It can happen to any of us, and that is the scary part.
A junior Navy officer recently revealed how shocked she was upon learning that following a reverse search of her name with the SEC, her name and tax identification number were listed in the incorporation papers of 193 corporations, 102 of which sounded foreign.
Lt. Jessa Mendoza, a PMAer who also just finished her law studies, recalled during a Senate probe on illegal offshore gaming operators (POGOs) how she was slapped with cases involving companies whose names were totally unknown to her.
Mendoza received notices from the Bureau of Internal Revenue about the tax deficiencies of foreign companies unknown to her where her name was listed as incorporator or treasurer. She was even indicted for alleged violation of the Social Security Act of another company where she was named as an official.
She suspects that this probably happened because her cousin borrowed her TIN ID card back in 2016 supposedly for a travel agency. The said cousin is married to a Chinese national. That cousin and her father, as well as another cousin in the US, would end up being incorporators and directors in the 193 corporations, just like Mendoza.
Imagine how easy it is now to steal someone’s identity.
Back in March, the Philippine National Police (PNP) Anti-Cybercrime Group (ACG) revealed that it has recorded 178 cases of “hijack profile” or identity theft cases from November 2023 to February 2024, half of which took place in February alone. Hijack profile scams take place when unsuspecting users’ social media accounts are breached and then misused for financial or personal gain.
Last year, the PNP recorded nearly 3,000 cyber identity theft incidents, an increase of 14 percent from the previous year.
The PNP has urged the public to refrain from clicking on dubious links, downloading attachments from unknown sources and providing personal information online. These types of scams appear to be on the rise.
Republic Act 10175 or the Cybercrime Prevention Act penalized cyber identity theft with imprisonment of six to 12 years or a fine of at least P200,000 up to a maximum amount commensurate to the damage incurred or both.
The Data Privacy Act under RA 10173 also protects against unlawful processing of personal information.
The media reported back in 2022 a survey by data analytics firm Fico which revealed that about 4.5 percent of adult Filipinos or five million individuals claimed to have been victimized by identity theft. In addition, six percent or around 6.7 million Filipinos believe that their identity was used to open a financial account fraudulently.
Meanwhile, a survey on personal finance conducted during the fourth quarter of 2023 in the Philippines by statista.com disclosed that identity theft was the fifth most frequent fraud scheme targeting consumers in the country. Leading the pack was phishing, followed by smishing, money/gift cards, third-party seller scams on legitimate online retail websites, and vishing. About 21 percent of the respondents who had experienced digital fraud attempts were targeted with identity theft.
A report from innovatrics.com noted how the digital age has opened up new, easily accessible avenues for ID fraud. “Poorly protected public and private databases are a treasure trove of information like social security numbers, names, addresses and even credit card data. These are then resold in shady web forums. From there, fraudsters can create counterfeit IDs with real-world data that are able to withstand routine checks,” it said.
Some years back, the Credit Information Corp. (CIC) reminded the public to keep their TIN, SSS and GSIS ID numbers away from credit-related fraud.
It explained that while in the past, these numbers had little value, now, many companies use at least one of these IDs as a primary identifier when applying for loans. This is the reason why everyone should closely guard these numbers, in the same way that we vigorously protect the passwords of our emails and social media accounts, CIC said.
It noted how lightly Filipinos treat the value of government-issued identifying numbers. Unfortunately, there are companies which require their employees to indicate their TIN, SSS or GSIS numbers at the back of their company IDs alongside emergency contact details.
CIC said it is not safe to include these numbers in company IDs because if the ID is lost, this could provide an opportunity for those with fraudulent minds to perform illegal transactions under the name of that employee using his identification numbers.
It pointed out that ideally, one must use these numbers only with the agencies that issued these numbers or with institutions that have very high levels of security such as banks and other financial institutions. When asked for some formal type of government ID, CIC said it is advisable to just use other government-issued IDs such as driver’s license or voter’s ID.
The CIC recalled how a public-school teacher became a victim of identity theft after posting his Professional Regulation Commission ID on his Facebook account. This led him to being saddled with P800,000 in loans from three banks that he did not even apply for.
Earlier this year, a security guard sought assistance from the Social Security System (SSS) after his account was used for a salary loan by someone else. The risk of this happening has multiplied especially now that SSS accounts can be accessed online.
Sharing someone’s personal information should be guarded with extreme caution. The next time you fill up a form, whether in wet ink or online, post anything online, or click a link or attachment, think twice. Once your information is out there, be prepared for the worst.
For comments e-mail at [email protected]
Be the first to comment