How to File a Cybercrime Scam Complaint in the Philippines

Cybercrime scams are now among the most common forms of fraud in the Philippines. They may involve fake online sellers, phishing links, hacked accounts, fake investment platforms, e-wallet fraud, romance scams, job scams, loan scams, cryptocurrency schemes, impersonation, unauthorized bank transfers, fake customer service pages, SIM-related scams, online blackmail, marketplace fraud, and identity theft.

A victim of a cybercrime scam should act quickly. Digital evidence can disappear, fake accounts can be deleted, funds can be transferred through multiple accounts, and scammers may continue targeting other victims. The strongest complaints are those supported by screenshots, transaction receipts, account links, URLs, phone numbers, bank or e-wallet records, chat logs, and a clear timeline.

In the Philippines, a cybercrime scam complaint may be reported to cybercrime law enforcement units, the National Bureau of Investigation, the Philippine National Police, the prosecutor’s office, banks, e-wallet providers, telecommunications companies, online platforms, the National Privacy Commission, the Securities and Exchange Commission, the Department of Trade and Industry, or other agencies depending on the scam.

This article explains what qualifies as a cybercrime scam, what laws may apply, what evidence to gather, where to file, how to prepare a complaint-affidavit, what happens after filing, and what practical steps victims should take.

1. What Is a Cybercrime Scam?

A cybercrime scam is a fraudulent scheme committed through, using, or involving a computer system, internet platform, mobile phone, digital account, electronic payment system, website, social media account, messaging app, e-wallet, online marketplace, email, or other information and communications technology.

It usually involves deceit for financial gain or unlawful advantage.

Common scam methods include:

  1. pretending to be a seller and collecting payment without delivering goods;
  2. pretending to be a buyer and using fake payment proof;
  3. sending phishing links to steal account credentials;
  4. hacking or taking over social media or e-wallet accounts;
  5. impersonating relatives, friends, banks, government agencies, or companies;
  6. offering fake jobs or work-from-home schemes;
  7. promoting fake investments;
  8. offering fake loans and collecting advance fees;
  9. running romance scams;
  10. extorting victims through private photos or videos;
  11. selling fake travel tickets, gadgets, rentals, or services;
  12. asking for OTP, MPIN, password, or verification codes;
  13. using fake customer support pages;
  14. collecting payments through mule bank accounts or e-wallets;
  15. using fake IDs, fake receipts, or fake tracking numbers.

The legal classification depends on the specific acts and evidence.

2. Common Types of Cybercrime Scams

Cybercrime scams can appear in many forms.

A. Online Selling Scam

A seller posts goods online, accepts payment, and does not deliver. The seller may block the buyer afterward or send fake tracking information.

Examples:

  1. fake gadget seller;
  2. fake concert ticket seller;
  3. fake clothing shop;
  4. fake appliance seller;
  5. fake car parts seller;
  6. fake preorder page;
  7. fake live selling account;
  8. fake marketplace listing;
  9. fake rental listing;
  10. fake courier or shipping fee demand.

B. Fake Buyer Scam

A scammer pretends to buy an item and sends fake payment confirmation, fake bank transfer screenshots, or fake escrow links.

Examples:

  1. fake deposit receipt;
  2. fake payment email;
  3. overpayment scam;
  4. fake courier pickup;
  5. phishing link disguised as payment claim;
  6. fake marketplace protection page.

C. Phishing

Phishing uses fake links, pages, messages, or emails to steal credentials.

Examples:

  1. fake bank login page;
  2. fake e-wallet verification page;
  3. fake delivery tracking link;
  4. fake account recovery page;
  5. fake government aid form;
  6. fake promo or raffle registration;
  7. fake security alert;
  8. fake “account will be suspended” message.

D. Account Takeover

A scammer gains access to a victim’s account and uses it to steal money or scam contacts.

Examples:

  1. hacked Facebook account asks friends for loans;
  2. compromised e-wallet sends money out;
  3. hacked email resets bank credentials;
  4. social media account used to sell fake goods;
  5. messaging app used to solicit emergency funds.

E. E-Wallet and Bank Transfer Scam

The scam involves unauthorized transfers, fake payment links, or manipulation of digital finance accounts.

