.083
Household income (vs. Below $25,000)
$25,000–$49,999	0.888	0.111
$50,000–$74,999	0.606 ***	0.084
$75,000–$99,999	0.645**	0.095
$100,000 or more	0.524***	0.072
Education (vs. Less than high school graduate)
High school graduate	0.891	0.151
Some post-secondary education	0.911	0.156
Post-secondary graduate	0.743	0.124
Advanced degree graduate	0.685*	0.129
Race/ethnicity (vs. White)
Black	1.589***	0.190
Hispanic or Latinx	1.244	0.162
Other	1.134	0.185
Disability (vs. No)	1.299**	0.129
Constant	0.091***	0.022
McFadden Pseudo R² = .116

Note. Regression is predicting log-odds of Any $ Losses vs. No $ Losses (reference category). Coefficients are presented as odds ratios (exponentiated log-odds).

p < .05. **p < .01. ***p < .001.

Table 3.

Logistic Regressions Predicting Out-of-Pocket Monetary Losses – Summary of Significant Interactions (N = 8,254).

Predictors	Odds ratios	SE
Misuse of email account × ________
Age	1.022*	0.009
Other account misuses × ________
Disability (vs. No)	0.379**	0.111
Other fraud involving personal information × ________
Disability (vs. No)	2.421*	0.922
Household income (vs. below $25,000)
$25,000–49,999	0.458	0.231
$50,000–$74,999	0.329*	0.183
$75,000–$99,999	0.238*	0.155
$100,000 or more	0.170**	0.091

Note. The interactions between identity theft subtype and each focal predictor were assessed in separate models. Models contain all identity theft subtypes, prior identity theft victimization, breach notification, routine protective behaviors scale, purchase protective behaviors scale, offender known, gender, age, marital status, income, education, race, disability, and interactions for the focal predictor (e.g., disability) and all identity theft subtypes. Coefficients are presented as odds ratios (exponentiated log-odds).

p < .05. **p < .01. ***p < .001.

Table 4.

Proportional Odds Regression Predicting Distress (N = 8,254).

Predictors	Odds ratios	SE
Misuse of bank account (vs. No)	1.829***	0.111
Misuse of credit card (vs. No)	1.286***	0.075
Misuse of email account (vs. No)	1.590***	0.120
Misuse of social media account (vs. No)	0.868*	0.056
Other account misuse (vs. No)	1.359***	0.102
Opening of new account(s) (vs. No)	2.225***	0.199
Other fraud involving personal information (vs. No)	2.228***	0.179
Prior identity theft victimization (vs. No)	1.208***	0.065
Breach notification (vs. No)	1.239***	0.061
Routine Protective Behaviors Scale	0.597***	0.041
Purchase Protective Behaviors Scale	1.015	0.088
Offender known (vs. No)	2.211***	0.214
Out-of-pocket monetary losses (vs. No $ losses)
Any $ losses	2.140***	0.158
Gender (vs. Men)
Women	1.440***	0.061
Age	1.015***	0.001
Marital status (vs. Not Married)
Married	1.047	0.048
Household income (vs. Below $25,000)
$25,000-$49,999	0.881	0.073
$50,000-$74,999	0.877	0.074
$75,000-$99,999	0.896	0.079
$100,000 or more	0.767**	0.063
Education (vs. Less than high school graduate)
High school graduate	1.162	0.132
Some post-secondary education	1.192	0.136
Post-secondary graduate	1.207	0.133
Advanced degree graduate	1.150	0.134
Race/ethnicity (vs. White)
Black	1.064	0.082
Hispanic or Latinx	1.107	0.086
Other	1.034	0.091
Disability (vs. No)	1.344***	0.082
McFadden Pseudo R² = .049

Note. The proportional odds model estimates the cumulative odds at each threshold (i.e., the odds of being in higher vs. lower distress categories). Coefficients are presented as odds ratios (exponentiated log-odds).

p < .05. **p < .01. ***p < .001.

