What to Do If Someone Uses Fake IDs Under Your Name for Fraud

Finding out that someone used a fake ID under your name can feel terrifying: loans may appear, bank accounts may be opened, SIMs or e-wallets may be linked to you, or strangers may contact you because they were scammed by “you.” In the Philippines, this is not just a personal problem or “identity mix-up.” It may involve several crimes, including computer-related identity theft, falsification, estafa, access device fraud, financial account scamming, and unlawful use of personal data. The most important things to do are to stop the damage quickly, preserve evidence properly, report to the right offices, and create a paper trail proving that you are the victim—not the fraudster.

What Counts as Using Fake IDs Under Your Name?

This usually happens when someone uses your name, photo, personal details, scanned ID, signature, biometrics, or copies of your government IDs to pretend to be you.

Common examples in the Philippines include:

  • Opening a bank account, e-wallet, crypto account, or loan account using your ID
  • Applying for a credit card, online loan, postpaid plan, or buy-now-pay-later account
  • Using a fake or altered driver’s license, passport, UMID, SSS, PhilHealth, TIN, PRC ID, postal ID, voter’s ID, or National ID
  • Creating a Facebook, Marketplace, Viber, Telegram, WhatsApp, Lazada, Shopee, or dating-app account under your name
  • Using your name to scam buyers, landlords, employers, or online customers
  • Submitting your identity documents to a company, bank, or government office without your permission
  • Using your identity to receive scam proceeds or act as a “money mule”

The legal issue is not only that the ID is fake. The bigger problem is that your identity is being used to create trust, obtain money, access services, or avoid detection.

Is Identity Theft a Crime in the Philippines?

Yes. Philippine law recognizes computer-related identity theft under the Cybercrime Prevention Act of 2012, or Republic Act No. 10175.

Under Section 4(b)(3) of RA 10175, computer-related identity theft includes the intentional acquisition, use, misuse, transfer, possession, alteration, or deletion of identifying information belonging to another person or entity, without right. The law also states that if no damage has yet been caused, the penalty is one degree lower. (Supreme Court E-Library)

This is especially relevant if the fake ID was used through:

  • Online banking or e-wallet apps
  • Online lending platforms
  • Social media accounts
  • Messaging apps
  • Email
  • Online marketplaces
  • SIM-linked digital accounts
  • Electronic forms or digital onboarding systems

RA 10175 also provides that crimes under the Revised Penal Code and special laws may be covered by the Cybercrime Prevention Act when committed through information and communications technology, with the penalty generally one degree higher. Prosecution under the cybercrime law is also without prejudice to liability under the Revised Penal Code or special laws. (Supreme Court E-Library)

Other Philippine Laws That May Apply

Identity fraud cases often involve more than one offense. The exact case depends on what the fraudster did with your identity.

Situation Possible Legal Basis Why It Matters
Someone used your personal data online RA 10175, Cybercrime Prevention Act Covers computer-related identity theft, computer-related fraud, and cyber-enabled crimes
Someone created or used a fake government ID Revised Penal Code, especially falsification provisions Fake, altered, or falsified public documents may be criminally punishable
Someone used your identity to borrow money or deceive others Revised Penal Code, estafa or other fraud offenses Applies when deceit caused damage or loss
Someone used your credit card, debit card, ATM card, e-wallet, or bank account details RA 8484, Access Devices Regulation Act of 1998 Covers counterfeit or unauthorized access devices and access devices fraudulently applied for
Someone opened or used a financial account under your identity RA 12010, Anti-Financial Account Scamming Act of 2024 Covers money muling, use of another person’s identity documents, and financial account scamming
Someone processed or disclosed your personal information without authority RA 10173, Data Privacy Act of 2012 May apply to unauthorized processing, disclosure, breach, or negligent access
Someone used your National ID, PhilSys Number, or PhilID RA 11055, Philippine Identification System Act Penalizes unlawful use, possession, falsification, or misuse of PhilID/PSN

Falsification and Use of Fake Documents

If the fake ID is a public document or government-issued ID, the case may involve falsification of public documents under the Revised Penal Code. Article 172 punishes falsification by private individuals and the use of falsified documents. (Lawphil)

In practice, investigators will look for:

  • Who made the fake ID
  • Who submitted or used it
  • Whether the ID was altered from a real document
  • Whether the photo, signature, address, birthdate, QR code, or ID number was manipulated
  • Whether the fake ID was used to obtain money, credit, access, employment, registration, or benefits

Even if you do not know who created the fake ID, you can still report the incident and submit the evidence you have.

