Identity theft + fraud in Ireland
Fraud offences in Ireland rose by 137% in the year to Q1 2025 according to the Garda Recorded Crime data. Card fraud is up 95%. Forgery is up 160%. Account takeovers and bogus-tradesman scams are growing at similar rates. If you're worried something has happened, work through this hub in order — most identity-theft outcomes are determined in the first 24 hours.
If something has just happened — start here
The most important action is to lock down the accounts and channels the attacker is using. Go directly to our First 24 hours page — it's a sequenced checklist of what to do in what order.
What this section covers
First 24 hours
What to do in the first hour, the first six hours, and the first day if you believe your identity has been compromised. Sequenced checklist.
Protect yourself
The preventative checklist. Practical measures organised by effort — five-minute changes that close most attack vectors, and longer items for higher-risk accounts.
Reporting to the DPC
When a company's failure has caused the breach, you can file a complaint with the Data Protection Commission. Walkthrough.
Scam watch
Active Irish scams sourced to An Garda Síochána, FraudSMART and Revenue — currently tracking Revenue tax-refund phishing, "undelivered package" smishing, and MyGovID impersonation. Updated as patterns evolve.
What identity theft actually looks like in Ireland
The two patterns that account for the bulk of recent cases:
- Account takeover. The attacker gains access to one account (email, mobile carrier, bank). From there they reset passwords on linked accounts, intercept 2FA codes, and operate as you.
- Synthetic identity / impersonation. The attacker opens new accounts in your name (loans, mobile contracts, credit cards). You discover it months later when collections demand payment.
The Garda Q1 2025 numbers split it as: deception offences +273%, account takeovers +10%, card fraud +95%, forgery +160%, online auction fraud +183%, bogus tradesman +160%. Card and deception fraud dominate by volume; account takeovers are growing more slowly but are individually more destructive.
Where to report
- An Garda Síochána — any actual fraud is a crime. Report at your local station (in person is most effective for getting a PULSE number). For online-only fraud you can also report via garda.ie.
- Your bank or card provider — call the number on the back of the card, NOT a number from an email or text. Banks have 24/7 fraud lines.
- The Data Protection Commission — if a company you trusted leaked your data, the DPC handles complaints. How to file a DPC complaint.
- FraudSMART / Banking & Payments Federation Ireland — operates a national scam-alert service at fraudsmart.ie.
- Hotline.ie — for reporting illegal online content (CSAM, racism); not the right channel for fraud, but mentioned because people often confuse them.
If a state service is involved
If the compromise involves your MyGovID account specifically (someone logging in as you, accessing Revenue or MyWelfare), work through these pages in order:
- Account locked — recover access
- Force a password reset
- Change the email on the account
- Contact MyGovID support to flag the suspected compromise.
- File a Subject Access Request to see what activity the Department logged.
What MyID cannot do
- We are an editorial site. We cannot recover your accounts, log in on your behalf, or contact banks for you.
- We do not accept your personal details by email. If your email contains a PPS number, password, account number or photograph of a document, we will delete it without reading further.
- We do not act as legal advisors. If you have civil-law remedies (e.g. against a company that lost your data), seek qualified legal advice.
Related
- Your data rights — the GDPR rights that matter when something has gone wrong.
- MyGovID troubleshooting — for state-service-specific issues.
- Live issues — including ongoing fraud patterns we're tracking.