Cybercrime Complaint for Online Scam with Unknown Scammer

I. Introduction

Online scams have become one of the most common cybercrime concerns in the Philippines. Victims may be deceived through fake sellers, investment schemes, phishing links, romance scams, job scams, impersonation, fake payment confirmations, marketplace fraud, cryptocurrency schemes, account takeovers, and social media or messaging-app transactions. In many cases, the victim does not know the real identity of the scammer. The scammer may use a fake Facebook profile, Telegram handle, mobile number, e-wallet account, bank account, or mule account.

The fact that the scammer is unknown does not prevent the filing of a complaint. Philippine criminal procedure allows a complaint to be filed against a person whose name is unknown, provided the complaint identifies the person as far as practicable, such as by username, account name, mobile number, e-wallet account, bank account, email address, URL, IP-related data if available, or other identifying details.

A cybercrime complaint for an online scam is usually built around two goals: first, to report and preserve the evidence of the fraudulent act; and second, to enable law enforcement, prosecutors, banks, e-wallet providers, and platforms to trace the real person or persons behind the scam.

II. Common Legal Characterization of Online Scams in the Philippines

An online scam may fall under one or more Philippine laws, depending on the facts.

1. Estafa under the Revised Penal Code

The most common charge is estafa, particularly where the scammer used deceit or false pretenses to induce the victim to part with money, property, services, or valuable information. Estafa may exist where the victim relied on the scammer’s false representation and suffered damage as a result.

Examples include:

  • Fake online selling where payment is made but no item is delivered.
  • Fake investment promising guaranteed returns.
  • Fraudulent job application fees or training fees.
  • Fake loan processing fees.
  • Impersonation of a legitimate company or government agency.
  • Fake raffle, prize, or package delivery fee scams.

2. Cybercrime Prevention Act

When estafa is committed through information and communications technology, the case may involve cyber-related liability. Online fraud conducted through social media, messaging apps, websites, email, e-wallets, mobile banking, or other digital systems may be treated as cyber-enabled estafa.

The use of a computer system, internet platform, or electronic communication does not erase the underlying fraud. It may aggravate or qualify the offense depending on the applicable statutory provision and prosecutorial evaluation.

3. Computer-Related Fraud

Where the scam involves unauthorized input, alteration, deletion, or suppression of computer data, or interference with the functioning of a computer system to cause damage or obtain benefit, computer-related fraud may be relevant. This may arise in phishing, account takeover, unauthorized transactions, SIM-linked fraud, or manipulation of online accounts.

4. Identity Theft or Misuse of Identity

If the scammer used another person’s name, photo, business identity, government identity, company logo, or personal data to deceive the victim, there may also be identity-related offenses. Fake profiles and impersonation accounts may support additional allegations, especially if the scammer pretended to be a real person, company, bank, courier, employer, or government office.

5. Data Privacy Concerns

If the scam involved the collection, misuse, or disclosure of personal information, such as IDs, selfies, addresses, bank details, passwords, OTPs, or contact lists, the Data Privacy Act may also become relevant. This is especially important in phishing, loan app harassment, identity theft, doxxing, account compromise, and unauthorized use of personal data.

6. Access Device, Banking, and E-Wallet Issues

Where the scam involved bank accounts, e-wallets, credit cards, debit cards, OTPs, or unauthorized fund transfers, other financial and access-device laws may also be considered. The victim should immediately coordinate with the bank, e-wallet provider, remittance center, or payment platform to report the fraudulent transaction, request account freezing if possible, and obtain transaction records.

III. Can a Complaint Be Filed If the Scammer Is Unknown?

Yes. A victim may file a complaint even if the scammer’s true name is unknown.

The complaint may identify the respondent as:

“John Doe / Jane Doe, using the name [account name], username [username], mobile number [number], e-wallet account [details], bank account [details], email address [email], and/or other online identifiers.”

The complaint should describe the scammer using all available identifiers. Even if the profile name is fake, it is still useful because it gives investigators a starting point. The objective is to preserve and present enough information for law enforcement to trace the person behind the account or transaction.

IV. Where to File a Cybercrime Complaint in the Philippines

A victim may consider reporting to the following, depending on the situation:

1. Philippine National Police Anti-Cybercrime Group

The PNP Anti-Cybercrime Group handles cybercrime-related complaints and may assist in documenting, evaluating, and investigating online scams.

2. National Bureau of Investigation Cybercrime Division

The NBI Cybercrime Division may also receive complaints involving online fraud, identity theft, phishing, hacking, cyber-enabled estafa, and other digital offenses.

