How to File a Cybercrime Complaint for Online Identity Theft in the Philippines

I. Introduction

Online identity theft is one of the most common cybercrime problems in the Philippines. It occurs when another person uses someone’s identity, personal information, account, photo, name, government ID, phone number, email address, signature, or digital profile without authority, usually to deceive others, obtain money, create fake accounts, apply for loans, damage reputation, access accounts, or commit fraud.

A victim may discover the crime when friends receive messages from a fake account, an online lending app demands payment for an unauthorized loan, a bank or e-wallet reports suspicious transactions, a social media profile appears using the victim’s name and photo, or a stranger sends screenshots showing that the victim’s identity is being used in a scam.

In the Philippine context, online identity theft may be addressed through criminal complaints, cybercrime reporting, privacy complaints, bank or e-wallet fraud reports, platform takedown requests, and civil actions for damages. The proper approach depends on what personal data was used, how it was used, who used it, what harm occurred, and whether the offender is known.

The central rule is this: a victim should preserve digital evidence immediately, secure affected accounts, report the incident to cybercrime authorities, execute a complaint-affidavit, and pursue the appropriate criminal, privacy, consumer, and civil remedies.

II. What Is Online Identity Theft?

Online identity theft involves the unauthorized use of another person’s identifying information through digital or electronic means. It may include:

  • Using another person’s name.
  • Creating a fake social media account.
  • Using another person’s photos.
  • Using another person’s government ID.
  • Applying for online loans using stolen identity.
  • Opening bank, e-wallet, or marketplace accounts.
  • Pretending to be the victim in chats or emails.
  • Sending scam messages using the victim’s profile.
  • Using the victim’s mobile number or SIM registration details.
  • Accessing the victim’s email or social media account.
  • Using a stolen selfie or face verification image.
  • Using digital signatures or scanned signatures.
  • Selling or distributing another person’s personal data.
  • Impersonating the victim to solicit money or goods.

Online identity theft may be committed by a stranger, scammer, ex-partner, relative, coworker, customer, online seller, fake recruiter, lending app operator, data broker, or organized fraud group.

III. Legal Basis in the Philippines

A. Cybercrime Prevention Law

Online identity theft is punishable when identifying information belonging to another person is acquired, used, misused, transferred, possessed, altered, or deleted through information and communications technology without right. The law treats certain computer-related offenses and content-related offenses as cybercrimes.

Cybercrime may also apply where ordinary crimes under the Revised Penal Code are committed through the use of a computer system, internet platform, mobile phone, electronic communication, or digital device.

B. Revised Penal Code

Depending on the facts, online identity theft may also involve traditional crimes, such as:

  • Estafa or swindling.
  • Falsification of documents.
  • Use of falsified documents.
  • Libel or cyberlibel.
  • Grave threats.
  • Coercion.
  • Unjust vexation.
  • Intriguing against honor.
  • Slander by deed.
  • Illegal access, where account intrusion is involved.
  • Other fraud-related or document-related offenses.

If a person uses another’s identity to obtain money from third parties, estafa may be present. If fake documents or altered IDs are used, falsification may be involved. If the impersonation includes defamatory posts, cyberlibel may be considered.

C. Data Privacy Act

If personal information was collected, used, shared, retained, sold, or disclosed without lawful basis, privacy law may apply. This is especially important where the identity theft involves:

  • Government IDs.
  • Sensitive personal information.
  • Financial information.
  • Contact lists.
  • Medical information.
  • Photos and biometrics-related data.
  • Unauthorized disclosure by a company.
  • Data breach.
  • Lending app misuse.
  • Employment or recruitment records.
  • Marketplace or delivery app records.

A privacy complaint may be filed separately from a cybercrime complaint.

D. Electronic Evidence Rules

Digital evidence is admissible if properly authenticated. Screenshots, emails, chat logs, links, metadata, device records, platform records, transaction histories, and electronic documents may be used in criminal, civil, or administrative cases if preserved and presented correctly.

