How To File a Cybercrime Complaint in the Philippines

Cybercrime complaints in the Philippines are governed primarily by Republic Act No. 10175, or the Cybercrime Prevention Act of 2012, together with the Revised Penal Code, the Data Privacy Act of 2012, special penal laws, procedural rules on criminal complaints, and the rules on electronic evidence. In practice, filing a cybercrime complaint is not just about reporting a bad online experience. It is about identifying the correct offense, preserving digital evidence properly, choosing the right agency, and understanding how the case moves from report, to investigation, to prosecution.

This article explains the Philippine legal framework, where and how to file a complaint, what evidence matters, what happens after filing, the common mistakes that weaken a case, and the remedies available in both criminal and civil contexts.

I. What counts as a cybercrime in Philippine law?

In Philippine practice, “cybercrime” is a broad working term. Not every harmful act done online is automatically a cybercrime under RA 10175, but many online acts become criminal either because:

  1. the act itself is specifically punished by the Cybercrime Prevention Act, or
  2. a crime under another law is committed through a computer system or similar means, which can qualify it as a cybercrime-related offense.

A computer system generally includes computers, servers, networks, websites, online accounts, cloud storage, mobile devices, and similar digital systems.

Common complaints in the Philippines include:

  • hacking or unauthorized access to accounts, devices, or systems
  • online scams and fraud
  • identity theft and account impersonation
  • online libel
  • cybersex-related exploitation
  • illegal interception of data or communications
  • data interference or system interference
  • online extortion, threats, or blackmail
  • non-consensual sharing of intimate images
  • phishing and social engineering
  • e-commerce fraud
  • unauthorized use of bank or e-wallet accounts
  • child sexual abuse or exploitation online
  • privacy breaches involving personal data

The legal classification matters because the elements of the offense determine the evidence required and which prosecutors or courts may act on the case.

II. The main Philippine laws involved

1. Cybercrime Prevention Act of 2012 (RA 10175)

This is the central cybercrime statute. It penalizes, among others:

  • Illegal access
  • Illegal interception
  • Data interference
  • System interference
  • Misuse of devices
  • Cybersquatting
  • Computer-related forgery
  • Computer-related fraud
  • Computer-related identity theft
  • Cybersex
  • Child pornography committed through a computer system
  • Unsolicited commercial communications in certain forms
  • Libel committed through a computer system

It also provides for jurisdiction, law enforcement powers, and special treatment of cybercrime evidence.

2. Revised Penal Code

Many online acts still fall under traditional crimes, such as:

  • estafa
  • unjust vexation
  • grave threats
  • coercion
  • robbery or extortion in some settings
  • defamation-related conduct
  • falsification-related offenses

When the internet or a digital system is used as the means, the conduct may overlap with cybercrime rules.

3. Data Privacy Act of 2012 (RA 10173)

Where the complaint involves personal data, data breaches, unauthorized disclosure, improper processing, or misuse of sensitive personal information, the National Privacy Commission may be involved alongside criminal investigators.

4. Anti-Photo and Video Voyeurism Act (RA 9995)

If intimate images or videos are recorded, copied, or shared without consent, this law may apply, even when the act is done online or through messaging apps and social media.

5. Special laws on child protection and exploitation

Where minors are involved, multiple laws may apply, including laws on child sexual abuse materials, trafficking, and exploitation through digital means.

6. Electronic Commerce Act and Rules on Electronic Evidence

These matter because electronic files, screenshots, messages, metadata, transaction records, and server logs may be used in investigation and court proceedings, subject to authenticity and evidentiary rules.