Examples:

  1. unauthorized GCash, Maya, bank, or e-wallet transfer;
  2. scammer tricks victim into sending money;
  3. victim shares OTP after fake support call;
  4. SIM swap leads to account takeover;
  5. fake QR code diverts payment;
  6. scammer uses mule accounts.

F. Investment Scam

The scammer offers high returns, guaranteed profit, crypto trading, forex trading, online tasks, franchising, lending investment, or pooled funds.

Red flags include:

  1. guaranteed daily or monthly returns;
  2. referral commissions;
  3. pressure to invest quickly;
  4. no SEC registration or authority;
  5. fake certificates;
  6. returns paid from new investors;
  7. refusal to disclose business model;
  8. sudden withdrawal restrictions.

G. Job Scam

A fake employer or recruiter collects money or personal information.

Examples:

  1. payment for processing fee;
  2. payment for training kit;
  3. fake overseas job placement;
  4. fake work-from-home task platform;
  5. advance fee for equipment;
  6. fake interview link used for phishing;
  7. money mule recruitment.

H. Loan Scam

A fake lender promises fast approval but demands upfront fees.

Examples:

  1. processing fee;
  2. insurance fee;
  3. anti-money laundering clearance fee;
  4. release fee;
  5. notarial fee;
  6. account activation fee;
  7. borrower pays but no loan is released.

I. Romance Scam

A scammer builds an online relationship and later asks for money.

Common excuses include:

  1. emergency hospital bills;
  2. customs fees;
  3. plane ticket;
  4. visa processing;
  5. business problem;
  6. frozen account;
  7. package delivery;
  8. military deployment problem.

J. Sextortion and Online Blackmail

The scammer threatens to release private images, videos, or fabricated sexual content unless money is paid.

This may involve:

  1. private video call recording;
  2. intimate photo threat;
  3. fake edited image;
  4. threat to send content to family or employer;
  5. repeated money demands.

If the victim is a minor, child protection laws and special handling are critical.

3. Laws That May Apply

A cybercrime scam may involve several laws, depending on the facts.

A. Cybercrime Prevention Law

This may apply to computer-related fraud, identity theft, illegal access, cyberlibel, data interference, system interference, misuse of devices, and other offenses committed through computer systems.

B. Revised Penal Code

Traditional crimes may also apply, including estafa, theft, falsification, threats, coercion, unjust vexation, libel, and other offenses.

C. Access Device and Financial Fraud Laws

If the scam involves credit cards, debit cards, account credentials, online banking, ATM cards, or access devices, special laws may apply.

D. Data Privacy Law

If personal data, IDs, selfies, contact lists, addresses, financial records, or sensitive personal information were collected, used, shared, or exposed unlawfully, data privacy remedies may apply.

E. Securities Laws

If the scam involves investments, securities, pooled funds, crypto investment schemes, lending investments, or guaranteed returns, securities regulation may apply.

F. Consumer Protection Laws

If the scam involves online selling, defective products, false advertising, deceptive sales, or merchant misconduct, consumer protection remedies may apply.

G. Anti-Trafficking, Child Protection, and Anti-Voyeurism Laws

If the scam involves sexual exploitation, minors, intimate images, grooming, trafficking, or online sexual abuse, special laws may apply.

A complainant does not need to perfectly identify every legal offense at the start. The important task is to present the facts and evidence clearly.

4. Is It Cybercrime, Estafa, or Both?

Many online scams are both cybercrime-related and estafa-related.

Estafa

Estafa generally involves deceit or abuse of confidence causing damage. In an online scam, estafa may occur when the scammer deceives the victim into sending money.

Cybercrime

Cybercrime may apply because the fraud was committed through a computer system, online account, mobile app, or digital platform.

Example:

A fake seller uses Facebook Marketplace, sends false representations through Messenger, receives GCash payment, and blocks the buyer. This may involve estafa and cybercrime-related fraud.

The prosecutor or investigator may determine the precise charges.

5. First Rule: Preserve Evidence Immediately

Before confronting the scammer, preserve evidence. Scammers often delete accounts, unsend messages, change usernames, remove posts, or block victims.