3. Local Police Station

A victim may initially report to the nearest police station for blotter purposes. However, because online scams often require digital investigation, the victim may still be referred to a cybercrime unit.

4. Office of the City or Provincial Prosecutor

A criminal complaint may eventually be filed for preliminary investigation before the prosecutor’s office. For unknown scammers, law enforcement investigation is often necessary first to identify the respondent.

5. Banks, E-Wallets, and Payment Providers

The victim should report the fraudulent transaction immediately to the relevant bank, e-wallet provider, remittance company, marketplace, or platform. This may help preserve records, freeze suspicious accounts, or trace the recipient.

6. Online Platforms

The victim should report the fake profile, listing, page, group, website, or account to the platform involved. This does not replace a criminal complaint, but it helps preserve digital evidence and may stop further victimization.

V. Immediate Steps After Discovering the Scam

The first hours after an online scam are important. A victim should act quickly.

1. Stop Further Communication That May Cause More Loss

Do not send additional money, documents, OTPs, passwords, photos, IDs, or bank details. Scammers often ask for “refund processing fees,” “unlocking fees,” “taxes,” “verification payments,” or “final charges” after the first payment.

2. Preserve Evidence

Do not delete conversations, transaction receipts, emails, screenshots, or call logs. If possible, export the conversation or download the data from the app or platform. Screenshots are useful, but they are stronger when supported by original links, account URLs, timestamps, transaction records, and device data.

3. Report to the Bank or E-Wallet Immediately

Give the transaction reference number, date, time, amount, recipient account, recipient name, mobile number, and screenshots. Ask whether the transaction can be held, reversed, investigated, or flagged. Request a case or ticket number.

4. Change Passwords and Secure Accounts

If the scam involved phishing, suspicious links, OTP disclosure, account takeover, or malware, change passwords immediately. Enable two-factor authentication. Log out of all sessions. Notify contacts if the account was used to scam others.

5. File a Police or Cybercrime Report

Prepare a sworn complaint-affidavit and supporting documents. Bring valid IDs and copies of evidence.

6. Avoid Publicly Accusing Unverified Persons

Victims should be careful when posting names, photos, account numbers, or accusations online. Some bank or e-wallet accounts may belong to money mules or compromised persons. Public posts may also create defamation or privacy issues if not handled carefully.

VI. Evidence Needed for a Cybercrime Complaint

A strong complaint should include both narrative evidence and technical/transactional evidence.

1. Identity of the Complainant

Attach a copy of a valid government ID and provide contact details. If the complainant is a company, attach proof of authority of the representative.

2. Full Narrative of Events

The complaint-affidavit should explain:

  • How the complainant encountered the scammer.
  • What the scammer represented or promised.
  • Why the complainant believed the scammer.
  • What amount was paid or what property was lost.
  • How payment was made.
  • What happened after payment.
  • When the complainant realized it was a scam.
  • What steps were taken afterward.

3. Screenshots of Conversations

Include screenshots showing:

  • The scammer’s profile or account.
  • The offer, promise, advertisement, or representation.
  • The payment instructions.
  • The payment confirmation.
  • The scammer’s excuses, refusal to deliver, disappearance, blocking, or further demands.
  • Timestamps and usernames where visible.

4. URLs and Account Identifiers

Preserve the exact profile URL, page URL, group link, marketplace listing link, email address, username, handle, phone number, QR code, bank account, e-wallet number, or website URL.

5. Transaction Records

Attach proof of payment, such as:

  • Bank transfer receipts.
  • GCash, Maya, ShopeePay, GrabPay, Coins, or other e-wallet receipts.
  • Remittance receipts.
  • Credit card or debit card transaction records.
  • Marketplace order records.
  • Cryptocurrency transaction hash, wallet address, or exchange receipt, if applicable.

6. Demand Letters or Follow-Up Messages

If the victim demanded delivery, refund, or explanation, include proof. A demand is not always required for all scams, but it can help show that the accused failed or refused to comply after receiving payment.

7. Platform Reports

Attach copies or screenshots of reports submitted to Facebook, Instagram, TikTok, Telegram, Viber, WhatsApp, Shopee, Lazada, Carousell, email providers, web hosts, domain registrars, or other platforms.

8. Bank or E-Wallet Ticket Numbers

Attach complaint ticket numbers and replies from financial institutions.

9. Witnesses

If another person saw the transaction, participated in the conversation, referred the seller, or suffered the same scam, include their affidavit if possible.