Table 5.

Proportional Odds Regressions Predicting Distress – Summary of Significant Interactions (N = 8,254).

Predictors	Odds ratios	SE
Misuse of bank account × ________
Household income (vs. Below $25,000)
$25,000–49,999	1.630*	0.361
$50,000–$74,999	1.415	0.307
$75,000–$99,999	1.750*	0.411
$100,000 or more	1.650*	0.321
Breach notification (vs. No)	0.721*	0.094
Misuse of credit card × ________
Race/ethnicity (White)
Black	2.045***	0.414
Hispanic/Latinx	1.006	0.226
Other	0.772	0.195
Misuse of email account × ________
Age	1.010*	0.005
Other account misuses × ________
Age	1.013**	0.005
Household income (vs. Below $25,000)
$25,000-49,999	1.774*	0.511
$50,000-$74,999	1.001	0.283
$75,000-$99,999	1.477	0.438
$100,000 or more	1.159	0.295
Opening of new account(s) × ________
Race/Ethnicity (vs. White)
Black	2.027*	0.563
Hispanic/Latinx	0.984	0.333
Other	0.653	0.222
Breach notification (vs. No)	0.564**	0.180
Other fraud involving personal information × ________
Disability (vs. No)	2.421*	0.922
Race/ethnicity (vs. White)
Black	1.944*	0.592
Hispanic/Latinx	1.433	0.444
Other	1.113	0.387

Note. The interactions between identity theft subtype and each focal predictor were assessed in separate models. Models contain all identity theft subtypes, prior identity theft victimization, breach notification, routine protective behaviors scale, purchase protective behaviors scale, out-of-pocket monetary losses, offender known, gender, age, marital status, income, education, race, disability, and interactions for the focal predictor (e.g., disability) and all identity theft subtypes. Coefficients are presented as odds ratios (exponentiated log-odds).

p < .05. **p < .01. ***p< .001.

Results

We describe our sample of identity theft victims in terms of their victimization experiences, outcomes, and demographic and situational characteristics (see Table 1). For reference, the most common identity theft subtypes were misused credit cards (37.6%), misused bank accounts (31.2%), and misused social media accounts (17.4%). Among these victims, 18.1% also experienced an identity theft incident outside the past year. In terms of the consequences of identity theft victimization, we found that 10.9% of victims reported any out-of-pocket monetary losses, while 79.4% of victims reported some level of emotional distress.

RQ1: Predicting Out-of-Pocket Monetary Losses

Our first research question examined whether reporting out-of-pocket monetary losses differs based on the intersections between various identity theft subtypes and important demographic and situational variables. Table 2 presents the results of a baseline logistic regression predicting monetary losses. While controlling for all other variables, we found that four of the seven forms of identity theft significantly influence the odds of reporting monetary losses (vs. no losses). The odds of losses are estimated to strongly increase for misuse of bank accounts (OR = 3.45, p < .001), misuse of other existing accounts (OR = 3.17, p < .001), and misuse of credit cards (OR = 2.10, p < .001). Only misuse of social media accounts is estimated to modestly decrease the odds of reporting monetary losses by 29% (OR = 0.71, p < .001). Other significant positive and negative coefficients align with those previously explored in the literature. Variables estimated to increase the odds of monetary losses include: offender known (yes vs. no), race/ethnicity (Black vs. White), and disability (yes vs. no). Conversely, variables estimated to decrease the odds include: higher scores on the routine protective behaviors scale, several higher categories of household income (vs. below $25,000), and having the highest level of education (vs. less than high school graduate).