Estafa or Fraud

If someone used your name or fake ID to deceive another person into giving money, goods, credit, services, or access, the case may involve estafa under Article 315 of the Revised Penal Code.

For example:

  • A scammer uses your ID to sell a phone online, receives payment, and disappears.
  • A person uses your name to rent a condo, then fails to pay.
  • Someone applies for a loan under your name and the lender later demands payment from you.
  • A fraudster uses your identity to receive payments from victims.

The key facts are usually deceit, damage, and connection between the fake identity and the loss.

Access Device Fraud

RA 8484, the Access Devices Regulation Act of 1998, may apply when the fraud involves credit cards, ATM cards, debit cards, account numbers, access codes, or similar devices. Section 9 includes prohibited acts such as using an unauthorized access device, using an access device fraudulently applied for, possessing counterfeit or fraudulently applied-for access devices, and effecting transactions with access devices issued to another person. (Lawphil)

This matters because many identity theft cases today involve digital accounts rather than physical cards.

Financial Account Scamming and Money Muling

RA 12010, the Anti-Financial Account Scamming Act of 2024, is important if your name or ID was used to open, receive, transfer, or withdraw funds through a bank, e-wallet, or other financial account.

The law treats it as money muling when a person opens a financial account under a fictitious name or uses the identity or identification documents of another for criminal proceeds or social engineering schemes. It also penalizes social engineering schemes where someone obtains sensitive identifying information through deception or fraud, resulting in unauthorized access or control over a financial account. (Supreme Court E-Library)

RA 12010 also gives financial institutions authority to temporarily hold funds subject of a disputed transaction for a period prescribed by the BSP, not exceeding 30 calendar days, unless extended by a competent court. (Supreme Court E-Library)

This is why speed matters. If scam proceeds are still moving through the banking or e-wallet system, immediate reporting may help preserve funds.

Data Privacy Violations

If your ID copy, selfie, address, phone number, birthday, biometrics, tax number, or other personal data was collected, shared, sold, leaked, or used without authority, the Data Privacy Act of 2012 may apply.

RA 10173 penalizes unauthorized processing of personal information and sensitive personal information. Sensitive personal information includes data such as government-issued numbers, health information, licenses, tax returns, and similar protected details. The law also requires personal information controllers to implement reasonable and appropriate security measures and to notify the National Privacy Commission and affected data subjects when sensitive personal information or information that may enable identity fraud is believed to have been acquired by an unauthorized person and likely poses serious harm. (National Privacy Commission)

A National Privacy Commission complaint is especially relevant if the suspected source is a company, lending app, employer, school, condo admin, recruiter, online seller, or organization that mishandled your ID documents.

Misuse of the National ID or PhilSys Information

If the fake ID involves the National ID, PhilID, PhilSys Number, or biometric information, RA 11055 may apply.

The PhilSys Act covers transactions where the PhilSys Number, PhilID, or biometric information is required, presented, or used, whether legally or illegally, within or outside the Philippines. It also states that the PhilID contains a QR code and security features to help prevent fraudulent or falsified IDs. (Supreme Court E-Library)

RA 11055 penalizes unlawful use of the PhilID or PSN to commit fraud, willful submission of fictitious names or false information, unauthorized printing or issuance of a PhilID, falsification or tampering, unauthorized possession of another person’s PhilID, possession of a fake or altered PhilID, and willful transfer of a PhilID or PSN. (Supreme Court E-Library)

What to Do Immediately If Someone Used a Fake ID Under Your Name

1. Write Down a Clear Timeline

Start with a simple timeline while the facts are fresh. Include:

  1. When you first discovered the fraud
  2. Who contacted you
  3. What account, transaction, platform, or document was involved
  4. The amount involved, if any
  5. Names, phone numbers, email addresses, usernames, account numbers, reference numbers, and links
  6. What you already reported and to whom

This timeline will help police, NBI, banks, prosecutors, and agencies understand the case quickly.

2. Preserve Evidence Before It Disappears

Do not rely on memory. Save evidence in both digital and printed form.

Collect:

  • Screenshots showing the full page, URL, username, date, and time
  • Chat messages, emails, SMS, call logs, and transaction confirmations
  • Fraudulent account profiles using your name or photo
  • Fake IDs, if you have copies or screenshots
  • Demand letters, collection notices, or loan statements
  • Bank or e-wallet transaction references
  • Courier receipts, delivery details, marketplace order pages, and tracking numbers
  • Names and contact details of victims or witnesses who contacted you
  • Any admission, threat, or conversation from the suspected fraudster

For online evidence, take screenshots in a way that shows context. A cropped image of a profile photo may be weak. A better screenshot shows the profile URL, username, posts, messages, dates, and transaction details.