Save:

  1. screenshots of the scammer’s profile;
  2. account username, handle, URL, or link;
  3. screenshots of posts or listings;
  4. full chat conversation;
  5. payment receipts;
  6. bank or e-wallet transaction reference numbers;
  7. QR codes used;
  8. phone numbers;
  9. email addresses;
  10. website URLs;
  11. order confirmation;
  12. fake receipts;
  13. shipping labels;
  14. tracking numbers;
  15. calls and SMS logs;
  16. photos or videos sent by the scammer;
  17. names of other victims;
  18. group chat records;
  19. platform reports;
  20. customer support ticket numbers.

Do not rely only on memory.

6. How to Take Useful Screenshots

Screenshots should show context. Capture:

  1. full name or account name;
  2. username or handle;
  3. profile photo;
  4. profile URL;
  5. date and time of messages;
  6. complete messages, not just selected lines;
  7. payment instructions;
  8. account numbers;
  9. e-wallet or bank names;
  10. promises made by scammer;
  11. proof of payment;
  12. scammer’s acknowledgment of payment;
  13. failure to deliver;
  14. blocking or deletion, if visible;
  15. comments from other victims.

For long conversations, take screenshots in sequence. Avoid cropping out identifying information.

7. Save URLs and Account Links

A screenshot of a profile is useful, but the actual link is often more useful.

Save links to:

  1. social media profile;
  2. marketplace listing;
  3. group post;
  4. comment thread;
  5. website;
  6. phishing page;
  7. fake customer support page;
  8. video or livestream;
  9. product listing;
  10. online investment page.

Copy and paste the URL into a document together with the date and time accessed.

8. Download Account Data Where Possible

Some platforms allow users to download chat or account data. This may help preserve messages in a more complete form.

Examples of useful exports include:

  1. Facebook data download;
  2. Messenger conversation export;
  3. email headers;
  4. bank statement export;
  5. e-wallet transaction history;
  6. marketplace order records;
  7. website order records;
  8. call logs;
  9. cloud backups.

Keep original files when possible.

9. Do Not Delete the Conversation

Victims sometimes delete conversations out of anger, shame, or fear. This weakens the case.

Keep:

  1. chat thread;
  2. payment receipts;
  3. scammer profile;
  4. emails;
  5. SMS;
  6. call logs;
  7. app notifications;
  8. fake documents.

If the scam involves intimate images or minors, preserve evidence privately and securely. Do not repost or share publicly.

10. Secure Your Accounts

If the scam involved hacking, phishing, or account takeover, secure all related accounts immediately.

Steps include:

  1. change passwords;
  2. enable two-factor authentication;
  3. log out unknown devices;
  4. remove unknown recovery emails or phone numbers;
  5. check linked accounts;
  6. remove suspicious app permissions;
  7. change email password;
  8. secure e-wallet and banking apps;
  9. freeze or temporarily restrict accounts if needed;
  10. report lost SIM or device;
  11. check for unauthorized loans or transfers;
  12. warn contacts if your account was used to scam others.

Use a clean device if you suspect malware.

11. Report to Bank or E-Wallet Provider Immediately

If money was sent through a bank, e-wallet, remittance center, crypto exchange, or payment platform, report immediately.

Ask for:

  1. transaction hold or freeze, if possible;
  2. dispute filing;
  3. fraud report ticket number;
  4. recipient account review;
  5. transaction tracing;
  6. written acknowledgment;
  7. reversal process, if available;
  8. preservation of account logs;
  9. confirmation whether funds were withdrawn;
  10. instructions for law enforcement coordination.

Time is critical. Funds may be moved quickly through mule accounts.

12. What to Send to the Bank or E-Wallet

Provide:

  1. your full name;
  2. your account or mobile number;
  3. transaction date and time;
  4. amount;
  5. recipient account name;
  6. recipient account number or mobile number;
  7. reference number;
  8. screenshots of scam conversation;
  9. explanation of fraud;
  10. police or cybercrime report, if already available;
  11. request to freeze or investigate recipient account;
  12. your contact details.

Always ask for a case or ticket number.