The current study’s empirical contribution emphasizes the examination of potential moderators of the relationship between various forms of identity theft and out-of-pocket monetary losses, while controlling for all other variables (RQ1). Accordingly, Table 3 summarizes the results of logistic regression analyses containing interaction terms for the focal moderators. The presence of significant interactions demonstrates that the odds of reporting monetary losses are impacted by subgroup differences or additional factors. Notably, misuse of email accounts is estimated to increase the odds of monetary losses (vs. no losses) by 2.2% for every one-year increase in age (p < .05), which is a small incremental effect per unit but may translate into greater cumulative differences in losses across larger age gaps. We also found that an interaction of Other Fraud Involving Personal Information × Disability is significant, indicating that the estimated effect of experiencing other forms of fraud on the odds of reporting monetary losses is 2.42 times higher for victims who have a disability compared to those who do not have a disability (p < .05). While neither other fraud nor disability have significant independent effects, their significant interaction indicates a meaningful combined effect whereby individuals who have a disability and experience other fraud involving personal information have higher odds of reporting monetary losses than would be expected from either variable alone.

On the other hand, several interaction terms have coefficients indicating reduced odds of reporting monetary losses. First, the impact of other account misuse on monetary losses differs by disability status. While victims of other account misuses are estimated to have much higher odds of reporting a loss (OR = 3.82, p < .001), this effect is significantly weaker among those with a disability. Specifically, the increase in odds associated with this identity theft subtype is 62% smaller for victims with a disability compared to those without a disability (interaction OR = 0.38, p < .01). In other words, having a disability weakens the positive association between misused other accounts and monetary loss. We also found that the estimated effect of other frauds involving personal information on monetary losses varies by household income. This subtype of victimization still independently increases the odds of monetary losses (OR = 2.92, p < .01), but the magnitude of this increase is progressively weaker for victims in higher income categories. Compared to victims of other frauds with incomes below $25,000 (reference group), the odds of monetary losses is reduced by 67% for those in households earning $50,000–$74,999 (interaction OR = 0.33, p < .05), by 76% for those earning $75,000–$99,999 (interaction OR = 0.24, p < .05), and by 83% for those earning $100,000 or more (interaction OR = 0.17, p < .01). These findings suggest that there is generally a large moderating effect of income on the focal relationship between other fraud victimization and monetary losses.

RQ2: Predicting Distress

Table 4 presents the results of a baseline proportional odds regression that predicts distress. While controlling for all other variables, we found that six forms of identity theft are significantly associated with increased cumulative odds of being in higher versus lower distress categories (ranging from OR = 1.29 to 2.23, all p < .001), whereas only one subtype (i.e., misuse of social media account) is associated with lower cumulative odds (OR = 0.87, p < .05). Other variables that are estimated to increase the cumulative odds of being in a higher distress category are: out-of-pocket monetary losses (OR = 2.14, p < .001), prior identity theft victimization (yes vs. no), breach notification (yes vs. no), offender known (yes vs. no), women (vs. men), increasing age, and disability (yes vs. no). Conversely, variables that decrease the cumulative odds are: scoring higher on the routine protective behavior scale and having a household income of $100,000 or more (vs. below $25,000).

To specifically address RQ2, we investigated potential moderators of identity theft subtypes on reported levels of emotional distress (Table 5). There are significant interaction terms involving six of the seven forms of identity theft, while misuse of social media accounts does not have any significant interactions. Additionally, contrary to our expectations, having out-of-pocket monetary losses does not moderate any of the associations between victimization subtypes and distress.

First, we found that victims of misused bank accounts generally experience increased cumulative odds of being in a higher distress category (vs. a lower distress category), but this estimated effect differs based on household income levels and receipt of a breach notification. In most cases, earning a higher income produces a stronger positive association between bank account victimization and distress. Compared to bank account victims whose households earn below $25,000, we observed increased cumulative odds of higher distress for those whose households earn $25,0000 to 49,999 (interaction OR = 1.63, p < .05), $75,000 to 99,999 (interaction OR = 1.75, p < .05), and $100,000 or more (interaction OR = 1.65, p < .05). Then, the significant interaction between Misuse of Bank Account × Breach Notification indicates that there is also a weaker estimated effect of this identity theft subtype on distress when the victim has received a notification that their personal information has been compromised in a data breach (interaction OR = 0.72, p < .05). Although misused bank accounts (OR = 2.03, p < .001) and breach notifications (OR = 1.56, p < .001) are each associated with greater cumulative odds of higher distress, this increase in cumulative odds among bank account victims is modestly (28%) smaller for those who received a breach notification (vs. those who did not receive a notification).