III. Common cybercrime complaints in the Philippines

The most reported or practically significant categories are these:

A. Online scams and fraud

Examples:

  • fake sellers on Facebook, Instagram, TikTok, or marketplaces
  • fake job offers
  • investment scams
  • OTP, bank, or e-wallet fraud
  • phishing links
  • romance scams
  • account takeover used to solicit money from contacts

Possible offenses:

  • computer-related fraud
  • estafa
  • identity theft
  • falsification or forgery in some cases

B. Illegal access or hacking

Examples:

  • someone gains access to your email, Facebook, online banking, work account, or cloud storage without authority
  • forced password resets
  • bypassing access controls
  • intrusion into a company system

Possible offenses:

  • illegal access
  • illegal interception
  • misuse of devices
  • identity theft
  • data interference

C. Online libel

Examples:

  • defamatory Facebook posts
  • malicious accusations on X, TikTok, YouTube, blogs, or group chats
  • fake allegations published online that damage reputation

This is one of the most litigated cybercrime-related areas in the Philippines. It is legally technical because it requires the elements of libel and the added online publication component.

D. Identity theft and impersonation

Examples:

  • fake accounts using your name or photos
  • someone posing as you to borrow money or deceive others
  • using your credentials to open services or transact

E. Privacy violations and doxxing

Examples:

  • unauthorized disclosure of personal information
  • posting home address, school, phone number, or IDs
  • sharing private chats, medical records, or intimate content

These may involve criminal, administrative, and civil liability depending on the facts.

F. Online sexual exploitation and intimate image abuse

Examples:

  • threats to leak private photos
  • non-consensual sharing of intimate content
  • coercive sextortion
  • child exploitation online

These are high-priority matters and should be reported immediately.

IV. Where to file a cybercrime complaint in the Philippines

There is no single exclusive office for all cybercrime cases. The proper agency depends on the nature of the offense, urgency, location, and available evidence.

1. PNP Anti-Cybercrime Group (PNP-ACG)

The Philippine National Police Anti-Cybercrime Group is one of the main law enforcement bodies handling cybercrime complaints. It accepts reports involving online scams, account hacking, identity theft, cyber libel, online harassment with criminal elements, and related offenses.

This is often the most accessible route for private complainants.

2. NBI Cybercrime Division

The National Bureau of Investigation Cybercrime Division also investigates cybercrime complaints. Many complainants go here when:

  • the case is more complex
  • the financial or reputational damage is significant
  • multiple accounts or cross-border elements are involved
  • specialized digital forensic handling is needed

3. Office of the Prosecutor

A cybercrime complaint may ultimately need to be filed with the City Prosecutor’s Office or Provincial Prosecutor’s Office for preliminary investigation, especially when the offense carries a penalty requiring such process. In many cases, the police or NBI investigation comes first, then the complaint-affidavit and evidence are submitted for prosecutorial action.

4. National Privacy Commission

If the issue centers on misuse of personal data, a data breach, unlawful processing, or unauthorized disclosure of personal information, a complaint may be brought before the National Privacy Commission. This does not always replace criminal proceedings; in some cases, both tracks may exist.

5. Other agencies depending on the case

Depending on the facts, other offices may also matter, such as:

  • the bank or e-wallet provider’s fraud team
  • the platform involved, such as Meta, Google, TikTok, or marketplace operators
  • the DICT in limited coordination settings
  • the SEC, if the scam concerns unregistered securities or investment solicitations
  • local police for related non-cyber offenses
  • barangay mechanisms only for disputes that are truly barangay-conciliable, though serious cybercrime complaints usually move beyond barangay handling

V. Must you report first to the police or NBI before going to the prosecutor?

Not always, but in practice it is often wise.

A complainant may proceed through law enforcement first because investigators can:

  • receive and evaluate evidence
  • issue preservation requests or coordinate subpoenas where legally available
  • assist in identifying suspects
  • prepare referral materials for prosecution

For many ordinary complainants, especially scam victims, hacking victims, and persons dealing with anonymous perpetrators, going first to the PNP-ACG or NBI Cybercrime Division is the more practical route.

For some offenses, particularly where the respondent is already known and the evidence is largely in the complainant’s possession, counsel may help prepare a complaint-affidavit for filing with the prosecutor more directly.

VI. What you should do before filing

The strength of a cybercrime complaint often depends on what the complainant does in the first hours or days.

