Discovering that someone is impersonating you through email—using your name, email address, or personal details to contact your family, friends, colleagues, or clients—can feel like a profound violation of your privacy and trust. Scammers often spoof your address or create convincing look-alike accounts to send urgent pleas for money, sensitive information, or to spread malware. In the Philippines, this is not just a nuisance; it constitutes a specific cybercrime. You can and should report it. This article explains the exact legal basis, your practical rights, and the clear, actionable steps to report email impersonation scams to Philippine authorities so you can protect yourself, warn others, and support any investigation.

What Constitutes Email Impersonation or Identity Theft via Email

Email impersonation scams typically involve spoofing (faking the “From” address so messages appear to come from you) or the creation of fake accounts that closely mimic your real email or name. The goal is usually to defraud recipients—your contacts—by pretending you are in distress, owe money, or need urgent help with a transaction.

Common real-world examples include:

• An email to your relatives abroad or in the provinces claiming you were robbed or hospitalized and need immediate GCash, bank transfer, or remittance.
• Business email compromise-style messages to clients or partners using your professional name and signature to request invoice payments to a new account.
• Phishing attempts sent “from you” that trick recipients into clicking malicious links or revealing credentials.

Even without hacking your actual account, the unauthorized use of your identifying information (name, email pattern, personal details, or likeness in the message) qualifies as a crime. Recipients may suffer financial loss while you face reputational harm, emotional distress, and potential escalation if the scammer later uses the same identity for further fraud.

Legal Basis: Computer-Related Identity Theft Under Republic Act No. 10175

The primary law addressing this is Republic Act No. 10175, the Cybercrime Prevention Act of 2012. Section 4(b)(3) specifically defines and penalizes:

“Computer-related Identity Theft. – The intentional acquisition, use, misuse, transfer, possession, alteration or deletion of identifying information belonging to another, whether natural or juridical, without right.”

Identifying information includes your name, email address, personal details, or any data that can be used to impersonate you. The law applies whether the scammer obtained the information through hacking, data breaches, social engineering, or public sources and then misused it via email or other computer systems.

Penalties (Section 8): Imprisonment of prision mayor (6 years and 1 day to 12 years) or a fine of at least ₱200,000 up to an amount commensurate with the damage caused, or both. If no damage has occurred yet, the penalty is lowered by one degree.

The Supreme Court upheld the constitutionality of this provision in Jose Disini, Jr., et al. v. The Secretary of Justice, et al., G.R. No. 203335 (February 18, 2014).

Other possible related offenses include:

• Computer-related fraud (Section 4(b)(2)) if the impersonation involved unauthorized input or alteration causing damage with fraudulent intent.
• Estafa (swindling) under Article 315 of the Revised Penal Code if money or property was actually obtained through deceit.
• Cyber libel (Section 4(c)(4)) in rare cases where the messages also defame you.

Jurisdiction lies with the Regional Trial Courts, with designated special cybercrime courts. Philippine courts have jurisdiction if any element of the offense occurred in the Philippines, if damage was caused to a person in the Philippines at the time, or if the offender is a Filipino national regardless of where the act was committed (Section 21).

The Rule on Cybercrime Warrants (Supreme Court A.M. No. 17-11-03-SC, effective August 15, 2018) provides specialized procedures for preservation of computer data, disclosure of computer data (crucial for obtaining logs and subscriber information from email providers), interception, and search/seizure/examination of computer data. These warrants are typically valid for 10 days and help authorities trace spoofed emails or linked accounts.

You also have civil remedies under the Civil Code (Articles 19, 20, and 21 on abuse of rights and acts contrary to good morals) for actual damages, moral damages, and exemplary damages if you suffered quantifiable harm or distress.

Step-by-Step Guide to Reporting Email Impersonation Scams

Act quickly—digital evidence can be deleted by providers after a period, and early reporting allows better coordination to warn recipients or freeze funds if money moved.

1. Preserve all evidence immediately. Do not delete anything. Take full screenshots showing sender address, recipient(s), subject line, date/time, full body text, any links or attachments, and signature. For stronger evidence, obtain the full email headers (in Gmail: open message → three dots → “Show original”; save or screenshot the entire page including authentication results like SPF/DKIM/DMARC). Forward the message as an attachment (.eml file) if possible rather than inline. Note the exact time you discovered it and any impact (e.g., which contacts were affected and whether anyone sent money).