Second, we observed only race/ethnicity to be a significant moderator of the association between misuse of credit cards and distress. Specifically, the positive association between credit card victimization and distress is substantially stronger for Black respondents than for White respondents (interaction OR = 2.05, p < .001). This is important considering that this form of identity theft independently increases the cumulative odds of being in a higher distress category (OR = 1.22, p < .01) and that Black respondents independently have lower cumulative odds of higher distress compared to White respondents (OR = 0.66, p < .05). However, upon experiencing credit card misuse, the distress gap reverses: Black respondents who are not credit card victims have the lowest predicted distress, but Black victims of misused credit cards have the largest predicted increase in distress relative to their racial/ethnic peers.

Third, the significant interaction for Misuse of Email Account × Age (OR = 1.010, p < .05) indicates that the positive association between email account misuse and distress becomes stronger as age increases. For each additional year of age, the cumulative odds of being in a higher distress category increases by 1% for email misuse victims (vs. non-victims). Although the independent effect of email misuse is not statistically significant, we observed that age also independently raises the cumulative odds of being in a higher distress category (OR = 1.013, p < .001). This pattern overall suggests that the harmful effect of email account misuse amplifies alongside increasing age, such that older adults who experience this identity theft subtype report higher distress compared both to younger victims and to older non-victims.

Fourth, we found that the association between misused other accounts and distress is moderated by both age and household income, with each showing coefficients that indicate increased cumulative odds of reporting higher distress. There is a stronger effect of age on distress for respondents who have been victimized by the misuse of other existing accounts than by those who have not (interaction OR = 1.013, p < .01). The moderating effect of age appears small on a per-year basis, but it represents a stronger effect as we consider larger age gaps. For household income, the positive association between other account misuse and distress is moderately stronger only for households earning $25,000 to 49,000 compared to those earning below $25,000 (interaction OR = 1.77, p < .05).

Fifth, opening of new accounts in the victim’s name has two significant interaction terms when predicting distress: race/ethnicity and breach notification. Black victims of this identity theft subtype are estimated to have increased cumulative odds of being in a higher distress category compared to White victims of newly opened accounts. In other words, the positive association between opening new accounts and distress is meaningfully stronger for Black respondents than for White respondents (interaction OR = 2.03, p < .05). We also found that there is a modestly weaker estimated effect of receiving a breach notification on distress for victims of newly opened accounts compared to non-victims of this subtype (interaction OR = 0.56, p < .01). Ultimately, new account victimization and breach notifications both independently increase the cumulative odds of higher distress, but this increase among these victims is approximately 44% smaller for the notified (vs. the non-notified).

Finally, our regression analyses predicting distress revealed two significant interaction terms with other frauds involving personal information. Victims of this identity theft subtype who have a disability are estimated to have increased cumulative odds of being in a higher distress category compared to those who do not have a disability (interaction OR = 2.42, p < .05). So, the positive effect of other fraud on distress is much stronger for victims who have a disability. Race/ethnicity is another moderator; specifically, the positive association between other frauds and distress is notably stronger for Black victims than for White victims of this form of identity theft. That is, the strength of the focal association is almost twice as large for Black victims (interaction OR = 1.94, p < .05).

Discussion

The current study has contributed to the extant literature by exploring how identity theft consequences, specifically out-of-pocket monetary losses (RQ1) and emotional distress (RQ2), are shaped by the intersection between various forms of victimization and individual-level predictors. By testing interaction effects with a full range of identity theft subtypes, we have revealed unique factors that exacerbate and mitigate such consequences depending on which forms of identity theft are experienced by victims. Alongside explaining our findings in the context of existing knowledge about identity theft, we will discuss their implications for policy, practical recommendations, and future research.