1. Preserve evidence immediately

Do not delete:

  • chats
  • emails
  • SMS
  • screenshots
  • transaction receipts
  • QR code records
  • order confirmations
  • account notifications
  • login alerts
  • URLs
  • usernames
  • profile links
  • post links
  • photos
  • videos
  • audio recordings, if lawfully obtained
  • call logs
  • device logs
  • bank or e-wallet statements

2. Capture more than screenshots

Screenshots help, but they are not enough by themselves in many cases. Also preserve:

  • full URLs
  • account IDs and usernames
  • dates and timestamps
  • platform names
  • email headers where relevant
  • transaction reference numbers
  • GCash, Maya, bank, remittance, or crypto wallet details
  • device details
  • original digital files, not just cropped images

3. Do not alter the evidence

Avoid editing screenshots, renaming files carelessly, forwarding items repeatedly, or mixing originals with annotated versions. Keep originals intact.

4. Secure your accounts

If you are the victim of hacking or identity theft:

  • change passwords immediately
  • log out sessions
  • enable two-factor authentication
  • recover compromised email accounts first
  • notify banks and e-wallet providers
  • freeze affected cards or accounts if needed

5. Document the timeline

Prepare a chronological summary:

  • when you first saw the incident
  • what happened next
  • what accounts or amounts were involved
  • who you dealt with
  • how you discovered the identity or profile of the perpetrator, if at all

6. Avoid public confrontation that can complicate the case

Do not threaten the suspect, publish unverified accusations, or post defamatory statements in retaliation.

VII. What evidence is usually needed?

The exact evidence depends on the offense, but these are commonly relevant.

A. For online scam or fraud complaints

  • screenshots of ads, listings, or conversations
  • proof of payment
  • bank deposit slips, e-wallet transfers, reference numbers
  • account names, account numbers, mobile numbers
  • courier records
  • false representations made by the suspect
  • IDs or profiles used by the suspect, if any
  • proof that goods or services were not delivered, or that promises were false

B. For hacking or illegal access

  • login alerts
  • account recovery messages
  • screenshots of unauthorized changes
  • IP logs, if available
  • email notifications
  • forensic reports
  • statements from service providers
  • proof that the account belongs to you
  • proof of lack of authorization

C. For online libel

  • the exact defamatory post, article, video, or caption
  • URL or permanent link
  • date of publication
  • screenshots showing the publisher account and the publication context
  • proof that the statement refers to you
  • proof of malice or reckless disregard, where inferable
  • proof of damage, if relevant

D. For identity theft or impersonation

  • links to fake accounts
  • screenshots of profile details
  • messages sent by the impersonator
  • proof of your real identity and ownership of the name or images
  • reports made to the platform
  • statements from deceived third persons, if any

E. For privacy violations

  • the personal data disclosed
  • where and how it was disclosed
  • absence of consent
  • harm or risk caused
  • relationship of the discloser to the data
  • policies or notices breached, where relevant

F. For intimate image abuse or sextortion

  • original messages or threats
  • media files or proof of distribution
  • URLs and account links
  • preservation of the post before takedown
  • proof of coercion, intimidation, or non-consent

VIII. Are screenshots enough?

Usually not by themselves.

Screenshots are helpful, but Philippine cases involving digital evidence are stronger when the complainant can also provide:

  • the device where the content was viewed or received
  • the original electronic file
  • account or transaction records
  • corroborating witnesses
  • platform reports
  • official certifications or responses from service providers
  • logs or metadata where obtainable

In court, the issue is often authentication. A screenshot can be challenged as incomplete, cropped, altered, fabricated, or lacking context. The safer approach is to preserve the entire trail.

IX. Should evidence be notarized?

A common practice is to attach screenshots and printouts to a Complaint-Affidavit and have the affidavit notarized. That helps formalize your sworn allegations, but notarization does not automatically authenticate every digital item for all evidentiary purposes. It only strengthens the affidavit as a sworn statement.

For important evidence:

  • keep soft copies
  • keep original files
  • bring the source device if requested
  • organize the evidence so investigators and prosecutors can trace each item to its source

X. The step-by-step process of filing a cybercrime complaint

Step 1: Identify the offense as precisely as possible

Describe the conduct:

  • hacked account?
  • online scam?
  • fake profile?
  • defamatory post?
  • leaked intimate content?
  • unauthorized disclosure of personal data?