IV. Common Forms of Online Identity Theft

A. Fake Social Media Account

The offender creates a profile using the victim’s name, photo, work information, school information, or family details. The account may be used to scam others, harass the victim, damage reputation, or impersonate the victim.

B. Account Takeover

The offender gains access to the victim’s email, Facebook, Instagram, TikTok, messaging app, bank account, e-wallet, or marketplace account. The offender may change passwords, message contacts, request money, or steal information.

C. Online Lending Identity Theft

The offender uses the victim’s identity to obtain online loans or the lending app falsely tags the victim as a borrower. The victim then receives collection threats.

D. Romance, Investment, or Marketplace Scam Using Victim’s Identity

The offender uses the victim’s name or photos to persuade other people to send money, invest, buy goods, or reveal personal information.

E. Fake Job or Recruitment Account

The offender pretends to be the victim or uses the victim’s documents in fake employment, visa, or recruitment schemes.

F. SIM, OTP, or Mobile Number Misuse

The offender uses a mobile number associated with the victim to receive verification codes, register accounts, or commit fraud.

G. Use of Government ID

The offender uses a stolen or leaked ID to pass verification checks, open accounts, borrow money, or create false credentials.

H. Deepfake or Altered Image Identity Theft

The offender uses edited photos, AI-generated images, or manipulated videos to impersonate the victim, defame the victim, or deceive others.

I. Business Identity Theft

The offender uses a business owner’s name, business permit, logo, DTI or SEC information, product photos, or customer records to operate fake pages or scams.

V. Immediate Steps After Discovering Online Identity Theft

A victim should act quickly.

A. Preserve Evidence

Do not rely only on memory. Save:

  • Screenshots.
  • URLs or links.
  • Usernames and profile IDs.
  • Phone numbers.
  • Email addresses.
  • Chat logs.
  • Call logs.
  • Transaction receipts.
  • Bank or e-wallet references.
  • Fake account pages.
  • Posts, comments, stories, and reels.
  • Messages from people who were scammed.
  • App names and account numbers.
  • Login alerts.
  • Password reset emails.
  • IP or device alerts, if available.
  • Timestamps.
  • Witness screenshots.

Screenshots should show the full screen where possible, including date, time, username, URL, and visible identifying details.

B. Secure Accounts

The victim should immediately:

  • Change passwords.
  • Enable two-factor authentication.
  • Log out unknown devices.
  • Check email forwarding settings.
  • Revoke suspicious app permissions.
  • Update recovery email and phone number.
  • Secure bank and e-wallet accounts.
  • Report unauthorized SIM or number use.
  • Scan devices for malware.
  • Avoid clicking links from unknown senders.
  • Preserve evidence before deleting anything.

C. Warn Contacts Carefully

If the identity is being used to scam others, the victim may post or send a neutral warning:

“Please do not transact with accounts using my name or photo unless confirmed through my official number. My identity is being misused online. I am reporting the matter.”

Avoid making unsupported accusations against a named person unless there is clear evidence.

D. Report to the Platform

Report the fake account, hacked account, fraudulent listing, or impersonation to the platform. Keep screenshots of the report and ticket number. Platform takedown is useful but should not replace formal legal reporting if harm is serious.

VI. Where to File a Cybercrime Complaint

A cybercrime complaint may be reported to law enforcement cybercrime units or filed as a criminal complaint before the prosecutor’s office.

Possible reporting points include:

  • Local police station for blotter or initial report.
  • Police cybercrime unit.
  • National cybercrime law enforcement office.
  • National Bureau of Investigation cybercrime division.
  • City or provincial prosecutor’s office.
  • Specialized offices depending on the nature of the case.

A victim may start with a police or cybercrime report, then file a complaint-affidavit for preliminary investigation.