To summarize our results, five variables had significant interactions with identity theft types to differentially predict consequences (see Figure 2 below for a graphical summary of the findings from the moderation analyses for each outcome). First, we observed that increases in age are associated with higher odds of reporting both out-of-pocket monetary losses and greater distress for victims of misused email accounts, while older victims of misused other accounts are also more susceptible to heightened feelings of distress. Second, individuals identifying with a disability face lower odds of out-of-pocket losses when victimized by other (existing) account misuse, but have higher odds of losses when their personal information was misused for other fraudulent purposes such as getting medical care, a job, or government benefits. Disability status is also associated with a greater risk for increased distress for victims who experience such other fraudulent misuses of their information. Third, compared to household incomes below $25,000, victims in income categories of $50,000 and above are less likely to incur monetary losses following other fraudulent misuses of personal information. Relative to the same reference category, household incomes of $25,000 to $49,999, $75,000 to $99,999, and $100,000+ are associated with increased odds of experiencing greater distress for the victims of misused bank accounts, while incomes of $25,000 to $49,999 also predict higher levels of distress following other existing account misuses. Fourth, race/ethnicity is another important moderator, revealing that Black victims are estimated to experience more harmful distress consequences than White victims for three identity theft subtypes: the misuse of credit cards, opening of new accounts in one’s name, and other fraudulent misuses of personal information. Finally, we observed that receiving a breach notification is associated with reduced distress for only victims of misused bank accounts and new account openings.

Figure 2.

Summary of findings.

Ultimately, these findings highlight that identity theft produces unequal consequences across sociodemographic groups. For example, we found that older individuals are more at risk of experiencing out-of-pocket losses and a greater risk of increased distress when victimized by email account misuse. This is a result that can inform targeted awareness campaigns by tailoring messaging to older adults with advice on how to prevent and respond to email misuse. Next, we emphasize our results indicating that individuals with disabilities tend to suffer more substantial out-of-pocket losses and distress when victimized by other fraudulent misuses of personal information. In 2021, over 80% of victims of this subtype reported that the incident involved their personal information being misused to apply for government benefits (Harrell & Thompson, 2023). As such, agencies offering government benefits should investigate whether individuals with disabilities are disproportionately impacted and should, accordingly, ensure their victim assistance practices provide accessible support and remediation. Another inequality uncovered from our study is that Black victims are more likely to experience higher levels of distress following victimization from misused credit cards, opening of new accounts, and other fraudulent misuses of personal information. Such results build on recent research documenting race-based disparities in victimization across different classes of identity theft (Nevin et al., 2025) and similarly suggest that assisting institutions should review internal policies to determine whether they provide equitable assistance to marginalized groups. Victim assistance providers, including financial institutions, law enforcement, and other private entities could provide more counseling resources to manage distress, and should ensure their responses are culturally responsive and trauma-informed to avoid causing additional distress. In other words, we need to ensure that institutional responses to identity theft victimization do not reinforce social inequalities or disadvantage vulnerable groups in their attempts to resolve their identity theft incidents, to recuperate losses, or to overcome feelings of distress.

The current study’s findings related to distress could also be situated within literature on coping mechanisms. Lazarus and Folkman (1984) propose a processual approach to coping, whereby distress relates to individual’s evaluations of harmful incidents, as well as to the behavioral and cognitive coping options available to them. In the case of identity theft, many victims attempt to mitigate harm by reporting their victimization to relevant institutions such as financial institutions and/or law enforcement, which represents a behavioral coping strategy (Jansen & Leukfeldt, 2018). However, reporting may involve repeated contact and administrative burdens that can contribute to or exacerbate distress (Jansen & Leukfeldt, 2018). Understanding this possibility requires contextual analyses of stressful incidents and coping responses (Lazarus & Folkman, 1984), which suggests that future research would benefit from qualitative approaches that examine how victims belonging to different groups experience and navigate the post-victimization process.