You do not need to know the final legal label with perfect precision, but the facts must be clear.

Step 2: Gather and organize evidence

Create folders and label items by date. Prepare:

  • a chronology
  • screenshots
  • printouts
  • digital files in USB or other storage, if requested
  • IDs
  • proof of ownership of affected account or number
  • proof of payment or loss, if financial

Step 3: Go to the proper agency

For most complainants, that means going to:

  • PNP Anti-Cybercrime Group, or
  • NBI Cybercrime Division

Bring:

  • valid ID
  • copies of evidence
  • soft copies where possible
  • written incident summary

Step 4: Execute a sworn statement or complaint-affidavit

You may be asked to execute a Complaint-Affidavit or sworn statement narrating:

  • who you are
  • what happened
  • when and where it happened
  • how you know the respondent, if at all
  • the evidence supporting your claim
  • the damage or prejudice suffered

If the respondent is unknown, the complaint may initially be against John Doe/Jane Doe or an unidentified person, depending on the handling office and case posture.

Step 5: Submit supporting documents

Typical attachments:

  • screenshots and printouts
  • transaction records
  • IDs
  • certificates or reports from banks/platforms
  • screenshots of profiles and URLs
  • screenshots of messages and timestamps

Step 6: Investigation and evidence development

After filing, investigators may:

  • conduct case build-up
  • issue requests to relevant providers
  • coordinate for subpoenas or preservation measures as allowed by law
  • identify account holders through financial records or telecom information, subject to lawful process
  • refer the case for inquest or preliminary investigation where appropriate

Step 7: Filing before the prosecutor

When the case is ready, it may proceed to the prosecutor for preliminary investigation. The prosecutor determines whether there is probable cause to file an Information in court.

Step 8: Court proceedings

If probable cause is found, the case may be filed in the proper trial court. From there, criminal litigation begins.

XI. What should be in a complaint-affidavit?

A good cybercrime complaint-affidavit should include:

  • your complete identity and contact details
  • the identity of the respondent, if known
  • a clear statement of facts in chronological order
  • the specific online accounts, numbers, URLs, platforms, or transactions involved
  • the exact words used, if defamation, threat, or fraud representation is at issue
  • the amount lost, if financial injury is involved
  • how you preserved the evidence
  • a list of annexes properly labeled
  • a statement that the allegations are true of your own personal knowledge or based on authentic records

Do not overstate. Do not add assumptions you cannot prove.

XII. Where is the proper venue?

Venue in cybercrime cases can be legally complicated because online acts cross places instantly. Under Philippine practice, relevant considerations may include:

  • where any element of the offense occurred
  • where the offended party accessed or experienced the harmful publication or transaction
  • where the accused acted
  • where the account or platform interaction took place in a legally significant sense
  • special venue rules applicable to libel and cybercrime-related offenses

This is especially sensitive in online libel cases. Venue errors can lead to dismissal or challenge. For serious or high-value cases, venue should be assessed carefully by counsel before filing.

XIII. Prescription: how long do you have to file?

The time limit depends on the offense charged. There is no single uniform prescriptive period for all cybercrime complaints. The period may depend on:

  • whether the offense is under RA 10175
  • whether it borrows from a crime under the Revised Penal Code or another statute
  • the applicable penalty
  • when the offense was discovered
  • special rules developed in jurisprudence for certain offenses such as libel

Because prescriptive issues can be outcome-determinative, complainants should act promptly. Delay can weaken both the legal right to prosecute and the practical ability to preserve evidence.

XIV. Cyber libel in the Philippines: a special note

Cyber libel is one of the most controversial and misunderstood cybercrime complaints.

To succeed, the complainant generally must establish the traditional elements of libel, including:

  • an imputation of a discreditable act, condition, or circumstance
  • publication
  • identification of the person defamed
  • malice, subject to legal presumptions and defenses

When done through a computer system, the act may constitute online or cyber libel.