13. Report to the Platform

Report the scam account or listing to the platform, such as Facebook, Instagram, TikTok, X, YouTube, Shopee, Lazada, Carousell, Telegram, Viber, WhatsApp, or other service.

Report categories may include:

  1. scam or fraud;
  2. impersonation;
  3. fake account;
  4. phishing;
  5. hacked account;
  6. harassment;
  7. non-consensual intimate content;
  8. child exploitation;
  9. counterfeit goods;
  10. intellectual property violation.

Platform reporting may result in takedown, account restriction, or preservation of evidence. But do not rely only on platform reporting if money was lost.

14. Report to Cybercrime Authorities

A cybercrime scam complaint may be reported to law enforcement cybercrime units.

Common options include:

  1. Philippine National Police Anti-Cybercrime Group;
  2. National Bureau of Investigation Cybercrime Division;
  3. local police station for initial blotter or referral;
  4. prosecutor’s office for filing a criminal complaint;
  5. specialized agencies depending on scam type.

For serious fraud, account takeover, extortion, or large losses, report as soon as possible.

15. PNP Anti-Cybercrime Group

The PNP Anti-Cybercrime Group handles cybercrime reports, investigation, digital evidence, online fraud, hacking, phishing, identity theft, cyber harassment, and related offenses.

When reporting, bring:

  1. valid government ID;
  2. printed screenshots;
  3. digital copies of evidence;
  4. transaction receipts;
  5. bank or e-wallet records;
  6. scammer account links;
  7. phone numbers and emails;
  8. written timeline;
  9. affidavit or complaint narrative;
  10. platform report details;
  11. names of witnesses or other victims.

The PNP may evaluate the evidence and advise on next steps.

16. NBI Cybercrime Division

The NBI Cybercrime Division also receives complaints involving online fraud, account hacking, phishing, identity theft, online scams, sextortion, cyberlibel, and related cyber offenses.

Bring:

  1. valid ID;
  2. complaint narrative;
  3. screenshots;
  4. URLs;
  5. transaction records;
  6. scammer details;
  7. bank or e-wallet reports;
  8. device or account information;
  9. printed and digital evidence;
  10. other supporting documents.

The NBI may conduct technical investigation or refer the matter for appropriate legal action.

17. Filing With the Prosecutor’s Office

A criminal complaint may be filed with the Office of the City or Provincial Prosecutor.

A prosecutor’s complaint usually requires:

  1. complaint-affidavit;
  2. supporting affidavits;
  3. screenshots and printouts;
  4. transaction records;
  5. identity documents;
  6. proof of scam;
  7. proof of payment;
  8. proof of damage;
  9. evidence linking respondent to the scam;
  10. certification or authentication of electronic evidence where needed.

If the respondent is unknown, law enforcement investigation may be needed first to identify the person behind the account.

18. Unknown Scammer: Can You Still File?

Yes. A victim may report even if the real identity of the scammer is unknown.

Many scammers use:

  1. fake names;
  2. stolen photos;
  3. mule accounts;
  4. prepaid SIMs;
  5. hacked accounts;
  6. fake IDs;
  7. VPNs;
  8. disposable emails;
  9. multiple e-wallets;
  10. foreign platforms.

Authorities may use lawful processes to trace accounts, phone numbers, payment records, IP logs, KYC records, or recipient account details.

However, identifying an anonymous scammer can be difficult, especially if evidence is incomplete or funds were quickly withdrawn.

19. Known Scammer: What If You Know the Person?

If the scammer is known, the complaint should include:

  1. full name;
  2. address, if known;
  3. phone number;
  4. social media accounts;
  5. bank or e-wallet account details;
  6. proof connecting that person to the scam account;
  7. proof of payment to their account;
  8. screenshots of admissions;
  9. witness statements;
  10. prior transactions.

Do not rely on assumptions. The complaint must link the person to the fraudulent act.

20. Evidence Linking the Scammer to the Account

This is often the hardest part. Useful linking evidence includes:

  1. bank or e-wallet account registered name;
  2. phone number used in chat and payment;
  3. same name across accounts;
  4. delivery address;
  5. ID sent by scammer;
  6. video call or voice call;
  7. admissions;
  8. account recovery data from platform, through lawful process;
  9. IP logs, through lawful process;
  10. witness identification;
  11. other victims identifying the same person;
  12. screenshots showing the person controlling the account;
  13. transaction recipient records.