3. Secure Your Real Accounts

Change passwords immediately for:

  • Email accounts
  • Online banking
  • E-wallets
  • Social media
  • Shopping apps
  • Cloud storage
  • Mobile number-linked accounts

Enable multi-factor authentication where available. If you suspect your SIM or phone number was used, contact your telco and ask whether there were SIM replacement requests, account changes, or suspicious registrations.

4. Notify Banks, E-Wallets, Lenders, and Platforms in Writing

Do not only call customer service. Send a written complaint or ticket so there is a record.

Your message should clearly say:

  • You are the identity theft victim.
  • You did not open, authorize, benefit from, or transact using the suspicious account.
  • You request immediate freezing, investigation, preservation of records, and correction of records.
  • You request copies or reference numbers for your complaint.
  • You are willing to submit a government ID, affidavit, police/NBI report, or specimen signatures as needed.

For banks, e-wallets, and financial institutions, ask them to preserve:

  • Account opening documents
  • KYC records
  • Selfie or liveness-check files
  • IP logs and device logs
  • Linked mobile numbers and email addresses
  • Transaction trail
  • Beneficiary accounts
  • Withdrawal details
  • CCTV, if there was branch or ATM activity

5. File a Report With the Proper Law Enforcement Office

For cyber-enabled identity fraud, you may report to the NBI Cybercrime Division or the PNP Anti-Cybercrime Group. RA 10175 designates the NBI and PNP as law enforcement authorities responsible for cybercrime enforcement, and requires cybercrime units or centers to handle cases involving violations of the Act. (Supreme Court E-Library)

The NBI’s citizen charter for computer crime victims describes an initial process involving preliminary interview and assistance in filling out a sworn complaint sheet, usually handled by the agent or investigator on duty. (National Bureau of Investigation)

You may also report fraud-related cases to regular police stations, but for identity theft involving online accounts, apps, emails, digital payments, or social media, cybercrime units are usually better equipped to understand digital evidence.

6. Prepare a Complaint-Affidavit

A complaint-affidavit is your sworn written statement explaining what happened. It is usually notarized and supported by attachments.

A good complaint-affidavit should include:

  • Your full legal name, address, age, nationality, and contact details
  • A statement that you are the owner of the identity being misused
  • A chronological narration of what happened
  • The names of respondents, if known
  • The names of witnesses, if any
  • Screenshots, transaction records, notices, emails, and other proof
  • A statement that you did not authorize the use of your ID, name, photo, signature, or personal data
  • A request for investigation and filing of appropriate charges

The DOJ’s requirements for filing a complaint for preliminary investigation include an investigation data form and complaint-affidavit or sworn statement, with supporting documents. (Department of Justice)

7. Ask for a Certificate, Blotter, or Complaint Reference Number

Always ask for proof that you reported the matter. Depending on the office, this may be:

  • Police blotter extract
  • Incident report
  • Complaint reference number
  • Receiving copy of your complaint-affidavit
  • NBI complaint sheet or certification
  • Bank dispute reference number
  • Platform support ticket number
  • NPC complaint reference

These documents are useful when collectors, banks, victims, employers, immigration officers, or platforms later ask why your name appears in a fraud incident.

Which Office Should You Go To?

Problem Office or Institution to Approach Practical Purpose
Fake online account, fake ID submitted online, scam using your name NBI Cybercrime Division or PNP Anti-Cybercrime Group Cybercrime investigation and digital evidence handling
Fake physical ID, forged signature, in-person fraud Local police, NBI, or prosecutor’s office Criminal complaint for falsification, estafa, or related crimes
Bank, e-wallet, or loan account opened under your name Bank/e-wallet/lender first, then NBI/PNP if fraud is clear Freeze, dispute, preserve records, trace funds
Misuse of personal data by company, app, employer, school, or organization National Privacy Commission Data privacy complaint and investigation
Fake or misused National ID / PhilID PSA / PhilSys channels, plus NBI/PNP if fraud occurred Verification and reporting of PhilSys-related misuse
Debt collection for a loan you did not obtain Lender, financing company, SEC if applicable, NBI/PNP Dispute liability and stop wrongful collection
Cross-border fraud involving a foreign platform or foreign suspect NBI/PNP, DOJ Office of Cybercrime Possible preservation requests and international coordination

