Law Office of Eric Holk

Certified Specialist in Estate Planning, Trust & Probate Law
The State Bar of California Board of Legal Specialization

2801 Monterey-Salinas Highway, Suite K
Monterey, CA 93940
Phone: 831-622-8808
Fax: 831-655-3660



Identity theft is the fastest-growing crime in the U.S. In 2003, 9.9 million Americans suffered some form of identity theft. Compare this to 1997, when there were roughly 400,000 cases of identity theft. This huge increase is directly related to the increase in the use of the internet. The criminal never has to see the victim or know what suffering has been caused. This is a problem that hurts all of us, as much of the cost is ultimately passed along to the general public. The law puts a $50 limit on the amount that a creditor can recover from an identity theft victim if creditors are informed right away, and many creditors will waive even that fee.

Identity thieves can access your bank or brokerage accounts, withdraw your funds, and make charges to your credit cards. They steal your Social Security checks, refinance your home without your knowledge, take out loans in your name, and purchase or lease autos. They can open new credit cards in your name, using a bogus mailing address. By the time you realize there’s a problem, bills have been mounting for months. Most victims first learn of the problem when they are denied credit or loans due to negative credit reports that result from fraudulent activity. An identity thief can even leave you with a criminal record that you know nothing about.

Undoing the damage caused by identity theft can take years, and sometimes the harm is irreparable. The average victim spends more than $1,000 in personal funds and more than 175 hours (a month’s full-time work) attempting to undo the damage, if it can be undone. 45% of victims resolve their cases in about 2 years, but for the majority, their problems continue for four years or longer.


  1. Financial (Credit): The ID thief uses the victim’s name and Social Security number to apply for credit cards or loans, get telephone service, buy merchandise, or even lease a car or apartment.
  2. Criminal: The ID thief provides the victim’s information when stopped by law enforcement. Eventually, when an arrest warrant is issued, it is issued for the victim – the person named in the citation.
  3. Business/Commercial: The ID thief gets credit cards or checking accounts in the name of the business. The business finds out when unhappy suppliers send collection notices or their business rating score is affected.
  4. Identity Cloning: The ID thief uses the victim’s information to establish a new life. They live and work as you, even reporting their earnings under your Social Security number (ultimately leaving you responsible for the income taxes!). Examples include illegal aliens, criminals avoiding warrants, people hiding from abusive situations or changing identity in order to leave behind a poor work history or financial record.


Step One: Covert acquisition of “personal identifying information.” The most common information that ID thieves want is your name, Social Security number, date of birth, and sometimes your mother’s maiden name, but other information can be just as important. Other examples include your address, telephone number, driver’s license number, PIN (personal identification number), passport number, alien registration number, checking or savings account number, or credit card numbers.

Step Two: The illegal use of someone else’s personal identifying information to steal from the victim, incur debt in the name of the victim, or other wrongdoing.


Computer hacking/Spyware: Programs or hackers that work behind the active programs being used to acquire personal information from your computer without your knowledge when you are connected to the internet.

Internet “Phishing”: E-mail messages that request some sort of personal identifying information under the guise of something appearing legitimate, such as a message that appears to come from a bank or credit card company or someplace like e-bay or AOL. Typically, these messages ask you to confirm your Social Security number or some other confidential information. NEVER respond to any e-mail asking for personal information.

Telephone “Phishing”: Same idea, only you get a telephone call from someone purporting to be a representative calling for “your bank” to “confirm” certain information, often trying to convey some sense of urgency. They may even tell you they are concerned that someone may be attempting to steal your identity! Do not reveal personal information over the phone. If your bank needs some personal information from you, go to your bank to give it to them.

“Shoulder Surfing”: Someone surreptitiously observes you entering your PIN. If they can also get your account number, this makes it possible for them to access your account.

Mail Theft: If your mail is delivered to an unlocked mail box in a publicly accessible area, this is a target for those who would intercept credit card offers or the actual credit cards that come in the mail. Outgoing mail left in your mailbox is another target for ID thieves. They look for outgoing checks signed by you that they can steal and alter with an acid wash to then make the check payable to themselves or to “cash” for a substantial sum.

“Dumpster Diving”: The ID thief goes through the trash of well-to-do persons looking for bank or other financial statements, ATM or credit card receipts, and pre-approved credit card offers.

Corrupt Insider with Access: An unethical employee who has access to personal information such as your Social Security number and date of birth may sell this information to others or use the information themselves. This can be very difficult to protect yourself against.

Identity Fraud: Persons posing as someone (such as an employer or a landlord) who would normally have a legitimate right to your credit report or your personal information.

Larceny: Pickpockets could sell your credit cards or personal information to ID thieves.

Retailer/Creditor Negligence: Failure to properly protect the confidentiality of customer credit card numbers.