VII. Police Blotter vs. Cybercrime Complaint vs. Prosecutor Complaint

A. Police Blotter

A police blotter records that an incident was reported. It is useful as evidence that the victim promptly complained. However, a blotter alone does not automatically prosecute the offender.

B. Cybercrime Report

A cybercrime report asks law enforcement to investigate digital evidence, trace accounts, preserve data, or identify offenders. It is more specific than an ordinary blotter.

C. Complaint-Affidavit Before the Prosecutor

A complaint-affidavit formally initiates criminal proceedings for preliminary investigation. It should contain sworn facts and supporting evidence. If probable cause is found, charges may be filed in court.

VIII. Evidence Needed for a Strong Complaint

A strong complaint should include:

  • Victim’s valid government ID.
  • Complaint-affidavit.
  • Screenshots of the fake account or identity misuse.
  • URLs and usernames.
  • Chat logs and messages.
  • Transaction records, if money was involved.
  • Proof that the identity belongs to the victim.
  • Proof that the victim did not authorize the use.
  • Witness statements.
  • Platform report confirmation.
  • Police blotter or incident report.
  • Bank, e-wallet, telco, or app records, if available.
  • Demand letters or denial letters, if any.
  • Proof of damage, such as reputational harm, financial loss, employment impact, or harassment.

The evidence should be arranged chronologically and labeled as annexes.

IX. How to Prepare the Complaint-Affidavit

A complaint-affidavit should be factual, chronological, and specific. It should include:

  1. Full name, age, address, and contact details of the complainant.
  2. Statement that the complainant is the owner of the identity, account, photo, ID, number, or data used.
  3. Date and manner of discovery.
  4. Description of the fake account, hacked account, or fraudulent use.
  5. Explanation that the complainant did not authorize the use.
  6. Details of harm caused.
  7. Identity of suspect, if known.
  8. Evidence attached.
  9. Request for investigation and prosecution.
  10. Oath before a notary public, prosecutor, or authorized officer.

Where the offender is unknown, the respondent may be described as “John Doe,” “Jane Doe,” unknown account user, unknown holder of a specific phone number, or unknown operator of a page, subject to later identification.

X. Contents of the Complaint Narrative

The complaint should answer:

  • What identity information was used?
  • Who used it, if known?
  • When did the misuse happen?
  • Where did it happen online?
  • How was the identity used?
  • What platform or system was involved?
  • What damage resulted?
  • What steps did the victim take?
  • What evidence supports the complaint?
  • What relief is being requested?

Avoid speculation. If something is not personally known, say how it was discovered and attach proof.

XI. Digital Evidence Preservation

Digital evidence can be fragile. The victim should:

  • Save original files.
  • Keep screenshots in original resolution.
  • Download chat history if possible.
  • Save emails with full headers if possible.
  • Copy URLs.
  • Record account IDs, not just display names.
  • Preserve devices used to receive threats or messages.
  • Avoid editing screenshots.
  • Avoid cropping out dates and usernames.
  • Back up evidence in cloud and external storage.
  • Ask witnesses to preserve their own screenshots.
  • Keep platform ticket numbers.
  • Print copies for filing, but keep electronic originals.

For high-value cases, a lawyer or digital forensic professional may help preserve evidence properly.

XII. Requesting Data Preservation

Many platforms and service providers retain data only for limited periods. A victim should report quickly and ask law enforcement to request preservation of relevant records, such as:

  • Login history.
  • IP addresses.
  • Device identifiers.
  • Registration email or number.
  • Account recovery changes.
  • Transaction logs.
  • Message metadata.
  • Uploaded documents.
  • Payment account details.

Private individuals usually cannot obtain all backend data directly. Law enforcement, prosecutors, or courts may need to issue proper requests.

XIII. If the Offender Is Known

If the offender is known, the complaint should include:

  • Full name.
  • Address, if known.
  • Relationship to victim.
  • Screenshots linking the person to the account or activity.
  • Admissions or messages.
  • Witnesses.
  • Motive, if relevant.
  • Prior incidents.
  • Evidence of benefit received.
  • Evidence connecting the person to phone numbers, accounts, or payment channels.