Important points:

  • Truth alone is not always a complete defense unless legal requirements are met.
  • Fair comment and privileged communication may apply in proper cases.
  • Sharing, reposting, commenting, and linking raise distinct issues.
  • The exact author, uploader, editor, and platform role matter.
  • Venue and prescription questions are especially technical.

A poorly prepared cyber libel complaint often fails because the complainant submits only a few screenshots without preserving the full post, URL, author identity, and surrounding context.

XV. Online scam complaints: what investigators usually look for

For scam complaints, investigators usually focus on:

  • false representation
  • inducement to part with money or property
  • transfer of money
  • non-delivery or fraudulent conduct
  • tracing beneficiary accounts, wallets, or numbers
  • whether there is a pattern involving multiple victims

A recurring practical issue is that the Facebook account, SIM, or profile used by the scammer may be fake. The case may still proceed, but identification becomes harder and usually depends on financial tracing, platform cooperation, telecom data subject to lawful process, and corroborating evidence.

Report quickly to:

  • your bank or e-wallet
  • the platform used
  • PNP-ACG or NBI
  • the remittance or courier service, if relevant

The sooner the report, the better the chance of freezing, flagging, or tracing transactions.

XVI. Can you file a complaint if you do not know the suspect’s real name?

Yes.

Many cybercrime complaints begin with:

  • an alias
  • username
  • account link
  • phone number
  • bank account
  • e-wallet number
  • IP-related clues
  • email address

A complaint may still be received even if the person’s civil identity is not yet known. The investigation can aim to identify the perpetrator through lawful means.

Still, not every anonymous account can be traced successfully. That is a practical reality, not a legal bar to reporting.

XVII. What if the offender is abroad?

Cybercrime frequently has cross-border elements. A foreign location does not automatically defeat a Philippine complaint. Philippine authorities may still act where:

  • the victim is in the Philippines
  • the effects were felt in the Philippines
  • part of the offense occurred in the Philippines
  • the account, transaction, or publication has jurisdictional links to the Philippines

However, cases involving foreign actors are more difficult in practice because enforcement may require international cooperation, foreign platform compliance, mutual legal assistance, or extradition-related steps.

Report the case anyway. Cross-border difficulty is not the same as lack of jurisdiction.

XVIII. Can a company file a cybercrime complaint?

Yes.

Corporations, partnerships, schools, hospitals, and other organizations may file complaints through authorized representatives, especially in cases involving:

  • system intrusion
  • data theft
  • ransomware-related acts
  • fraudulent use of corporate accounts
  • phishing against employees or customers
  • data interference
  • business email compromise
  • trade-secret or confidential data misuse with criminal elements

The organization should prepare:

  • a board resolution, secretary’s certificate, or written authority
  • system logs
  • access records
  • IT incident reports
  • forensic findings
  • proof of business ownership of affected systems or data

XIX. The role of digital forensics

Not every cybercrime complaint needs a forensic examination, but for serious cases it can be decisive.

Digital forensics may help establish:

  • unauthorized access
  • account takeover activity
  • deletion or alteration of files
  • malware use
  • device origin
  • metadata integrity
  • time sequencing
  • user attribution, within limits

Forensic work can be done by law enforcement or by qualified private experts, depending on the case. The chain of custody and method used are important.

XX. Chain of custody in digital evidence

Digital evidence can be challenged if there is no clear record of:

  • where it came from
  • who collected it
  • how it was stored
  • whether it was altered
  • who accessed it afterward

Best practice:

  • preserve originals
  • create working copies
  • label files systematically
  • note collection dates
  • avoid uncontrolled forwarding or editing
  • keep devices secure

This becomes especially important in business cases, internal fraud, and hacking complaints.

XXI. Can you record calls or conversations as evidence?

This is dangerous territory.

Philippine law on wiretapping and privacy can affect the legality of intercepted communications. Not every recording is automatically lawful. Whether a recording is admissible or whether making it created separate liability depends on the circumstances.

For cybercrime complaints, it is safer to preserve communications you directly received lawfully, such as:

  • chats sent to you
  • emails sent to you
  • posts visible to you
  • messages in accounts you lawfully control

Covert interception presents legal risks.