VII. Importance of Electronic Evidence Rules

Electronic evidence is admissible in Philippine proceedings if properly authenticated. The victim should be prepared to explain how the screenshots, messages, receipts, and digital files were obtained and why they are accurate.

Best practices include:

  • Keep original messages in the app.
  • Save screenshots with visible date, time, username, and profile details.
  • Save the original files, receipts, PDFs, emails, and downloaded records.
  • Do not edit screenshots except for separate redaction copies.
  • Keep the device used for the transaction.
  • Record the date and time when screenshots were taken.
  • Print copies for filing, but keep digital originals.

A mere screenshot may be helpful, but investigators and prosecutors may ask for additional authentication. The more complete the evidence trail, the stronger the complaint.

VIII. Drafting the Complaint-Affidavit

The complaint-affidavit is the core document. It should be clear, chronological, and factual.

Suggested Structure

  1. Personal circumstances of the complainant.
  2. Statement that the respondent is unknown but used specific online identifiers.
  3. How the scam began.
  4. The false representations made by the scammer.
  5. The payment or transfer made by the complainant.
  6. The damage suffered.
  7. The scammer’s failure to deliver, refund, or perform.
  8. Efforts to contact the scammer.
  9. Reports made to banks, e-wallets, platforms, or law enforcement.
  10. Request for investigation and prosecution.
  11. List of attached evidence.
  12. Verification and jurat before an authorized officer.

IX. Sample Allegation for Unknown Scammer

A complaint may include language similar to the following:

I am filing this complaint against the person or persons whose true names and present addresses are presently unknown, but who used the online account name “[Account Name],” username “[Username],” mobile number “[Number],” e-wallet account “[Account Details],” bank account “[Bank Details],” email address “[Email],” and/or other digital identifiers described in this affidavit. For convenience, I refer to said person or persons as “John Doe/Jane Doe” until their true identities are determined through investigation.

This makes clear that the complaint is directed at the real person behind the account, not merely the fake online identity.

X. Sample Chronological Narrative

A simplified factual narrative may look like this:

On [date], I saw an online post by the account “[account name]” offering [item/service/investment/job/loan/etc.]. I contacted the account through [platform]. The person represented that [state promise or false representation]. Relying on these representations, I sent the amount of PHP [amount] through [bank/e-wallet/remittance] to [recipient details] on [date and time].

After payment, the respondent failed to deliver [item/service/return/refund]. The respondent then [blocked me/stopped replying/gave excuses/demanded more money/deleted the account]. I later discovered that the transaction was fraudulent. I suffered damage in the amount of PHP [amount], exclusive of other expenses and inconvenience.

I preserved screenshots of the conversation, transaction receipts, account profile, payment instructions, and related records, which are attached to this affidavit.

XI. How Investigators May Identify an Unknown Scammer

Unknown scammers may be traced through several sources, subject to lawful processes:

  • Bank or e-wallet account registration records.
  • Know-your-customer documents.
  • Mobile number subscriber data.
  • Platform account records.
  • Login records and device identifiers.
  • IP-related logs.
  • Transaction history and fund movement.
  • CCTV footage from cash-out points, where applicable.
  • Remittance claim records.
  • Linked accounts or repeated scam patterns.
  • Other victims’ complaints.

Victims generally cannot compel private companies to disclose confidential user information on their own. Law enforcement or prosecutors may need to use appropriate legal processes.

XII. The Role of Banks and E-Wallet Providers

Banks and e-wallet providers are crucial in online scam cases because payments often leave a trace. The victim should report immediately and request:

  • Account freezing or holding, if possible.
  • Investigation of the recipient account.
  • Preservation of account and transaction records.
  • Copy of the transaction confirmation.
  • Complaint reference number.
  • Written response or certification, if available.

A quick report increases the chance of preserving funds or tracing the recipient. However, recovery is not guaranteed. Scammers often withdraw or transfer funds quickly.

XIII. Money Mules and Account Holders

Many online scams use “money mule” accounts. A money mule is a person whose bank or e-wallet account is used to receive or move scam proceeds. The account holder may be directly involved, negligent, deceived, recruited, or also a victim. For this reason, the complaint should avoid unsupported conclusions and should state the facts: the money was sent to a particular account, and investigation is requested to determine who controlled or benefited from it.

The account holder may still become a respondent if evidence shows participation, knowledge, conspiracy, or benefit from the fraudulent transaction.

XIV. Venue and Jurisdiction Issues

Online scams may involve multiple places: where the victim is located, where the scammer is located, where the bank or e-wallet account is maintained, where the transaction was received, or where the computer system was accessed. Cybercrime cases can raise venue questions because the acts occur through digital systems.