Do not rely only on suspicion. There must be evidence connecting the person to the identity theft.

XIV. If the Offender Is Unknown

If the offender is unknown, the complaint can still be filed. The victim should provide identifiers that may help trace the offender:

  • Fake account URL.
  • Username.
  • Profile ID.
  • Mobile number.
  • Email address.
  • Bank or e-wallet account.
  • QR code.
  • IP notices, if available.
  • Device login alerts.
  • App or platform name.
  • Payment references.
  • Delivery address.
  • Courier records.
  • Marketplace order details.
  • Screenshots of conversations.
  • Names used by the offender.

Law enforcement may trace these through legal process.

XV. If Money Was Taken From Victims

If the identity theft was used to scam others, there may be multiple victims: the person whose identity was used and the people who sent money.

The identity victim should:

  • Ask scammed persons for screenshots and receipts.
  • Clarify that the account is fake.
  • Encourage them to report their own loss.
  • Preserve evidence showing impersonation.
  • Avoid promising to reimburse unless legally advised.
  • File a complaint to protect their name.

The paying victims may file complaints for estafa, cybercrime, or payment fraud.

XVI. If the Victim’s Account Was Hacked

Where the offender accessed the victim’s actual account, the complaint should include:

  • Login alerts.
  • Password change notices.
  • Recovery email changes.
  • Unauthorized messages sent.
  • Contacts who received scam messages.
  • Account recovery attempts.
  • Platform ticket numbers.
  • Proof of ownership.
  • Time when access was lost.
  • Time when access was restored, if applicable.
  • Unauthorized transactions.

The victim should change passwords of all linked accounts, especially email, because email access often controls account recovery.

XVII. If a Fake Account Uses the Victim’s Photo

If the identity theft consists of a fake account using the victim’s photo and name, the complaint should include:

  • Screenshot of fake account.
  • Account URL.
  • Screenshot of victim’s original photo source, if available.
  • Proof the photo belongs to the victim.
  • Messages sent by fake account.
  • Reports from friends or victims.
  • Any demand, scam, threat, or defamatory content.
  • Platform report confirmation.

If the fake account merely uses a photo without fraud or harm, the case may still involve privacy, intellectual property, or platform impersonation issues, but criminal treatment depends on facts.

XVIII. If Government IDs Were Used

Use of government IDs is serious. The victim should:

  • Determine where the ID image may have been leaked.
  • Report to the institution that received the ID.
  • Watermark future ID submissions.
  • Check for unauthorized loans or accounts.
  • Report to banks, e-wallets, lending apps, or telcos.
  • Include ID misuse in the complaint.
  • Ask for deletion or blocking of unauthorized accounts.
  • Consider replacing compromised IDs where appropriate.

If a fake or altered ID was created, falsification issues may arise.

XIX. If the Case Involves Online Lending Apps

For lending-related identity theft, the victim should:

  • Deny the loan in writing.
  • Demand proof of the loan application.
  • Demand proof of disbursement.
  • Demand that collection stop while under investigation.
  • Preserve collection threats.
  • File cybercrime complaint.
  • File privacy complaint for misuse of personal data.
  • File regulatory complaint for abusive collection.
  • Report receiving e-wallet or bank account, if known.

A disputed online loan should not be treated as a simple debt if the borrower identity was stolen.

XX. If the Case Involves Banks or E-Wallets

If the identity was used to open accounts or receive funds:

  • Report the account immediately to the bank or e-wallet.
  • Ask for freezing or investigation where possible.
  • Keep ticket numbers.
  • Preserve transaction reference numbers.
  • File a police or cybercrime report.
  • Request law enforcement assistance for account tracing.
  • Change all related passwords.
  • Monitor other accounts.

Banks and e-wallets may not disclose full account details to private individuals, but they can preserve and act on fraud reports.