Another important consideration is that interacting with institutions to resolve identity theft and fraud incidents can increase distress, including when victims perceive that the institutions are failing to assist in a timely manner, failing to investigate cases, or referring victims elsewhere (e.g., Button et al., 2014; Cross et al., 2016; Identity Theft Resource Center, 2018; Reynolds, 2024). This aligns with the “institutional betrayal” perspective, which explains how trusted institutions can produce harm to those relying on them for support (see Christl et al., 2024; Smith & Freyd, 2014). While this perspective has been traditionally used as a lens to examine trauma following violence and abuse, it has recently been applied to other harms in recent years, including in healthcare and university settings (Christl et al., 2024). We note that institutional betrayal may also be useful in the context of understanding institutional actions and inactions in the aftermath of identity theft victimization. For example, emotional harms could be worsened by feelings that the police, financial institutions, or credit reporting agencies did not do enough to protect victims, or from disappointment in their implemented responses to victim reports.

Unfortunately, this study cannot offer direct tests of institutional betrayal theory or coping perspectives in part due to methodological limitations in evaluating the time ordering of two key variables. First, the self-reported measure of distress in the NCVS–ITS does not specify a time frame, and it is likely that both the incident itself and institutional responses would have an impact on reported levels of distress. As such, we cannot assess the ordering of victimization, level of distress, and reporting, especially with cross-sectional data. Second, the breach notification variable asks respondents if they had been notified of a data breach involving their personal information in the past 12 months, which means that it is unclear whether the breach occurred before, after, or concurrent to their identity theft victimization.

Despite these limitations, our findings related to data breach notifications are significant and have practical implications. Although receiving a data breach notification has an independent effect whereby it increases the odds of experiencing greater distress, such notifications appear to reduce distress for victims of bank account misuse and new account opening(s), even when controlling for whether victims paid out-of-pocket losses. The effectiveness of breach notifications in these cases may be because recipients gain knowledge about how their information was compromised and potentially receive instructions for managing associated risks. Indeed, past scholarship has suggested that uncertainty about how one’s information was compromised may produce or exacerbate distress (Reynolds, 2024). Our findings related to data breach notifications may also fit with coping perspectives if receiving a notification informs a victim’s appraisal of events and their evaluations of possible solutions (see Lazarus & Folkman, 1984). Ultimately, given that different forms of identity theft can result from a single incident of compromised data, these findings lend support for a broad implementation of data breach notifications to minimize distress outcomes.

Nonetheless, future research is needed to better understand the precise mechanisms behind the significant moderators identified in this exploratory study. Dedicated surveys could be designed to better assess the time ordering of victimization, reporting, and distress, or they could specifically measure institutional harm through instruments like the Institutional Betrayal Questionnaire (Smith & Freyd, 2013). Qualitative research could be especially helpful for identifying the mechanisms behind the differential experiences of consequences by victims of different identity theft subtypes. For example, scholars could interview victims to try to clarify the context-specific mechanisms that prompt certain groups to face greater financial harms and emotional distress following victimization by particular forms of identity theft. Another area of future research should address a NCVS–ITS limitation whereby the outcome variables for out-of-pocket losses and distress derive from instructions that ask the respondent to consider their most recent victimization incident within the reference period. As a result, these measures reflect incident-specific consequences and do not capture the nuance of cumulative harms facing the small group of individuals who have been victimized by multiple forms of identity theft. Future scholarship should therefore draw on alternative data sources to assess whether our significant moderators (and associated underlying mechanisms) operate differently among multi-victims.