XXII. Do you need a lawyer to file?

Not always.

A person may report a cybercrime directly to the police or NBI without private counsel. But a lawyer is particularly useful when:

  • the case involves large sums
  • the offense is unclear
  • corporate systems are involved
  • there are multiple respondents
  • the matter involves cyber libel
  • there are privacy law implications
  • a prosecutor filing is imminent
  • you may also pursue damages

A poorly framed complaint can result in delay, dismissal, or exposure to a countercharge.

XXIII. Can you recover money through a cybercrime case?

A criminal complaint may help establish liability, but recovery of money is not automatic.

Possible avenues include:

  • restitution in the criminal process where legally appropriate
  • civil action for damages
  • separate collection action
  • claims against a known fraudster
  • bank or e-wallet dispute mechanisms, depending on timing and facts

In many online scam cases, the biggest practical problem is not proving that fraud happened, but locating assets and identifying the real beneficiary.

XXIV. Can you sue for damages separately?

Yes, depending on the case.

Aside from criminal prosecution, the victim may have:

  • a civil action for damages
  • a claim under privacy law
  • labor or administrative remedies, if an employee or officer was involved
  • contractual remedies, where a platform, provider, or counterparty breached obligations

Civil liability may include:

  • actual damages
  • moral damages
  • exemplary damages in proper cases
  • attorney’s fees when legally warranted

XXV. What happens after the complaint is filed?

A cybercrime complaint does not become a court case immediately. Usually, these stages follow:

1. Intake and assessment

The agency checks the complaint and evidence.

2. Investigation

Evidence is verified, respondents identified, and records gathered.

3. Referral or filing before the prosecutor

The case is elevated for preliminary investigation if warranted.

4. Counter-affidavit stage

The respondent may be required to submit a counter-affidavit.

5. Resolution on probable cause

The prosecutor decides whether to file the case in court.

6. Court proceedings

If an Information is filed, trial follows under criminal procedure.

This can take time. Cybercrime cases are often slower than complainants expect because digital tracing, subpoenas, certifications, and platform coordination take time.

XXVI. What are the usual reasons cybercrime complaints fail?

Many complaints fail not because no wrong occurred, but because the case was not prepared properly.

Common reasons:

  • wrong offense charged
  • inadequate evidence
  • no proof linking the suspect to the act
  • screenshots without source data
  • unclear timeline
  • deleted original messages
  • venue defect
  • prescription issues
  • overreliance on hearsay
  • filing a purely civil or contractual dispute as if it were criminal
  • inability to prove malice in cyber libel
  • inability to prove lack of authorization in hacking-related claims

XXVII. Practical checklist for complainants

Before filing, make sure you have:

  • valid government ID
  • written summary of facts
  • chronology of events
  • screenshots and printouts
  • original digital files
  • URLs and usernames
  • transaction records and reference numbers
  • proof of account ownership
  • proof of damage or loss
  • names and contact details of witnesses, if any
  • correspondence with the platform, bank, or provider
  • preserved source device where possible

XXVIII. Special issues involving social media platforms

Platforms can remove content or suspend accounts, but platform moderation is not the same as criminal liability.

You should do both where needed:

  • report to the platform for takedown or account action
  • report to law enforcement for investigation and prosecution

Content may disappear quickly. Preserve it first before reporting, as long as preservation can be done lawfully and safely.

XXIX. What about minors, schools, and online bullying?

Online bullying may or may not amount to a criminal offense depending on the conduct. If it involves:

  • threats
  • extortion
  • sexual exploitation
  • identity theft
  • non-consensual intimate images
  • serious defamatory conduct
  • privacy violations
  • stalking-like behavior with criminal elements

then it may rise to a cybercrime or related offense.

When minors are involved, schools, parents, child protection officers, social welfare authorities, and law enforcement may all have roles. Care is needed because the age of both victim and alleged offender affects procedure and liability.

XXX. What if the complaint is really a private dispute?

Not every ugly online incident is criminal.