As a practical matter, victims usually begin by reporting to the nearest cybercrime office, police station, NBI office, or prosecutor’s office. The proper venue may later be assessed by law enforcement or prosecutors based on the facts and evidence.

XV. Prescription and Timeliness

Victims should report promptly. Delay can make it harder to preserve platform records, bank records, device logs, and transaction trails. Some platforms delete or limit access to logs after time passes. Financial institutions may also have internal reporting windows for disputed transactions.

Even if some time has passed, the victim may still report the matter. The sooner the complaint is filed, the better the chances of tracing the scammer.

XVI. Civil Recovery and Restitution

A criminal complaint aims to prosecute the offender. Recovery of money may occur through restitution, settlement, court order, or separate civil action, depending on the case. Filing a criminal complaint does not automatically guarantee immediate refund.

Possible recovery routes include:

  • Bank or e-wallet reversal, if still possible.
  • Voluntary refund after identification.
  • Restitution in criminal proceedings.
  • Civil action for collection or damages.
  • Small claims, if the facts fit and the respondent is known.
  • Marketplace or platform buyer protection, if applicable.

If the scammer remains unknown, recovery is usually difficult until the recipient or responsible persons are identified.

XVII. Difference Between a Complaint, Blotter, and Prosecutor’s Case

A police blotter is a record that an incident was reported. It is not the same as a full criminal complaint for prosecution.

A cybercrime report may initiate investigation. It may lead to subpoenas, coordination with platforms or financial institutions, and evidence-gathering.

A prosecutor’s complaint is a formal request for criminal prosecution, usually supported by a complaint-affidavit and evidence. If the respondent is identified, the prosecutor may conduct preliminary investigation if required by law.

XVIII. Practical Checklist for Victims

Before going to the PNP, NBI, or prosecutor’s office, prepare the following:

  • Valid government ID.
  • Printed complaint-affidavit.
  • Digital and printed screenshots.
  • Transaction receipts.
  • Bank or e-wallet account details of recipient.
  • Scammer’s profile URL, username, mobile number, email, QR code, or website.
  • Proof of platform report.
  • Proof of bank or e-wallet report.
  • Timeline of events.
  • Names and contact details of witnesses.
  • Device used in the transaction, if available.
  • USB drive or cloud folder containing evidence, if accepted by the receiving office.

XIX. Template: Complaint-Affidavit for Online Scam with Unknown Scammer

REPUBLIC OF THE PHILIPPINES [CITY/PROVINCE] S.S.

COMPLAINT-AFFIDAVIT

I, [Full Name], of legal age, Filipino, single/married, and residing at [address], after being duly sworn, state:

  1. I am the complainant in this case.

  2. I am filing this complaint against the person or persons whose true names and addresses are presently unknown, but who used the online account name “[account name]”, username “[username]”, mobile number [number], email address [email], bank/e-wallet account [account details], and other identifiers described in this affidavit. I refer to said person or persons as John Doe/Jane Doe until their true identities are determined.

  3. On or about [date], I encountered the respondent through [platform/app/website], where the respondent represented that [state representation: e.g., they were selling an item, offering an investment, hiring applicants, processing a loan, etc.].

  4. The respondent told me that [specific false statement or promise]. Attached as Annex “A” are screenshots of the respondent’s profile/account. Attached as Annex “B” are screenshots of our conversation.

  5. Relying on the respondent’s representations, I sent the amount of PHP [amount] through [bank/e-wallet/remittance/payment method] to [recipient name/account number/mobile number] on [date and time]. Attached as Annex “C” is the proof of payment.

  6. After receiving payment, the respondent failed to [deliver the item/provide the service/return the investment/refund the money/etc.]. Instead, the respondent [stopped replying/blocked me/deleted the account/gave excuses/demanded additional payment].

  7. I repeatedly tried to contact the respondent and demanded [delivery/refund/explanation], but the respondent failed and refused to comply. Attached as Annex “D” are screenshots of my follow-up messages and the respondent’s replies or lack of reply.

  8. I later discovered that I had been deceived and that the transaction was fraudulent. As a result, I suffered damage in the amount of PHP [amount], exclusive of other expenses and damages.

  9. I reported the matter to [bank/e-wallet/platform] on [date], with reference number [ticket/reference number]. Attached as Annex “E” is proof of said report.

  10. I respectfully request the proper authorities to investigate this matter, identify the person or persons behind the above-mentioned accounts and transactions, and prosecute them for the appropriate offenses, including estafa and cybercrime-related offenses, as may be warranted by the evidence.