In conclusion, this study demonstrates that different forms of identity theft can generate varied patterns of financial and emotional harms depending on victims’ sociodemographic characteristics and other situational factors. Specifically, our moderation analyses revealed that some groups are more at risk of particularly adverse consequences when facing specific identity theft subtypes. This suggests that resources for supporting victim recovery should likewise reflect the distinct risks and costs associated with specific identity theft subtypes. Our findings also offer a starting point for understanding how breach notification policies and other institutional responses can mitigate distress following victimization. Overall, future research should continue to investigate the mechanisms behind variations in identity theft consequences to better inform practical and policy approaches that are both effective and equitable.

Footnotes

Acknowledgements

We thank the Guest Editor, Dr. Fangzhou Wang, and the anonymous reviewers for their helpful feedback that improved our manuscript.

ORCID iDs

Andrew D. Nevin

Dylan Reynolds

Jin R. Lee

Funding

The authors received no financial support for the research, authorship, and/or publication of this article.

Declaration of Conflicting Interests

The authors declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Notes

Author Biographies

Andrew D. Nevin is an Assistant Professor in the Department of Sociology and Anthropology at the University of Guelph. He conducts research in the areas of cyber-criminology and digital sociology, including topics of online offending, digital inequalities, and other social implications of technological development.

Dylan Reynolds is an Assistant Professor of Sociology in the Department of L’nu, Political, and Social Studies at Cape Breton University. His research interests relate to crime, victimization, and social inequalities.

Jin R. Lee is an Assistant Professor in the Department of Criminology, Law, and Society at George Mason University. His research interests are in cybercrime, online interpersonal violence, cybersecurity, cyberpsychology, computer-mediated communications, and big data.

Selimul Quader is a Doctoral Student in the Department of Criminology, Law, and Society at George Mason University. His research interests include interpersonal cybercrime, organized cybercrime, financial cybercrime, cyberterrorism, and cyberpolicing.

References

Berk

(2018). A primer on criminal justice risk assessments. Transnational Criminology, 15, 8–10.

Betz-Hamilton

(2022). A comparison of the financial, emotional, and physical consequences of identity theft victimization among familial and non-familial victims. Journal of Financial Counselling and Planning, 33(2), 217–227.

Burnes

DeLiema

Langton

(2020). Risk and protective factors of identity theft victimization in the United States. Preventative Medicine Reports, 17, 1–8.

Button

Lewis

Tapley

(2014). Not a victimless crime: The impact of fraud on individual victims and their families. Security Journal, 27, 36–54.

Christl

M.-E.

Pham

K.-C. T.

Rosenthal

DePrince

A. P.

(2024). When institutions harm those who depend on them: A scoping review of institutional betrayal. Trauma, Violence, & Abuse, 25(4), 2797–2813.

Condry

(2010). Secondary victims and secondary victimization. In Shoham

S. G.

Knepper

Kett

(Eds.), International handbook of victimology (1st ed., pp. 219–249). Routledge.

Copes

Kerley

K. R.

Huff

Kane

(2010). Differentiating identity theft: An exploratory study of victims using a national victimization survey. Journal of Criminal Justice, 38(5), 1045–1052.

Cross

Richards

Smith

(2016). Improving responses to online fraud victims: An examination of reporting and support (Report for Criminology Research Advisory Council). Australian Institute of Criminology.

DeLiema

Burnes

Langton

(2021). The financial and psychological impact of identity theft among older adults. Innovation in Aging, 5(4), 1–11.

10.

FTC. (n.d.). Federal Trade Commission: IdentityTheft.gov. https://www.identitytheft.gov/

11.

Golladay

Holtfreter

(2017). The consequences of identity theft victimization: An examination of emotional and physical health outcomes. Victims & Offenders, 12(5), 741–760.

12.

Harrell

Thompson

(2023). Victims of identity theft, 2021 (NCJ 306474; Issue NCJ 306474). Bureau of Justice Statistics. https://bjs.ojp.gov/document/vit21.pdf

13.

Holt

T. J.

Lee

J. R.

(2022). A crime script analysis of counterfeit identity document procurement online. Deviant Behavior, 43(3), Article 3.

14.