2. Notify and warn your contacts. Message or call the people most likely targeted (family, close friends, business associates) and tell them the email is fake. Ask them to delete it, not click links, and report it if they received it. This limits further harm and creates additional witnesses.

3. Report to the email service provider. Use the platform’s built-in abuse or phishing report feature (Gmail, Outlook, Yahoo, etc.). For Google, you can also email abuse@google.com with details. This helps the provider investigate or suspend the sending account or domain.

4. Call the central Inter-Agency Response Center (I-ARC) Hotline 1326. This 24/7 hotline, operated under the Cybercrime Investigation and Coordinating Center (CICC) with DICT, PNP, NBI, and others, serves as the first point of contact for scams including impersonation. They can coordinate real-time actions such as flagging suspicious accounts with banks or e-wallets. Alternative numbers: Smart 0947-714-7105, Globe 0966-976-5971, DITO 0991-481-4225. You can also report via cicc.gov.ph/report/ or email report@cicc.gov.ph. Provide a concise summary and reference number for follow-up.

5. File a formal complaint with the PNP Anti-Cybercrime Group (ACG) or NBI Cybercrime Division. These are the primary investigative agencies for cybercrimes like identity theft.

   • PNP ACG (recommended starting point for most email impersonation cases): Visit or check acg.pnp.gov.ph for the online eComplaint or reporting facility. Email complete documents to acg@pnp.gov.ph (clear subject: “Cybercrime Complaint – Email Impersonation/Identity Theft – [Your Full Name] – [Date]”). Or call (02) 8414-1560 / mobile lines such as 0998-598-8116, or visit the nearest ACG office (main at Camp Crame, Quezon City, or regional units).
   • NBI Cybercrime Division: Email ccd@nbi.gov.ph or visit the nearest NBI office / cybercrime.gov.ph portal. They excel at complex digital tracing.

6. Prepare and submit your documents. You will typically need:

   • Scanned or photocopied valid government-issued ID (passport, driver’s license, PhilID, UMID, or voter’s ID).
   • A notarized Complaint-Affidavit (Sinumpaang Salaysay) detailing your personal information, a clear chronological narration of facts (when and how you discovered the emails, description of content and recipients, how it uses your identity, any harm suffered), a list of attached evidence, and a request for investigation and prosecution.
   • Organized evidence files (PDF preferred): numbered screenshots, email headers or .eml files, list of affected contacts, proof of any financial or other damage.
   • Your current contact details and a summary of steps already taken (e.g., notified contacts, reported to email provider).

   Submit as a complete package. Many victims successfully start with the online portal or email submission.

7. If you are abroad or an OFW. The process is the same—you can submit online or via email. For the notarized affidavit, have it executed before a Philippine consul (consular notarization) or notarized locally and apostilled under the Hague Apostille Convention (Philippines is a party). DFA apostille services are available. Many embassies or consulates can guide OFWs on initial reporting.

8. Follow up and cooperate. Keep your reference or tracking number. Investigators may ask for more details, device access for forensic examination, or statements from affected contacts. They can apply for cybercrime warrants to obtain data from email providers, ISPs, or financial institutions. If there is financial loss, also immediately report to your bank or e-wallet (GCash, Maya, etc.) and reference the police report—they coordinate with authorities on freezes under relevant anti-fraud rules.

Investigations are free. Beware of anyone contacting you claiming to be from PNP, NBI, or CICC and asking for “fees,” “processing charges,” or personal details—these are secondary scams. Official assistance never requires payment.

Common Pitfalls, Challenges, and Real-Life Scenarios

Many victims delay reporting because they feel embarrassed or assume “nothing can be done” if the email was spoofed. Spoofing makes direct tracing harder, but authorities can still investigate patterns, linked accounts, money trails, and coordinate internationally. Incomplete evidence (missing headers or context) weakens cases, so preserve everything thoroughly.

Secondary victimization is common—scammers monitor reports and pose as investigators. Always verify through official channels only.

For OFWs and foreigners: Time differences, documentation requirements (apostille), and cross-border enforcement can slow things, but online submission options and inter-agency coordination (including with Interpol or mutual legal assistance) help. If the scammer is foreign, success depends on identifying them and international cooperation, but reporting still creates an official record and may stop further activity.

Business contexts (e.g., your professional identity used in invoice fraud) often involve larger sums and may require faster coordination with banks.

