How to File a Cybercrime Complaint Against Scammers in the Philippines

How to File a Cybercrime Complaint Against Scammers in the Philippines

(Practical, step-by-step guide with the relevant legal framework. Philippine context.)

Disclaimer: This is general information, not legal advice. Cybercrime procedures can change and may vary by prosecutor’s office or law-enforcement unit. If you can, consult a Philippine lawyer.

1) What counts as a cybercrime “scam” in PH law?

Many online scams fit under one or more of these offenses:

  • Cybercrime Prevention Act of 2012 (RA 10175)

    • Core offenses: illegal access, data/system interference, misuse of devices, cybersquatting.
    • Computer-related offenses: forgery, fraud, identity theft.
    • Content offenses (context-dependent): e.g., cybersex; child sexual abuse material (also punished by separate child-protection laws); online libel (not usually part of “scam” cases).
    • Section 6 (penalty-lifting rule): If a crime under the Revised Penal Code (RPC) or another special law is committed through ICT, the penalty is one degree higher.

  • Revised Penal Code (RPC) – Estafa/Swindling (Art. 315) Classic “I was duped online” scenarios often proceed as Estafa through the use of ICT (because Sec. 6 of RA 10175 bumps the penalty).

  • Access Devices Regulation Act (RA 8484) Credit/debit/ATM fraud, unauthorized use of “access devices,” card-not-present scams.

  • E-Commerce Act (RA 8792) Recognizes electronic documents and signatures; creates safe-harbor rules for service providers (platform liability depends on participation/knowledge and action).

  • Data Privacy Act (RA 10173) For unlawful processing or data breaches linked to the scam (administrative + possible criminal liability).

  • SIM Registration Act (RA 11934) Useful for blocking numbers and assisting identification in mobile/SMS frauds.

  • Other sectoral laws may apply depending on the scam: e.g., Securities Regulation Code/SEC rules for investment schemes; Bangko Sentral rules for fund transfers and e-wallets; the Anti-Photo/Video Voyeurism Act (RA 9995) for sextortion.

2) Where you can file (and who handles what)

You have several lawful gateways—use any that is accessible; they have concurrent jurisdiction:

  • PNP Anti-Cybercrime Group (PNP-ACG) (and its Regional Anti-Cybercrime Units). For criminal investigation, digital forensics, arrests, applying for cyber warrants, coordinating with banks/telcos.

  • NBI Cybercrime Division (NBI-CCD). Similar mandate; often preferred for complex, multi-jurisdiction, or high-value cases.

  • City/Provincial Prosecutor (Department of Justice). You can file a Complaint-Affidavit directly for preliminary investigation. Prosecutors may also deputize law-enforcement for case build-up.

  • DOJ Office of Cybercrime (OOC). Central authority for international cooperation/requests and inter-agency coordination.

  • Regulators/administrative routes (often in addition to the criminal case):

    • BSP (banks/e-money issuers): consumer redress and dispute escalation.
    • SEC (investment/“trading”/lending app scams).
    • NPC (privacy breaches, doxxing tied to harassment/loan apps).
    • NTC/telcos (SIM/number blocking; spam/SMS spoofing).
    • DTI (e-commerce/online sellers) where applicable.

Tip: If money moved through a bank/e-wallet, report there immediately (see Section 3) and pursue a criminal complaint. Administrative remedies rarely replace criminal liability.

3) The first 24–72 hours: damage control & evidence capture

  1. Freeze/recall funds (act fast).

    • Notify your bank/e-wallet in writing via official channels. Provide transaction IDs, timestamps, amounts, reference numbers, screenshots.
    • Ask for account freeze/hold, chargeback/recall, and preservation of logs. Get a ticket or reference number.

  2. Secure your accounts and devices.

    • Change passwords; enable 2FA; log out of all sessions; run malware checks.
    • If there’s a SIM-swap suspicion, contact your telco immediately to recover the number and block fraudulent eSIM/port-out.

  3. Preserve evidence (don’t “clean” chats).

    • Save everything: chats, emails (with full headers), SMS, call logs, invoices/receipts, wallet/bank statements, usernames/handles, profile URLs, marketplace order pages, ad listings.
    • Prefer original electronic files. For screenshots, note the date/time and keep the original files too.
    • Keep devices and media unchanged; avoid deleting apps or wiping phones.
    • If you can, note the hash values (MD5/SHA-256) of key files; law enforcement can also do this.

  4. Avoid illegal recordings. Secretly recording private calls can violate the Anti-Wiretapping Law (RA 4200) and may hurt your case. If you need to record, get consent or ask investigators for guidance.

  5. Don’t publicly “dox” suspects. Public posts may expose you to libel/privacy claims and can spook the offender, causing evidence loss.

4) Filing a criminal complaint: two main paths

Path A — Start with law enforcement (PNP-ACG or NBI-CCD)

  1. Walk-in or email/online intake (where available) with your narrative + evidence.
  2. Officers will assess the offense, draft a statement/affidavit, and may conduct forensic imaging of your device (with consent/warrants as required).
  3. They can apply for cybercrime warrants (see Section 6) to obtain subscriber data, IP logs, and content from banks, telcos, platforms.
  4. After case build-up, they file with the Prosecutor for inquest (if the suspect is arrested) or preliminary investigation (if not).