Holt

T. J.

Turner

M. G.

(2012). Examining risks and protective factors of on-line identity theft. Deviant Behavior, 33(4), 308–323.

15.

Lee

J.-S.

Lovrich

N. P.

(2023). Do commonly recommended preventive actions deter identity theft victimization? Findings from NCVS identity theft surveys. Journal of Crime and Justice, 46(2), 172–193.

16.

Identity Theft Resource Center. (2018). Identity theft: The aftermath 2017. https://www.idtheftcenter.org/wp-content/uploads/images/page-docs/Aftermath_2017.pdf

17.

Irvin-Erickson

(2024). Consequences of identity theft victimization: Disabilities and mental distress. Crime & Delinquency. Advance online publication. https://doi.org/10.1177/00111287241227926

18.

Jansen

Leukfeldt

(2018). Coping with cybercrime victimization: An exploratory study into impact and change. Journal of Qualitative Criminal Justice and Criminology, 6(2), 205–228.

19.

Lazarus

R. S.

Folkman

(1984). Stress, appraisal, and coping. Springer.

20.

Lee

J. R.

(2023). Understanding markers of trust within the online stolen data market: An examination of vendors’ signaling behaviors relative to product price point. Criminology & Public Policy, 22(4), 665–693.

21.

Maher

C. A.

(2024). Examining the association between citizenship and ethnicity on identity theft risk: Findings from the National Crime Victimization Survey. American Journal of Criminal Justice, 49(3), 400–421.

22.

Maher

C. A.

Hayes

B. E.

(2024). Nonfinancial consequences of identity theft revisited examining the association of out-of-pocket losses with physical or emotional distress and behavioral health. Criminal Justice and Behavior, 51(3), 459–481.

23.

Maher

C. A.

Hayes

B. E.

Powers

R. A.

(2025). Vulnerable identities? Examining the association between disability with risk and consequences of identity theft. Journal of Criminal Justice, 96, Article 102333.

24.

McNally

M. M.

Newman

G. R.

(2008). Perspectives on identity theft. Criminal Justice Press.

25.

Nevin

A. D.

Reynolds

Lee

J. R.

(2025). Toward a typology of identity theft victimization: A latent class analysis. Deviant Behavior. Advance online publication. https://doi.org/10.1080/01639625.2025.2510303

26.

Randa

Reyns

B. W.

(2020). The physical and emotional toll of identity theft victimization: A situational and demographic analysis of the National Crime Victimization Survey. Deviant Behavior, 41(10), 1290–1304.

27.

Reynolds

(2021). The differential effects of identity theft victimization: How demographics predict suffering out-of-pocket losses. Security Journal, 34(4), 737–754.

28.

Reynolds

(2023). Identity theft. In Pontell

H. N.

(Ed.), Oxford Research Encyclopedia of Criminology and Criminal Justice. Online, Oxford research Encyclopedias. Oxford Academic. https://doi.org/10.1093/acrefore/9780190264079.013.797

29.

Reynolds

(2024). “Screaming into the void”: Canadians’ experiences reporting identity theft. Canadian Journal of Criminology and Criminal Justice, 66(1), 87–106.

30.

Reyns

B. W.

Henson

(2016). The thief with a thousand faces and the victim with none: Identifying determinants for online identity theft victimization with routine activity theory. International Journal of Offender Therapy and Comparative Criminology, 60(10), 1119–1139.

31.

Smith

C. P.

Freyd

J. J.

(2013). Dangerous safe havens: Institutional betrayal exacerbates sexual trauma. Journal of Traumatic Stress, 26(1), 119–124.

32.

Smith

C. P.

Freyd

J. J.

(2014). Institutional betrayal. American Psychologist, 69(6), 575–587.

33.

U.S. Bureau of Justice Statistics. (2023). National crime victimization survey: Identity theft supplement, [United States], 2021 (No. 38501) [Dataset]. Inter-university Consortium for Political and Social Research. https://doi.org/10.3886/ICPSR38501.v1