Examples that are not automatically cybercrime:

  • simple rudeness
  • broken promises without criminal deceit
  • ordinary debt disputes
  • business misunderstandings
  • arguments in private groups without the legal elements of libel or threats
  • relationship disputes that lack an actual offense

Misclassifying a civil disagreement as cybercrime can waste time and may expose the complainant to counterclaims if false accusations are made recklessly.

XXXI. Filing with the National Privacy Commission

Where personal data misuse is central, the NPC may be the proper forum for complaint or parallel action.

This is common where there is:

  • unauthorized disclosure of customer data
  • employee data misuse
  • unlawful publication of IDs, addresses, or personal records
  • improper processing of sensitive personal information
  • data breach notification issues

A privacy complaint may lead to administrative, civil, and even criminal consequences depending on the facts.

XXXII. Filing against a co-worker, employee, or insider

Insider cyber incidents are common:

  • misuse of company access
  • theft of customer data
  • unauthorized downloads
  • fake reimbursements or payment manipulations
  • account misuse after resignation
  • impersonation using company systems

These cases usually require coordination among:

  • management
  • HR
  • IT
  • counsel
  • investigators

Do not rush to wipe devices or deactivate accounts without first preserving logs and evidence.

XXXIII. What courts handle cybercrime cases?

Criminal actions are generally filed in the proper trial courts according to the offense charged, applicable penalty, and procedural rules. In practice, what matters to the complainant at the filing stage is first getting the case properly received, investigated, and referred to the prosecutor or filed before the proper prosecutorial office.

The exact court level depends on the charge and penalty.

XXXIV. Sample filing path for common scenarios

Scenario 1: Facebook marketplace scam

  1. Preserve chats, post links, profile, payment proof.
  2. Report immediately to bank or e-wallet.
  3. File complaint with PNP-ACG or NBI Cybercrime Division.
  4. Execute complaint-affidavit.
  5. Attach evidence and transaction details.
  6. Follow through with prosecutor referral.

Scenario 2: Hacked email and stolen online banking access

  1. Recover email first.
  2. Freeze affected financial accounts.
  3. Preserve alerts, IP logs, and notifications.
  4. Report to bank fraud department.
  5. File with PNP-ACG or NBI.
  6. Coordinate on device and forensic preservation.

Scenario 3: Online libel post

  1. Preserve full post, URL, profile, date, and comments.
  2. Capture context showing identification of the victim.
  3. Avoid retaliatory posting.
  4. Consult counsel on venue and prescription.
  5. File criminal complaint with properly prepared affidavit and evidence.

Scenario 4: Leaked intimate photo

  1. Preserve evidence safely.
  2. Report urgent takedown to the platform.
  3. File immediately with PNP-ACG or NBI.
  4. Consider parallel complaint under relevant sexual privacy laws.
  5. Seek protective and psychological support as needed.

XXXV. Important practical warnings

Do not rely on screenshots alone.

Preserve original files and source details.

Do not wait too long.

Delay harms both evidence and legal remedies.

Do not accuse publicly without proof.

You may create a separate legal problem.

Do not send hacked data around.

That may compromise the case and create new liability.

Do not assume platform removal equals justice.

Takedown is different from prosecution.

Do not assume anonymous accounts are untraceable.

They may be traceable, but only through proper process.

Do not assume every online wrong is cybercrime.

Correct legal classification matters.

XXXVI. Bottom line

Filing a cybercrime complaint in the Philippines is a legal and evidentiary process, not just an online report. The complainant must identify the wrongful act, preserve digital evidence properly, choose the correct agency, and present a coherent sworn narrative supported by authentic records.

For most victims, the practical route is:

  1. preserve all evidence immediately,
  2. secure affected accounts and finances,
  3. report to the platform, bank, or provider where relevant,
  4. file with the PNP Anti-Cybercrime Group or NBI Cybercrime Division,
  5. prepare a strong Complaint-Affidavit and supporting annexes,
  6. pursue the case through preliminary investigation before the prosecutor.

The strongest cybercrime complaints are the ones built early, documented well, and filed under the correct legal theory.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login