Path B — File directly with the City/Provincial Prosecutor

  1. Prepare and submit a Complaint-Affidavit (see template below) with annexes.
  2. The Prosecutor issues a Subpoena to the respondent for a Counter-Affidavit.
  3. Possible Reply/Rejoinder and clarificatory hearing.
  4. Prosecutor issues a Resolution: (a) find probable cause and file an Information in court; or (b) dismiss.
  5. Parties may move for reconsideration or appeal to the DOJ.

Venue & jurisdiction (rule of thumb): Any city/province where any essential element occurred (e.g., where you sent money, received deceitful messages, or where the accused acted). RA 10175 also recognizes extraterritorial jurisdiction if a key element or a computer system affected is in the Philippines, or if the offender is a Filipino national.

5) What to bring when you file

  • Valid ID (with photocopy).

  • Complaint-Affidavit (subscribed and sworn before a prosecutor, notary, or authorized officer).

  • Annexes (label each as “Annex A, B, C …” referenced in the affidavit):

    • Proof of payments/transfers (receipts, bank/wallet logs).
    • Chat/email/SMS exports (prefer original files; otherwise clear screenshots with timestamps).
    • Screenshots/printouts of profiles/listings/ads with URLs.
    • Your device/app logs if available (don’t alter the device).
    • If a company is the complainant: Board Resolution/Secretary’s Certificate authorizing the representative; IDs; proof of authority.

  • Contact details for you and any witnesses.

  • For minors/vulnerable victims: consider specialized units (e.g., WCPC) and bring guardianship documents if applicable.

6) How investigators lawfully obtain data (so you know what to ask for)

  • Rule on Cybercrime Warrants (Supreme Court rules) authorizes specialized warrants, commonly:

    • Warrant to Disclose Computer Data (WCD): subscriber info, traffic data, logs.
    • Warrant to Intercept Computer Data (WICD): lawful interception of ongoing communications (rare in scam cases without strong basis).
    • Warrant to Search, Seize, and Examine Computer Data (WSSECD): to image and forensically examine devices/accounts.

  • Data preservation: Service providers must preserve certain traffic/subscriber data for at least six months (extendable upon proper request). Ask investigators early to send preservation letters before logs expire.

7) Parallel administrative/regulatory remedies (often faster)

  • Banks/e-wallets (BSP-regulated): File a formal dispute and consumer complaint with the bank/e-money issuer. Escalate to BSP’s consumer assistance if unresolved.
  • Investment/lending app scams (SEC): Complain to the SEC Enforcement/Investor Protection office for takedown actions and admin cases.
  • Privacy harms (NPC): For doxxing, loan-app harassment, or leaks, file a complaint with the National Privacy Commission.
  • Telcos/NTC: Request number blocking; report spam/SMS spoofing.
  • DTI/e-commerce: For deceptive online sellers/marketplaces, file a DTI complaint if applicable.

These do not replace a criminal case, but they can help stop the harm, preserve evidence, and sometimes enable refunds or administrative penalties.

8) Typical charges and charging strategy (examples)

  • Estafa through the use of ICT (RPC Art. 315 in relation to RA 10175 Sec. 6) – for deceit and damage (e.g., fake online selling, phishing that induced transfer).
  • Computer-related fraud (RA 10175) – manipulating computer data/systems to cause wrongful loss.
  • Computer-related identity theft – using another’s identifiers (name, login, card, SIM) to obtain a benefit or cause damage.
  • Access Devices Act (RA 8484) – unauthorized use/possession/trafficking in card data.
  • Other add-ons depending on facts: falsification (RPC), qualified theft, child-protection offenses, privacy violations.

Why multiple charges? Prosecutors often allege alternative or cumulative offenses; the court determines what sticks based on evidence.

9) Evidence: what’s admissible and how to present it

  • Rules on Electronic Evidence (REE): Electronic documents (emails, chats, screenshots, logs) are admissible if you can authenticate them (explain how they were produced and kept).
  • Prefer original exports (e.g., “Download your data” from platforms, email with full headers, app logs).
  • Screenshot hygiene: include full device clock, URL bars, full conversation context, and file metadata where possible.
  • Chain of custody: Keep a simple log of who handled which device/file and when; avoid editing originals.
  • Expert testimony/forensics may be used for hash verification, log interpretation, IP attribution.

10) What to expect after filing (timelines & outcomes)

  • Investigation time varies with data requests (banks/telcos/platforms). Cross-border requests take longer.
  • Refunds/chargebacks are not guaranteed in criminal cases; pursue administrative and civil routes in parallel.
  • If probable cause is found, the Information is filed in court and warrants may issue.
  • Plea bargaining or civil settlement can occur; if you settle, coordinate with the prosecutor to avoid prejudicing the case.

11) Civil actions you can file (besides the criminal case)

  • Damages (actual, moral, exemplary) under the Civil Code.
  • Rescission/recovery of sums paid due to fraud.
  • Small claims for money recovery (fast-track, lawyer optional) if your claim fits the current monetary cap (check the latest SC circular).
  • Injunctions/takedown orders via court (platforms may also act under their own terms on your lawful notices).