A fake name alone may not be enough.

21. Complaint-Affidavit

A complaint-affidavit is a sworn statement narrating what happened and attaching evidence.

It should be:

  1. clear;
  2. chronological;
  3. factual;
  4. specific;
  5. supported by attachments;
  6. free of exaggeration;
  7. signed and sworn before an authorized officer.

A well-prepared affidavit helps investigators and prosecutors understand the case quickly.

22. Contents of a Complaint-Affidavit

A complaint-affidavit should include:

  1. complainant’s name, age, address, and contact details;
  2. respondent’s identity, if known;
  3. platform used;
  4. account name and URL;
  5. date and time of first contact;
  6. representations made by scammer;
  7. amount paid;
  8. payment method;
  9. recipient account details;
  10. transaction reference number;
  11. what the scammer promised;
  12. what actually happened;
  13. steps taken after discovering the scam;
  14. reports made to bank, e-wallet, or platform;
  15. damage suffered;
  16. list of attached evidence;
  17. request for investigation and prosecution.

23. Sample Complaint-Affidavit Structure

A basic structure may be:

  1. Introduction – Identify the complainant.
  2. Background – Explain how contact with the scammer began.
  3. Fraudulent Representation – State what the scammer promised or claimed.
  4. Payment – State how much was paid, when, and to whom.
  5. Failure or Deceit – Explain non-delivery, blocking, false receipts, or other fraud.
  6. Evidence – Identify screenshots, receipts, URLs, and transaction records.
  7. Damage – State financial loss and other harm.
  8. Action Taken – State reports to bank, platform, or authorities.
  9. Prayer – Request investigation and filing of appropriate charges.

24. Sample Complaint-Affidavit Language

A simplified affidavit may state:

I, [name], of legal age, Filipino, and residing at [address], after being sworn, state:

  1. On [date], I saw an online post by [account name/profile link] offering [item/service/investment].
  2. I contacted the said account through [platform], and the person represented that [specific promise].
  3. Relying on those representations, I sent PHP [amount] on [date/time] through [bank/e-wallet] to [recipient name/account number/mobile number], with transaction reference number [number].
  4. After receiving payment, the person failed to deliver [item/service/return], gave false excuses, and later [blocked me/deleted the account/stopped replying].
  5. I later discovered that the representations were false and that I was defrauded.
  6. Attached are screenshots of the conversation, the account profile, the online post, payment receipt, and other evidence.
  7. I respectfully request investigation and the filing of appropriate charges against the person or persons responsible.

This should be customized to the actual facts.

25. Evidence Index

Organize evidence into annexes.

Example:

  1. Annex A – Screenshot of scammer profile.
  2. Annex B – Screenshot of online listing.
  3. Annex C – Chat conversation, pages 1 to 10.
  4. Annex D – Payment receipt.
  5. Annex E – Bank or e-wallet transaction history.
  6. Annex F – Screenshot showing scammer blocked complainant.
  7. Annex G – Platform report confirmation.
  8. Annex H – Bank or e-wallet fraud ticket.
  9. Annex I – Written demand or follow-up messages.
  10. Annex J – Affidavit of witness or other victim.

A clean evidence file makes the complaint more credible.

26. Timeline of Events

Prepare a timeline.

Example:

  1. March 1, 2026 – Saw Facebook listing for iPhone.
  2. March 1, 2026, 8:00 PM – Messaged seller.
  3. March 1, 2026, 9:00 PM – Seller promised delivery after payment.
  4. March 2, 2026, 10:15 AM – Sent PHP 18,000 to GCash number.
  5. March 2, 2026, 11:00 AM – Seller confirmed receipt.
  6. March 3, 2026 – Seller sent fake tracking number.
  7. March 4, 2026 – Seller stopped replying.
  8. March 5, 2026 – Account blocked me.
  9. March 5, 2026 – Reported to e-wallet provider and platform.
  10. March 6, 2026 – Prepared complaint.

Investigators appreciate precise dates.