  1. Guard your Social Security number and date of birth. Do not reveal these unless you are absolutely sure how they will be used. If someone calls or e-mails you requesting this information, do not give it to them. Normally, it is inadvisable to put your SS number or credit card number on personal checks. Do not preprint your driver’s license number on your personal checks. Don’t have your check orders delivered to an unsecured mail box – have them sent to your bank and pick them up there.
  2. Shred any personal information documents that you plan to throw away. Cross-cut shredders are best. Always destroy any credit card offers that you do not plan to return.
  3. Do not put outgoing mail in unsecured mailboxes if that mail contains checks, a response to a credit card offer, or anything else with personal information. [Note: to opt out of pre-screened credit card offers, call 1-888-567-8688.]
  4. Review your bank statements and credit card statements promptly and look for any sort of activity that seems questionable. Report such transactions immediately. Mark your calendar so you know when these statements should arrive, and act quickly if a bill is late – a thief may have changed your billing address.
  5. Don’t store old tax returns and financial records in boxes in an unlocked garage.
  6. Shield the keypad with your hand when entering your PIN at an ATM or other location. It is best not to use the same PIN for everything.
  7. Request your credit reports regularly from all three credit reporting agencies and check these for irregularities. The Fair Credit Reporting Act requires each of the nationwide consumer reporting companies – Equifax, Experian, and TransUnion – to provide you with a free copy of your credit report, at your request, once every 12 months. The FTC has access to free credit reports at (Or request your free annual report by going to, or,, and If you do not have internet access, you can request your credit report by phone by calling 1-877-322-8228 or by writing to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281.
  8. Do not conduct confidential personal business on public computers at schools, libraries, copy centers, or internet cafés.
  9. If you order things with credit cards over the internet, be sure the website is secure (a secure website will be prefaced with https:// -- the “s” meaning “secure”).
  10. Install a software firewall on your computer, or activate the one that is provided with Windows XP if you have that on your computer. Also install a spyware blocker, such as SpyBot ( or AdAware (
  11. Don’t give away an old computer without first having the hard drive professionally erased to clear it of all personal information. Just “deleting” information is not enough.
  12. Use passwords that are not easily discerned. (The most common password is “password” and the most common password categories are, in ranking order, the person’s name, their sports team, and their date of birth. Another common one is mother’s maiden name.) Don’t use the same password for everything, and pick something unique to you that will not be easily guessed.
  13. Do not carry your Social Security number in your wallet. If your health insurance ID contains your Social Security number, only take that with you when you are actually utilizing health care services. The rest of the time, carry a copy of the card with your SS# blanked out.
  14. Reduce the number of credit cards you have to a minimum. Carry only one or two of them in your wallet. Cancel unused accounts (note, however, that this might lower your credit score, which is based on the number of accounts you have that are kept current).
    • To opt out of pre-screened credit card offers, call: 1-888-567-8688. Also, tell the credit reporting agencies to not share your personal information with direct marketers.
  15. Keep a list or photocopy of all your credit cards, bank accounts, and investments (at home, not in your wallet), with contact phone numbers to call in case of theft or fraud.
  16. When a family member dies, be sure to close all existing credit accounts that are in that person’s name – just cutting up the credit cards is not good enough.


Act quickly to report it! As of 1/1/2004, California state law requires the victim to provide a security alert to all applicable credit bureaus within 5 days of discovery of the fraudulent activity or face a $2,500 fine plus attorney’s fees [since 2003, a notice to one is a notice to all]. Once the security alert is in place, the credit bureau cannot extend any further credit to the victim or anyone else posing as the victim. Also, report the crime to your local police or sheriff’s department. Consider filing a court petition requesting a Certificate of Identity Theft -- Judicial Finding of Factual Innocence. Keep a detailed log of everything you do in attempting to resolve the problem. For more specific guidance, see separate handouts:

  • Fact Sheet No. 17(a): Identity Theft Victims Guide
  • Fact Sheet 106 (formerly 17B): Organizing Your Identity Theft Case
  • ID Theft Affidavit


Resources on the Internet:

Federal Trade Commission: -- statistics, complaint forms, links to almost all other sources of information and assistance.

Guide for Assisting Identity Theft Victims:

Identity Theft Resource Center:

Social Security Administration pamphlet re: Identity Theft and SS numbers:

California Department of Justice Privacy Enforcement and Protection:

Certificate of Factual Innocence:

Test your identity risk factor:

U.S. Dept. of Justice identity theft information:

FBI website: identity theft resources


Safeguard Your Identity and From Victim to Victor, both by Mari J. Frank

Identity Theft, by John R. Vacca


2801 Monterey-Salinas Highway, Suite K
Monterey, CA 93940
ph: 831-622-8808
fax: 831-655-3660

Information is copyrighted by Eric N. Holk, 2017.

No information on this website shall be construed as legal counsel.
If you need legal advice, please contact Mr. Holk or another qualified attorney.
See full disclaimer here.