12) Common pitfalls (and how to avoid them)

  • Waiting too long: logs expire; money moves fast through “mule” accounts. Report within hours if possible.
  • Relying on screenshots alone: get original exports and keep devices.
  • Posting the suspect’s info publicly: can create counter-claims and evidence spoliation.
  • Secret call recordings: potential RA 4200 violation.
  • Assuming banks will auto-refund: they usually need to find operational/accountability grounds; pursue BSP escalation and civil routes too.

13) Practical checklist

Immediately

  • Call/write your bank/e-wallet; ask for freeze/recall and log preservation; get ticket #.
  • Change passwords; enable 2FA; secure devices; contact telco if SIM/number compromised.
  • Preserve evidence (original files + screenshots with timestamps).

Within 24–72 hours

  • File with PNP-ACG or NBI-CCD (or both).
  • Prepare and file a Complaint-Affidavit with the Prosecutor, or coordinate for filing after case build-up.
  • Lodge regulatory complaints as applicable (BSP/SEC/NPC/NTC/DTI).
  • If a business, issue litigation hold to staff/IT; preserve server/app logs.

14) Template: Complaint-Affidavit (guide)

Note: This is a guide. Adapt to your facts. Print on clean bond paper. Attach annexes. Sign before the administering officer.

Republic of the Philippines [City/Province] Office of the City/Provincial Prosecutor

[YOUR NAME], Filipino, of legal age, with address at [full address], after having been duly sworn, depose and state:

  1. Parties. I am the complainant. The respondent is [Name/Username/Unknown Alias], using the online handle [@handle / mobile no. / email].
  2. Overview. This is a complaint for [Estafa through the use of ICT under Art. 315 RPC in relation to Sec. 6, RA 10175; and/or Computer-Related Fraud/Identity Theft under RA 10175; and/or RA 8484].
  3. Chronology of Facts. 3.1 On [date/time], I received [message/ad/link] via [platform]… 3.2 The respondent represented [specific deceit]… 3.3 Relying on this, I [transferred ₱…, gave credentials, etc.] via [bank/wallet, ref. no.]… 3.4 I later discovered [non-delivery/blocked/unauthorized transfer/etc.]… 3.5 I reported to [bank/telco/platform] under Ticket [no.] on [date].
  4. Elements of the Offense(s). 4.1 Deceit: [state concrete misrepresentations/false pretenses]. 4.2 Damage: [amount lost/harms]. 4.3 Use of ICT: [online chats, e-wallet transfer, phishing website]. 4.4 [For identity theft/fraud]: [use of my identifiers, device, account, card].
  5. Evidence. Attached as Annex “A” (transactions), “B” (chat exports), “C” (email with full headers), “D” (screenshots with timestamps), “E” (bank dispute), etc. Originals/electronic copies are available.
  6. Reliefs Sought. 6.1 Conduct investigation and file the appropriate Information(s). 6.2 Apply for necessary cyber warrants and issue subpoenas to banks/telcos/platforms for identification and tracing. 6.3 Assist in fund recovery and preservation of evidence.

I certify under oath that the allegations herein are true based on my personal knowledge and/or authentic records.

[Signature over printed name] Complainant

SUBSCRIBED AND SWORN to before me this [date], affiant exhibiting [ID type/number].

[Name & designation of administering officer]

15) FAQs

Q: Can I file if I don’t know the scammer’s real name? Yes. Investigators can seek subscriber info/IP logs from platforms/telcos/banks via WCD and related processes.

Q: Will the bank or e-wallet give my money back? Not automatically. It depends on internal rules, regulator guidance, and proof. Use the bank dispute process and escalate to BSP. Still file a criminal complaint.

Q: The scammer is overseas. Is filing still worth it? Yes. RA 10175 allows extraterritorial cases when elements/effects are in the Philippines. The DOJ can use international cooperation channels to request data and assistance.

Q: Do I need a lawyer? Not strictly to file, but a lawyer helps frame charges, preserve e-evidence, and pursue civil remedies alongside the criminal case.

Q: Do I need to go to the barangay first? Usually no. Criminal complaints of this nature are not subject to barangay conciliation (and parties are often in different localities or anonymous).

16) One-page action plan (you can copy/paste)

  1. Immediately: Freeze funds with bank/e-wallet; change passwords; secure SIM/device.
  2. Collect evidence: Original exports + screenshots; list of transactions; ticket numbers.
  3. File with PNP-ACG/NBI-CCD (bring ID, narrative, evidence).
  4. File Complaint-Affidavit with the Prosecutor (attach annexes).
  5. Parallel complaints to BSP/SEC/NPC/NTC/DTI as applicable.
  6. Follow up on subpoenas/warrants; attend clarificatory hearings; pursue civil damages if needed.

If you want, tell me the type of scam (phishing link, fake seller, investment, SIM-swap/e-wallet takeover, BEC, etc.), the amount, and what evidence you already have. I can map the exact charges and draft a tailored affidavit and annex list for your facts.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login