XXI. If the Case Involves SIM or OTP Fraud

If the victim’s mobile number, SIM registration, or OTP was misused:

  • Contact the telco immediately.
  • Request SIM blocking or replacement if compromised.
  • Report unauthorized SIM registration, if applicable.
  • Check accounts linked to the number.
  • Change recovery numbers.
  • Preserve OTP messages and call logs.
  • Include telco report in the complaint.

Never share OTPs. A common defense by platforms is that OTP verification occurred, so the victim must show why the OTP or number was compromised or not controlled by them.

XXII. If the Case Involves Defamation or Cyberlibel

If the offender used the victim’s identity to post defamatory statements, or if the offender defamed the victim while impersonating them, cyberlibel may be involved.

Evidence should include:

  • Exact defamatory words.
  • Screenshot with URL.
  • Date and time.
  • Identity of poster, if known.
  • Persons who saw the post.
  • Explanation of why statement is false and damaging.
  • Proof of reputational harm.

Cyberlibel cases require careful legal review because not every insult or accusation qualifies.

XXIII. If the Case Involves Threats, Sextortion, or Intimate Images

If identity theft is connected with threats, blackmail, sexual images, or coerced payments, urgent reporting is necessary. The victim should preserve evidence and seek immediate assistance.

Possible issues include:

  • Grave threats.
  • Coercion.
  • Robbery or extortion.
  • Cybercrime.
  • Violence against women and children, if applicable.
  • Anti-photo and video voyeurism violations, if intimate content is involved.
  • Child protection laws, if a minor is involved.

Do not send more images or money in response to threats without legal or law enforcement guidance.

XXIV. Filing with the Prosecutor’s Office

To file a criminal complaint, the victim usually prepares:

  • Complaint-affidavit.
  • Supporting affidavits of witnesses.
  • Evidence annexes.
  • Copies for respondents and prosecutor.
  • Valid ID.
  • Certification or verification if required.
  • Filing forms required by the office.

The prosecutor may require the respondent to submit a counter-affidavit. The complainant may then submit a reply-affidavit. If probable cause is found, the prosecutor may file an information in court.

XXV. Filing with Cybercrime Law Enforcement

When filing with cybercrime law enforcement, bring:

  • Valid ID.
  • Printed screenshots.
  • Digital copies of evidence.
  • Device used, if relevant.
  • Links and usernames.
  • Phone numbers and emails.
  • Transaction records.
  • Timeline of events.
  • Names of suspects, if any.
  • Platform reports.
  • Police blotter, if already obtained.

Be ready to explain the facts clearly and briefly. Investigators need exact identifiers, not just screenshots.

XXVI. Filing a Privacy Complaint

A privacy complaint is appropriate where personal data was misused, leaked, sold, disclosed, or processed without authority. It is especially relevant against companies, apps, employers, schools, lenders, delivery platforms, recruiters, or organizations that failed to protect personal information.

The complaint should identify:

  • Personal data involved.
  • Entity or person processing it.
  • Unauthorized use or disclosure.
  • Harm caused.
  • Requests made to the entity.
  • Response or lack of response.
  • Evidence of misuse.
  • Relief requested.

Privacy remedies may include investigation, orders to stop processing, correction, deletion, security measures, and penalties.

XXVII. Civil Action for Damages

A civil case may be considered when identity theft causes substantial harm. Damages may arise from:

  • Financial loss.
  • Loss of business.
  • Job loss.
  • Reputational harm.
  • Emotional distress.
  • Medical expenses.
  • Credit damage.
  • Cost of restoring accounts.
  • Harassment of family or workplace.
  • Unauthorized use of image or identity.

Civil action may be filed separately or alongside criminal proceedings depending on the legal strategy.