Key Agencies, Documents, and Practical Realities

Primary reporting channels (use only official .gov.ph domains and verified pages):

• CICC I-ARC Hotline 1326 — First call for coordination and quick intervention.
• PNP Anti-Cybercrime Group — acg.pnp.gov.ph (online reporting), acg@pnp.gov.ph, (02) 8414-1560.
• NBI Cybercrime Division — ccd@nbi.gov.ph or nearest NBI office.

Core documents: Valid ID + notarized Complaint-Affidavit + organized evidence. Notary fees are modest (typically ₱100–500). No filing fees for the criminal complaint itself.

Timelines: Hotline response is immediate for initial coordination. Formal case intake and initial investigation often take days to a few weeks. Full digital forensics and court filing can take several months depending on complexity, volume of evidence, and court docket. Prompt reporting improves outcomes.

Frequently Asked Questions

Can I report an email impersonation scam even if no money was lost and no one was defrauded yet?
Yes. The offense of computer-related identity theft under RA 10175 is complete upon the intentional unauthorized use or misuse of your identifying information. Damage is not required for criminal liability, although the penalty is lower if none occurred. Reporting helps stop the activity and builds a record.

How do I obtain email headers as evidence?
In Gmail, open the message, click the three dots → “Show original,” then save the page or copy the full text. Similar options exist in Outlook and other clients (look for “View message details” or “Internet headers”). Full headers show routing information that investigators use even in spoofed cases. Screenshots of the “Show original” view are helpful backups.

What if the scammer is located overseas or uses foreign servers?
Philippine authorities can still investigate, especially if damage occurred in the Philippines or the offender is Filipino. They coordinate through international channels. Reporting creates an official record and may lead to disruption of the operation even if immediate arrest is difficult.

Is reporting to PNP ACG or NBI free? Are there any hidden costs?
Yes, filing complaints and investigations by PNP ACG and NBI are free of charge. The only typical costs are modest notary fees for your affidavit and, if abroad, apostille or consular fees. Never pay anyone claiming to “expedite” or “investigate” on your behalf.

How long does a typical investigation take, and will I be updated?
Initial assessment and evidence gathering can begin within days. Complex cases involving digital forensics or multiple jurisdictions take longer—often several months before charges are filed, if warranted. You should receive a reference number and can follow up using official channels. Investigators may contact you for additional statements.

Should I change my email address or password after this happens?
Yes, as a precaution. Enable two-factor authentication (preferably app-based or hardware key, not SMS) on all important accounts. If you suspect your actual account was compromised (not just spoofed), immediately use the provider’s account recovery process and report it. Warn contacts not to trust any future unexpected emails “from you.”

Can I file a civil case for damages in addition to the criminal report?
Yes. You may pursue a separate or consolidated civil action for actual damages (if any financial or out-of-pocket loss), moral damages (for anxiety, distress, reputational harm), and exemplary damages. Consult a lawyer for this; many start with the criminal complaint, which can support the civil claim.

What if affected contacts already sent money—can anything be done?
Report immediately to their bank or e-wallet and to the 1326 hotline or PNP ACG, providing transaction details. Under anti-fraud mechanisms, funds can sometimes be frozen or traced if reported quickly. Your police report strengthens their claim for reversal or reimbursement.

How can I protect myself and my contacts going forward?
Educate your circle: Tell them never to act on urgent money requests via email or text without independent verification (call you on a known number). Use unique strong passwords and 2FA everywhere. Be cautious with personal information shared online. Consider email authentication settings (SPF/DKIM/DMARC) if you manage a domain.

Key Takeaways

• Email impersonation using your name or identity is computer-related identity theft under Section 4(b)(3) of Republic Act No. 10175 and is punishable by imprisonment and fines.
• Preserve evidence first—full screenshots plus email headers are critical for tracing and prosecution.
• Start with the 1326 I-ARC hotline for immediate coordination, then file a formal complaint with PNP Anti-Cybercrime Group (acg.pnp.gov.ph or acg@pnp.gov.ph) or NBI Cybercrime Division.
• Prepare a notarized Complaint-Affidavit, valid ID, and organized evidence; the process is free through official channels.
• Authorities can use cybercrime warrants to obtain data from providers; prompt reporting improves results.
• OFWs and foreigners abroad can report online or via email, with apostille or consular notarization for formal documents.
• Beware of secondary scams—official investigations never require payment from victims.
• You have both criminal and civil remedies; acting methodically empowers you to stop the abuse and seek accountability.

Reporting these incidents not only helps you but also protects the wider community from similar schemes. Many victims who document thoroughly and report promptly see meaningful action from Philippine cybercrime units. Start with evidence preservation and the 1326 hotline today.