How to File a Complaint for Online Fraud in the Philippines

How to File a Complaint for Online Fraud in the Philippines

A practical, step-by-step legal guide for victims, families, and counsel. Philippine laws cited include the Cybercrime Prevention Act (RA 10175), the Revised Penal Code (RPC) on estafa, the Data Privacy Act (RA 10173), the E-Commerce Act (RA 8792), the Access Devices Regulation Act (RA 8484), and the Financial Consumer Protection Act (RA 11765), among others. This article is general information, not legal advice.

At-a-Glance (Quick Start)

  1. Secure your money & accounts immediately. Contact your bank/e-wallet/card issuer to dispute/recall the transfer, freeze suspect accounts, reset passwords, and enable 2FA. Ask how to file an Affidavit of Fraud.

  2. Preserve evidence now. Take full-screen screenshots, save message threads (with timestamps/URLs), download bank statements/receipts, export chat/email copies, and keep device logs. Do not delete chats or reset devices.

  3. Report to platforms. Use in-app/website report tools to flag the seller/profile/pages and request takedown. Keep ticket numbers and email acknowledgments.

  4. File a criminal complaint with law enforcement or the prosecutor.

    • NBI Cybercrime Division or PNP Anti-Cybercrime Group (ACG) to investigate and help build the case.
    • Or proceed directly to the Office of the City/Provincial Prosecutor with a Complaint-Affidavit and annexes.

  5. Consider parallel complaints with regulators where applicable:

    • BSP (banks/e-wallets), SEC (investment offerings), DTI (consumer sales/deceptive practices), IC (insurance), NPC (data privacy breaches).

  6. Evaluate civil remedies. Demand letter, small claims (up to the current Supreme Court threshold; check latest), or ordinary civil action for damages.

What Counts as “Online Fraud”?

Common fact patterns include:

  • Online selling scams (paid, no delivery/substituted goods; fake courier tracking)
  • Phishing/SMiShing/Vishing (capturing OTPs, passwords)
  • Account takeover/unauthorized transfers (bank/e-wallet/crypto)
  • Investment scams (Ponzi, unregistered securities, guaranteed returns)
  • Identity theft/impersonation to obtain money or benefits
  • Credit/debit card and access device fraud
  • Auction/marketplace, social media, gaming or gig-work scams
  • Romance/“pig-butchering” crypto scams

Possible Criminal Titles (illustrative)

  • Estafa (swindling) under the RPC (often the base offense in online deals)
  • Computer-related fraud & identity theft under RA 10175
  • Access devices fraud under RA 8484
  • Unfair/Deceptive trade practices (admin liability via DTI/SEC)
  • Data Privacy offenses under RA 10173 (if personal data is misused)

Penalties depend on the exact offense and amounts involved (e.g., estafa scales as amended by RA 10951).

The Legal Bases You’ll Rely On

  • RA 10175 (Cybercrime Prevention Act). Penalizes computer-related fraud/identity theft; provides data preservation (service providers must preserve traffic data for limited periods upon lawful request), specialized search/seizure of computer data with warrants, and jurisdiction/venue rules recognizing that cybercrimes occur where any element transpired or where computer systems are located.

  • Revised Penal Code (Estafa, Art. 315) (as amended by RA 10951 for amounts/penalties).

  • RA 10173 (Data Privacy Act). For breaches or unlawful processing of personal data; administrative and criminal liability; complaints before the National Privacy Commission (NPC).

  • RA 8792 (E-Commerce Act). Recognizes electronic documents/transactions; duties of service providers.

  • RA 8484 (Access Devices Regulation Act). For card/access device crimes.

  • RA 11765 (Financial Consumer Protection Act). Lets BSP/SEC/IC act on complaints and order remediation against supervised institutions.

  • Rules on Electronic Evidence (A.M. No. 01-7-01-SC). Governs how screenshots, emails, chats, metadata, and logs are authenticated and presented in court.

Where to File (and Why)

Goal Where to File When to Use
Criminal investigation & prosecution NBI Cybercrime or PNP-ACG; later the City/Provincial Prosecutor; then the Regional Trial Court (Cybercrime Court) Identity is unknown; you need subpoenas, preservation requests, coordination with platforms, tracing of IPs/accounts, or arrest/charges
Bank/e-wallet reversal, refund, account freezes Your Bank/E-Money Issuer/Card Network (per dispute rules); BSP for escalations Unauthorized transfers, phishing, card-not-present fraud
Investment or lending scams SEC – Enforcement & Investor Protection Unregistered securities, illegal investment schemes
Consumer sales/online merchant issues DTI Deceptive sales, non-delivery, false ads
Insurance-related Insurance Commission (IC) Fraud involving insurance products
Data privacy breach/identity theft aspects NPC Unlawful processing, doxxing, leaks
Civil recovery (money back) Small Claims Court / Civil Action To recover sums/damages even if criminal case proceeds or is not feasible

Tip: You can pursue criminal, regulatory, and civil tracks in parallel.