XXVIII. Platform Takedown and Account Recovery

Victims should use platform tools for:

  • Impersonation report.
  • Hacked account recovery.
  • Copyright or image misuse report, if applicable.
  • Fraud report.
  • Marketplace scam report.
  • Privacy violation report.
  • Removal of intimate content, where applicable.
  • Recovery of business page or account.

Keep ticket numbers and automated replies. Platform takedown helps stop harm but may remove evidence, so save copies before reporting where possible.

XXIX. Demand Letter or Cease-and-Desist Letter

If the offender is known, a demand letter may be useful. It may demand:

  • Immediate removal of fake account or content.
  • Cessation of impersonation.
  • Written undertaking not to repeat.
  • Preservation of records.
  • Payment of damages, where appropriate.
  • Public correction, if needed.
  • Settlement discussion.

However, if the case involves serious cybercrime, evidence destruction risk, or unknown organized offenders, it may be better to report first before sending warnings.

XXX. Jurisdiction and Venue

Cybercrime cases can involve multiple places: the victim’s residence, location where the account was accessed, place where messages were received, place where money was sent, location of the suspect, and location of servers or platforms.

For practical filing, victims usually start with local law enforcement, cybercrime units, or the prosecutor’s office where the victim resides or where the harmful effects were felt. Venue and jurisdiction should be confirmed for formal prosecution.

XXXI. Prescription and Urgency

Victims should not delay. Even if the law allows a period to file, digital evidence may disappear. Platforms may delete logs. SIMs may be discarded. Fake accounts may change names. E-wallets may be emptied. Witnesses may lose screenshots.

Urgency matters especially where:

  • Money is actively being solicited.
  • The fake account is still live.
  • Threats are ongoing.
  • A child is involved.
  • Bank or e-wallet accounts are compromised.
  • Intimate images are involved.
  • Employment or reputation is affected.
  • The offender may flee or delete evidence.

XXXII. Reliefs That May Be Requested

Depending on the forum, the victim may ask for:

  • Investigation.
  • Identification of offender.
  • Preservation of digital records.
  • Takedown of fake account or content.
  • Recovery of account.
  • Criminal prosecution.
  • Correction or deletion of false records.
  • Blocking of unauthorized accounts.
  • Freezing of suspicious payment accounts, where legally available.
  • Return of funds, if possible.
  • Damages.
  • Protection order, where applicable.
  • Certification or report useful for banks, employers, or platforms.

XXXIII. Sample Complaint-Affidavit Structure

A practical complaint-affidavit may follow this outline:

  1. Personal circumstances of complainant.
  2. Ownership of identity, account, photo, number, or data.
  3. Discovery of unauthorized use.
  4. Description of fake account, hacked account, or fraudulent transaction.
  5. Statement of non-consent.
  6. Evidence linking respondent or unknown account to the act.
  7. Harm suffered.
  8. Steps taken to report or stop the misuse.
  9. List of annexes.
  10. Request for investigation and prosecution.
  11. Oath and signature.

The affidavit should be written in plain, direct language.

XXXIV. Common Mistakes to Avoid

Victims should avoid:

  • Deleting messages.
  • Cropping screenshots too tightly.
  • Failing to copy URLs.
  • Publicly accusing someone without proof.
  • Paying scammers to delete content.
  • Sharing more IDs with unknown persons.
  • Ignoring account recovery emails.
  • Using weak passwords again.
  • Filing only a platform report and no legal report.
  • Waiting too long to report.
  • Failing to include transaction references.
  • Losing the device that contains evidence.
  • Submitting altered screenshots.
  • Exaggerating facts in affidavits.
  • Assuming a police blotter is already a criminal case.

XXXV. Defensive Measures After Filing

After filing, the victim should:

  • Monitor for new fake accounts.
  • Search their name periodically.
  • Check credit and loan records where possible.
  • Inform banks and e-wallets.
  • Update passwords regularly.
  • Preserve new incidents.
  • Follow up with investigators.
  • Keep all complaint reference numbers.
  • Avoid direct confrontation with suspects.
  • Tell close contacts how to verify real communications.
  • Use watermarked IDs for future transactions.