Documents You Should Prepare

Document Why It Helps
Your valid government ID Proves your true identity
Copies of the fake ID or fake profile Shows how your identity was misused
Screenshots and links Connects the fraudulent act to online accounts or platforms
Transaction records Shows money trail, dates, amounts, and reference numbers
Demand letters or collection notices Proves damage or attempted collection
Bank/e-wallet/lender complaint tickets Shows you promptly disputed the fraud
Police blotter or NBI complaint record Helps establish that you reported as a victim
Notarized complaint-affidavit Formal sworn statement for investigation or prosecution
Witness statements Useful if others were contacted or scammed by the impersonator
Proof you were elsewhere Helps if the fraud involved in-person use of fake ID

How Long Does the Process Usually Take?

Timelines vary widely depending on the amount involved, number of platforms, responsiveness of banks or apps, and whether the suspect can be identified.

Stage Typical Practical Timeline
Internal bank/e-wallet/platform ticket A few days to several weeks
Initial police or NBI intake Same day to a few days, depending on queue and completeness of evidence
Gathering platform, telco, or bank records Weeks or longer, especially if legal process is required
Prosecutor’s preliminary investigation Several weeks to a few months, depending on docket and complexity
Court case after filing Months to years
Correction of internal records or credit records Often separate from the criminal case and may require repeated written follow-up

A common bottleneck is lack of complete evidence. Another is that platforms, banks, telcos, or foreign companies may require formal law enforcement requests before releasing detailed records.

What If Victims Are Accusing You of Being the Scammer?

Stay calm and avoid long emotional arguments online. Do not threaten people who are also victims. Instead:

  1. Explain briefly that your identity was used without permission.
  2. Ask them to preserve all messages, receipts, profile links, and payment records.
  3. Ask them not to delete the conversation with the scammer.
  4. Request copies of evidence showing the fake account or ID.
  5. Give them your police/NBI complaint reference when available.
  6. Avoid admitting liability for transactions you did not make.

A simple statement is often enough:

“My name and ID were used without my authority. I did not create that account, receive your payment, or transact with you. Please preserve your screenshots, receipts, links, and messages because I am reporting this as identity theft and fraud.”

What If a Lending App or Collector Is Demanding Payment?

Do not ignore it, but do not pay a loan you did not obtain just to “make it go away” without documenting your dispute.

Send a written dispute stating:

  • You did not apply for or receive the loan.
  • Your identity documents were used without permission.
  • You demand copies of the application, selfie verification, disbursement record, device data, and recipient account.
  • You request suspension of collection while the fraud investigation is pending.
  • You request correction or deletion of inaccurate records where appropriate.

If the collector harasses you, contacts your relatives, posts your photo, or threatens public shaming, the issue may also involve data privacy violations, unfair collection practices, cyber harassment, or other offenses depending on the facts.

What If You Are Abroad?

Filipinos abroad and foreigners dealing with Philippine fraud should prepare documents carefully because Philippine authorities often require sworn documents.

Practical options include:

  • Executing an affidavit before the nearest Philippine Embassy or Consulate
  • Having foreign documents notarized and apostilled if executed in a country that is part of the Apostille Convention
  • Preparing scanned evidence and printed copies for a representative in the Philippines
  • Issuing a Special Power of Attorney if someone in the Philippines must request records, file complaints, or follow up for you
  • Keeping original passports, IDs, immigration stamps, employment records, or travel records that show you were not in the Philippines when the fake ID was used

For foreign nationals, Philippine authorities may ask for passport copies, visa or residence documents, local address, and authenticated documents depending on where the evidence was issued.

Common Mistakes to Avoid

Deleting Evidence

Do not delete messages, accounts, or posts before saving them. Deleted content may be harder to recover later.

Only Calling Customer Service

Phone calls are useful for urgent freezing, but always follow up in writing. A ticket number or email trail is stronger than “I called someone last week.”

Posting the Suspect’s Personal Information Online

Publicly posting someone’s ID, address, phone number, or accusations may expose you to defamation, privacy, or harassment issues. Report through proper channels and preserve evidence instead.

Paying a Fraudulent Loan Without a Written Dispute

Payment may be misunderstood as acknowledgment. If you pay under pressure, document that it is not an admission and that you are reserving rights—but it is usually better to formally dispute first.