Step-by-Step: From Incident to Filing

1) Triage & Account Security (immediately)

  • Call your bank/e-wallet/card issuer to dispute the transaction and request freeze/recall if funds remain. Ask for the case reference and requirements (e.g., Affidavit of Fraud).
  • Change passwords; enable 2FA; de-authorize sessions; scan devices for malware.
  • If a SIM is involved, coordinate with your telco (SIM replacement, block).

2) Preserve Evidence (Day 0–1)

  • Screenshots: capture entire screens (include URL bars, timestamps, handles).
  • Chats/Emails: export/download in full; keep headers if possible.
  • Payments: save transaction slips, statements, e-receipts, tracking numbers.
  • Files/Media: save originals; avoid re-compressing.
  • Hashing (optional but helpful): compute SHA-256 for key files to prove integrity.
  • Evidence Log: maintain a simple table: Item No., What it is, Date/Time captured, Where stored, Hash (if any), Notes.
  • Do not edit/forward messages in ways that alter timestamps.

3) Report to Platforms (Day 0–2)

  • Use in-app “Report” or help centers. Request takedown of fraudulent listings/profiles and preservation of logs (your investigator/prosecutor can later send formal requests).

4) Coordinate with Law Enforcement (Day 1–7)

  • Go to NBI Cybercrime or PNP-ACG office. Bring government ID and all evidence (USB/cloud folder).
  • Ask officers to issue data preservation requests to platforms/providers and to start case build-up (subpoenas, KYC pulls, IP/account tracing).

5) Prepare the Criminal Complaint-Affidavit

  • A clear, chronological narration: who, what, when, where, how, amount lost, links/accounts used, platform tickets, and why it’s fraud (deceit + damage, or the specific cybercrime elements).
  • Attach Annexes: screenshots, receipts, chat/email exports, bank docs, ID, and your Evidence Log.
  • Include prayer (what you ask for: filing of charges, restitution, issuance of warrants/subpoenas).
  • Subscribe and swear to your complaint before a prosecutor, investigating officer, or a notary (check local practice).
  • If identity is unknown, name “John/Jane Doe” and describe the handle/account; charges can be amended when identity surfaces.

6) Filing Channels

  • Law Enforcement Route: File with NBI/PNP; they investigate and endorse to the Prosecutor.
  • Direct to Prosecutor: You or your counsel files at the Office of the City/Provincial Prosecutor having venue (see Jurisdiction & Venue below).

7) What Happens After Filing (Pre-Court)

  • Inquest (if suspect is arrested/detained) or Preliminary Investigation (if not).
  • The prosecutor issues a Subpoena for the respondent’s Counter-Affidavit and conducts clarifications.
  • A Resolution follows: dismissal or Information is filed in court.
  • The court may issue warrants; arraignment, pre-trial, and trial stages follow.

Jurisdiction & Venue (Where You Can File)

  • For cybercrimes, venue is flexible: any place where any element of the offense occurred (e.g., where the victim was deceived, where money was sent/received, where the device or platform server relevant to the act is located) or where any part of the computer system was used.
  • If multiple cities are involved, you may choose a venue that is reasonable and supported by your evidence (e.g., your city where you paid and received the deceitful messages).
  • Specialized Cybercrime courts (Regional Trial Courts) hear these cases after the prosecutor files the Information.

Evidence: Making E-Evidence “Stick”

  • Admissibility: Under the Rules on Electronic Evidence, electronic data (emails, chats, screenshots, logs) are admissible if properly authenticated (someone with knowledge identifies them; system or hash evidence helps).
  • Printouts of electronic records are acceptable if shown to be accurate representations of the originals.
  • Ephemeral communications (calls, voice messages, SMS) can be proved by testimony of a person who received or made them, supported by device records or telco certifications.
  • Chain of custody: keep files in a read-only folder; record who handled copies and when.
  • Preservation: Law enforcement can request traffic data preservation (typically for defined periods) and seek warrants to examine computer data.

Parallel Regulatory Complaints (When Helpful)

  • BSP (banks/e-wallets): for unauthorized transfers, account handling, dispute resolution, and potential restitution under consumer protection rules.
  • SEC: report investment solicitations, unregistered securities, and “guaranteed return” schemes.
  • DTI: deceptive sales, price/false advertising, non-delivery by online merchants.
  • Insurance Commission: fraud tied to insurance products.
  • National Privacy Commission: identity theft, data breaches, unlawful disclosure/processing.

Keep reference numbers and copies of regulatory complaints; prosecutors can use them as corroboration.

Civil Remedies: Getting Your Money Back

  • Demand Letter (often first step): sets out facts, legal basis, and a deadline to pay/return the money.
  • Small Claims: sue for money claims up to the current Supreme Court threshold (verify the latest cap and rules). Lawyer representation is generally not allowed; decisions are fast and final (no appeal).
  • Ordinary Civil Action: if over the small-claims cap or with complex damages (moral/exemplary damages, attorney’s fees).
  • Provisional Remedies (through counsel): writ of attachment/garnishment to secure assets, subject to bonds and court discretion.