XXXVI. Special Considerations for Minors

If the victim is a minor, parents or guardians should act immediately. Identity theft involving minors can lead to grooming, exploitation, fake accounts, cyberbullying, sexual extortion, or school harassment.

Schools may also need to be informed if classmates are involved. If intimate images or sexual exploitation are involved, urgent child protection reporting is necessary.

XXXVII. Special Considerations for Businesses and Professionals

Professionals and business owners may suffer identity theft through fake pages, fake invoices, fake legal services, fake clinics, fake stores, or fake investment offers.

They should preserve:

  • Business registration documents.
  • Official page links.
  • Fake page links.
  • Customer complaints.
  • Payment account details used by scammers.
  • Trademark or logo evidence.
  • Prior warnings to customers.
  • Platform reports.
  • Loss records.

A public advisory may be necessary but should be carefully worded to avoid defamation.

XXXVIII. If the Victim Is Abroad

A Filipino victim abroad may still preserve evidence and coordinate with Philippine relatives, counsel, or authorities if the offender, victims, or effects are in the Philippines. The victim may need to execute affidavits before a consular officer, notary, or authority acceptable for Philippine use.

Time zone, document authentication, and appearance requirements should be planned early.

XXXIX. If the Suspect Is Abroad

If the suspect is abroad, enforcement becomes harder but not impossible. The complaint may still be filed if there is a Philippine connection. Law enforcement may need to coordinate through international channels, platform records, financial trails, or foreign authorities.

Practical focus should be on preserving evidence, stopping ongoing harm, tracing funds, and identifying the offender.

XL. Role of Counsel

A lawyer can help:

  • Identify proper offenses.
  • Draft complaint-affidavit.
  • Organize digital evidence.
  • Avoid defamatory counter-posts.
  • File prosecutor complaints.
  • Coordinate cybercrime and privacy complaints.
  • Send preservation and demand letters.
  • Seek damages.
  • Handle settlement.
  • Protect the victim from counterclaims.
  • Represent the victim if the offender files a retaliatory case.

Legal help is especially important where money, intimate images, minors, employment, business reputation, or known suspects are involved.

XLI. Practical Filing Checklist

Before filing, prepare:

  • Valid government ID.
  • Written timeline.
  • Complaint-affidavit draft.
  • Screenshots with dates and URLs.
  • Digital copies of evidence.
  • Fake account links.
  • Usernames and profile IDs.
  • Phone numbers and email addresses.
  • Transaction receipts.
  • Bank or e-wallet reports.
  • Platform report tickets.
  • Witness affidavits or statements.
  • Proof of ownership of identity or account.
  • Proof of non-consent.
  • Police blotter, if already obtained.
  • Request for investigation and preservation of records.

XLII. Practical Timeline for Action

A useful response timeline is:

Within the first day: preserve evidence, secure accounts, warn contacts, report fake account to platform, notify bank or e-wallet if money is involved.

Within the first few days: file police or cybercrime report, prepare complaint-affidavit, collect witness screenshots, request platform or provider preservation where possible.

As soon as practicable: file prosecutor complaint if evidence supports criminal action, file privacy complaint if personal data misuse is involved, pursue civil or regulatory remedies if needed.

XLIII. Conclusion

Online identity theft in the Philippines should be treated as both a cybercrime and an evidence-sensitive emergency. The victim’s first priority is to preserve proof before the offender deletes accounts, messages, or transaction records. The second priority is to secure accounts and prevent further harm. The third is to file the proper complaints with cybercrime authorities, prosecutors, privacy regulators, platforms, banks, e-wallets, or other relevant offices.

The safest legal approach is this: save the evidence, secure the accounts, deny unauthorized use, file a cybercrime report, execute a clear complaint-affidavit, request preservation of digital records, and pursue criminal, privacy, civil, and platform remedies according to the facts.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login