  11. I am executing this affidavit to attest to the truth of the foregoing and to support the filing of the appropriate criminal complaint.

IN WITNESS WHEREOF, I have signed this Complaint-Affidavit on [date] at [place], Philippines.

[Signature] [Full Name] Affiant

SUBSCRIBED AND SWORN to before me on [date] at [place], affiant exhibiting to me competent evidence of identity: [ID details].

[Administering Officer / Notary Public]

XX. Suggested Annex List

  • Annex A: Screenshot of scammer’s profile, page, account, or listing.
  • Annex B: Screenshots of conversation.
  • Annex C: Proof of payment or transaction receipt.
  • Annex D: Follow-up messages, demands, blocking, or non-response.
  • Annex E: Bank, e-wallet, or platform report.
  • Annex F: Other victim reports, if any.
  • Annex G: Timeline of events.
  • Annex H: Copy of complainant’s valid ID.

XXI. Common Mistakes to Avoid

1. Deleting the Conversation

Victims sometimes delete conversations out of anger or embarrassment. This weakens the case. Preserve everything.

2. Relying Only on Screenshots

Screenshots are useful but should be supported by original links, transaction records, account identifiers, and platform or bank reports.

3. Sending More Money

Scammers often continue the fraud by promising refunds or delivery in exchange for another fee. Do not send more money.

4. Posting Accusations Without Verification

Publicly accusing a named person may create legal risk, especially if the account was hacked or the bank account belongs to a mule. Report to authorities instead.

5. Waiting Too Long

Digital traces may disappear. Report immediately.

6. Failing to Record the Exact URL

A display name is often not enough. Save the exact profile link, page URL, username, phone number, email address, and account details.

XXII. Frequently Asked Questions

1. Is an online seller’s failure to deliver always estafa?

Not always. A mere breach of contract is different from criminal fraud. Estafa generally requires deceit or fraudulent intent. However, if the seller never intended to deliver, used fake identity, made false representations, blocked the buyer after payment, or repeated the same scheme against others, the facts may support a criminal complaint.

2. What if the amount is small?

A complaint may still be filed. The amount affects penalty and practical enforcement, but small-value scams are still unlawful. Multiple small scams may also show a pattern.

3. What if the scammer used a fake name?

The complaint may still proceed as a complaint against an unknown person using specified online identifiers. Investigation may later reveal the true identity.

4. Can the bank or e-wallet disclose the account holder’s identity directly to the victim?

Usually, financial institutions are cautious because of privacy and confidentiality rules. Disclosure may require lawful process or coordination with authorities.

5. Can the victim recover the money immediately?

Recovery is not guaranteed. Immediate reporting improves chances, but scammers often move funds quickly.

6. Should the victim file with both PNP and NBI?

A victim may seek assistance from either. Filing multiple reports may be possible, but it is important to keep records organized and avoid confusion. If one agency is already handling the matter, disclose prior reports.

7. What if the scammer is abroad?

The complaint may still be reported. Cross-border enforcement is more complex and may require coordination through appropriate channels.

8. What if the scam happened on Facebook Marketplace, Telegram, or another platform?

The platform should be reported to, but a platform report is not a substitute for a law enforcement complaint. Preserve the account URL, chat, listing, and transaction records.

XXIII. Legal Strategy Considerations

A well-prepared complaint should focus on the essential elements of fraud:

  1. The scammer made a false representation.
  2. The victim relied on that representation.
  3. The victim transferred money, property, or value.
  4. The scammer failed to perform and caused damage.
  5. The use of online systems enabled or facilitated the offense.

Where the scammer is unknown, the complaint should emphasize traceable identifiers and ask for investigation. The victim should avoid speculation and focus on facts supported by evidence.

XXIV. Conclusion

A cybercrime complaint for an online scam may be filed in the Philippines even when the scammer’s true identity is unknown. The complaint should identify the scammer through available online and financial identifiers, preserve electronic evidence, document the transaction, and request investigation by the proper authorities.

The strength of the case depends heavily on the quality of the evidence. Screenshots, transaction receipts, account URLs, payment details, platform reports, and bank or e-wallet records are crucial. Victims should act quickly, preserve original digital evidence, report to financial institutions and platforms, and seek assistance from cybercrime authorities or legal counsel.

An unknown scammer is not beyond legal reach. Digital fraud often leaves trails. A clear, well-documented complaint gives investigators and prosecutors the best chance to identify the offender, establish the fraudulent scheme, and pursue the appropriate criminal remedies.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login