Prescriptive periods (Civil Code): typically 10 years for written contracts, 6 years for oral contracts, 4 years for quasi-delicts and injuries to rights. Act promptly even if criminal proceedings are ongoing.

If the Scammer Is Anonymous or Abroad

  • Still file. RA 10175 allows extraterritorial reach where elements occur in the Philippines or Philippine systems are used.
  • Investigators can use mutual legal assistance channels to request platform/bank data abroad.
  • Practical tip: Focus on local touchpoints (recipient bank/e-wallet accounts, delivery addresses, local accomplices, money mules) for faster action and asset freezes.

Costs, Timelines, and Expectations

  • Criminal complaints: no filing fees; investigations and preliminary investigation can take weeks to months depending on complexity.
  • Regulatory response times vary by agency and case load.
  • Civil timelines depend on docket and remedy chosen (small claims is quickest).
  • Recovery odds drop quickly** as funds are cashed out—act within hours if possible.

Common Pitfalls (Avoid These)

  • Deleting chats or resetting phones (you may destroy crucial metadata).
  • Partial screenshots (crop out URLs/timestamps) — always capture the whole context.
  • Late bank dispute (missed recall/freeze windows).
  • Filing in the wrong venue without tying an element of the crime to that place.
  • Relying only on platform reports and not filing with law enforcement.
  • Paying more to “unlock” your funds — a hallmark of continuing fraud.

Templates & Checklists

A. Complaint-Affidavit (Outline)

  1. Title/Heading (Name vs. Name/“John/Jane Doe”)

  2. Affiant’s Identity (name, age, address, ID details)

  3. Jurisdiction & Venue (why filed here)

  4. Facts (Chronological)

    • Discovery of the offer/post/communication
    • Messages/emails exchanged (quote key lines)
    • Payment details (date, time, amount, channels)
    • Non-delivery/ deception specifics
    • Loss suffered and attempts to contact/respondent

  5. Legal Basis (e.g., Estafa under RPC; Cybercrime – computer-related fraud/identity theft under RA 10175; Access Devices law; E-Commerce Act)

  6. Investigative Leads (handles, phone numbers, bank/e-wallet accounts, IPs, device IDs, platform tickets)

  7. Prayer (file appropriate charges; issue subpoenas/warrants; order arrest; restitution)

  8. Verification & Attestation (that facts are true)

  9. Signature & Jurat (subscribed and sworn before the proper officer)

Annexes: A – Screenshots (with index) B – Chat/email exports C – Payment proofs/statements D – Platform report receipts E – ID and contact info of affiant F – Evidence Log (see below)

B. Evidence Log (Starter Table)

Item No. Description Source/URL/Handle Date & Time Captured File Name/Hash (if any) Notes

C. Demand Letter (Civil)

  • Parties & addresses
  • Factual background (concise)
  • Legal basis (breach/estafa/cyber-fraud)
  • Amounts due + deadline to pay (e.g., 5–10 banking days)
  • Consequences (civil/criminal action, costs, damages)
  • Mode of payment and where to remit
  • Signature and proof of delivery

Barangay Conciliation: Does It Apply?

  • Criminal complaints for cybercrime/estafa with penalties above the barangay threshold generally do not require barangay conciliation.
  • Civil money claims between residents of the same city/municipality might require barangay mediation unless an exception applies (e.g., parties live in different cities, government party involved, urgent relief). When in doubt, check if a Certificate to File Action is needed for your civil case.

Practical Questions (FAQ)

  • Do I need a lawyer? Not to report or to file a basic complaint, but counsel is highly advisable for drafting, venue strategy, civil recovery, and provisional remedies.

  • Can I file even if I only know a handle or bank account? Yes. Name a John/Jane Doe, attach the handle and the bank/e-wallet account details, and let investigators subpoena KYC records.

  • Will platforms give me data if I ask? Typically no. Disclosure is usually to law enforcement or upon court/prosecutor authority, consistent with privacy laws.

  • Can I get my money back if it’s already withdrawn? It’s harder, but not hopeless. Focus on identifying beneficiaries/accomplices and pursue civil recovery while the criminal case proceeds.

  • What about defamation/libel if I “name and shame”? Avoid public accusations while the case is pending; stick to formal reports.

Final Notes

  • Move fast, document everything, and parallel-track: bank dispute, platform report, criminal complaint, and (where applicable) regulator and civil action.
  • Laws and thresholds (e.g., small claims cap, penalty brackets) can change; verify the latest before filing.
  • If minors, sensitive images, or threats are involved, seek immediate law enforcement help and avoid any payment to the extortionist.

If you’d like, I can turn this into fill-in-the-blanks Complaint-Affidavit and Evidence Log you can print and use right away.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login