Assuming a Blotter Automatically Files a Criminal Case

A blotter is a police record. It is useful, but it is not the same as a prosecutor’s complaint or a court case. For criminal prosecution, evidence usually needs to be evaluated by investigators and prosecutors.

Waiting Too Long

Digital evidence disappears. Scam accounts change names. CCTV may be overwritten. Banks and platforms may retain logs only for limited periods. Report quickly.

Can You Claim Damages?

Yes, depending on the facts. Apart from criminal liability, Philippine civil law may allow claims for damages.

Articles 19, 20, and 21 of the Civil Code require persons to act with justice, give everyone his due, observe honesty and good faith, indemnify another for willful or negligent damage contrary to law, and compensate for willful injury contrary to morals, good customs, or public policy. (Lawphil)

In identity fraud cases, damages may include:

  • Actual financial losses
  • Expenses for documents, notarization, travel, and communications
  • Lost income or business disruption
  • Damage to reputation
  • Emotional distress, in proper cases
  • Attorney’s fees, when legally recoverable
  • Restitution in criminal or special-law cases

Under RA 12010, conviction carries civil liability that may include restitution for damage done or unwarranted benefits derived from the violation. (Supreme Court E-Library)

Frequently Asked Questions

Can someone go to jail for using a fake ID under my name?

Yes. Depending on the facts, the person may face charges for computer-related identity theft, falsification, estafa, access device fraud, financial account scamming, unlawful use of PhilID or PSN, or Data Privacy Act violations.

What should I do first if someone used my ID for an online loan?

Immediately dispute the loan in writing with the lender, request suspension of collection, ask for the application and disbursement records, preserve all messages and notices, then report to the NBI Cybercrime Division or PNP Anti-Cybercrime Group if the loan was fraudulently opened online.

Is a police blotter enough to clear my name?

A blotter helps, but it may not be enough by itself. You may also need written disputes with banks or lenders, an NBI or police cybercrime complaint, a notarized affidavit, and follow-up with the institution that recorded the fraudulent account.

Can I ask the bank or e-wallet to reveal who used my name?

You can request information, but banks and e-wallets may limit disclosure because of privacy, bank secrecy, or internal policies. They may preserve records and release details through proper legal or law enforcement processes.

What if the scammer used my real ID copy but changed the photo?

That may support falsification, identity theft, fraud, and data privacy issues. Preserve the altered ID image and any account or transaction where it was used.

Can I file a case even if I do not know the scammer’s real name?

Yes. You can report the incident and identify the respondent as unknown, using usernames, phone numbers, account numbers, email addresses, IP-related information if available, and transaction references. Investigators may trace the person through platforms, telcos, banks, or e-wallets.

Can a company be liable if my ID was leaked from its system?

Possibly. If a company failed to protect your personal information, processed it without authority, or failed to notify affected persons of a breach when required, the Data Privacy Act may apply. You may consider filing a complaint with the National Privacy Commission.

What if a fake National ID was used?

Report the matter to law enforcement and preserve a copy of the fake ID or screenshot. RA 11055 penalizes unlawful use, falsification, tampering, unauthorized possession, and use of the PhilID or PSN for fraudulent or unlawful purposes. (Supreme Court E-Library)

Can I be forced to pay a debt created by identity theft?

Not automatically. A lender or creditor must prove that you applied for, authorized, received, or benefited from the transaction. You should dispute the debt promptly and request the records showing how the account was opened and where the money went.

Should I message the scammer directly?

Avoid direct confrontation if it may lead to threats, deletion of evidence, or more misuse of your identity. Preserve evidence first and report through the proper channels.

Key Takeaways

  • Someone using fake IDs under your name for fraud may be committing identity theft, falsification, estafa, access device fraud, data privacy violations, or financial account scamming.
  • Act quickly: preserve evidence, secure your accounts, notify banks and platforms in writing, and report to the proper law enforcement office.
  • For online or app-based identity fraud, the NBI Cybercrime Division or PNP Anti-Cybercrime Group is usually more appropriate than a simple barangay complaint.
  • A police blotter helps, but it is not the same as a full criminal complaint or prosecutor’s case.
  • If your personal data was leaked or mishandled by a company, the National Privacy Commission may be involved.
  • If your name is being used for loans or financial accounts, dispute the account in writing and ask the institution to preserve KYC, transaction, device, and account-opening records.
  • Keep a clean paper trail showing that you are the victim and that you did not authorize, benefit from, or participate in the fraudulent transaction.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.