27. Amount of Loss

State the exact amount lost. Include:

  1. principal amount paid;
  2. transfer fees;
  3. additional shipping fees;
  4. repeated payments;
  5. penalty or loan charges caused by scam;
  6. bank charges;
  7. other directly related losses.

For criminal purposes, the amount may affect penalties or case handling.

28. What If the Amount Is Small?

Even small scams may be reported. Small amounts may be part of a larger pattern affecting many victims.

However, practical enforcement may depend on evidence, identification of scammer, and agency resources.

For small amounts, victims may also consider:

  1. platform report;
  2. bank or e-wallet dispute;
  3. small claims, if the scammer is known;
  4. group complaint with other victims;
  5. barangay documentation if the person is local and known;
  6. demand letter.

29. What If Many Victims Are Involved?

A group complaint may be stronger.

Group evidence may show:

  1. same scammer;
  2. same account;
  3. same payment account;
  4. repeated fraudulent pattern;
  5. larger total amount;
  6. organized scheme;
  7. multiple witnesses;
  8. common modus.

Each victim should still prepare individual proof of payment and communication.

30. Demand Letter Before Filing

A demand letter is not always required before filing a cybercrime scam complaint. However, it may help in some cases, especially when the scammer is known and may settle.

A demand letter may state:

  1. transaction details;
  2. false representations;
  3. amount paid;
  4. demand for refund;
  5. deadline;
  6. warning that legal remedies will be pursued;
  7. request to preserve evidence.

Avoid threats, insults, or defamatory statements.

31. Sample Demand Letter

I demand the immediate return of PHP [amount], which I sent to you on [date] through [payment method] for [item/service/investment]. You represented that [promise], but you failed to deliver and have not provided a valid refund.

Please return the amount within [number] days from receipt of this demand. This demand is without prejudice to my right to file criminal, civil, cybercrime, consumer protection, and other appropriate complaints.

If the scammer is unknown or dangerous, reporting directly may be better than warning them.

32. Should You Confront the Scammer?

Be careful. Confronting the scammer may cause them to delete evidence, move funds, or threaten you.

Before confrontation:

  1. preserve all evidence;
  2. save URLs and account links;
  3. report to payment provider;
  4. consider filing with authorities;
  5. avoid threats or insults;
  6. avoid revealing your strategy.

If the scam involves extortion, threats, or intimate images, avoid negotiating alone.

33. Do Not Pay More Money

Scammers often demand additional fees after the first payment.

Common follow-up demands include:

  1. shipping fee;
  2. customs fee;
  3. tax clearance;
  4. withdrawal fee;
  5. anti-money laundering clearance;
  6. lawyer fee;
  7. account activation fee;
  8. refund processing fee;
  9. courier insurance fee;
  10. platform unlock fee.

Do not send more money just to recover the first payment.

34. Do Not Share OTP or Password

No legitimate bank, e-wallet, government agency, or platform should ask for your OTP, MPIN, password, or full security credentials.

If you shared credentials, secure accounts immediately and report account compromise.

35. If the Scam Involves Bank or E-Wallet Mule Accounts

Scammers often use mule accounts, meaning accounts owned by people who receive scam funds for a commission or under false pretenses.

The recipient account holder may claim:

  1. account was borrowed;
  2. they were also scammed;
  3. they sold their SIM or account;
  4. they acted as cash-out agent;
  5. they did not know the source of funds.

Even if the real mastermind is unknown, the mule account is an important investigative lead.

36. Request to Freeze Funds

Victims should ask the bank or e-wallet provider to freeze or hold funds if still available.

However:

  1. providers may need legal basis;
  2. funds may already be withdrawn;
  3. bank secrecy and privacy rules apply;
  4. law enforcement may need to coordinate;
  5. timely report increases chances of recovery.

Ask for written confirmation of your report.

37. Can the Money Be Recovered?

Recovery depends on:

  1. speed of reporting;
  2. whether funds remain in recipient account;
  3. cooperation of bank or e-wallet;
  4. identification of recipient;
  5. legal process;
  6. whether scammer has assets;
  7. whether civil action is filed;
  8. whether restitution is ordered;
  9. whether settlement occurs;
  10. whether transaction was reversible.

Criminal filing does not automatically guarantee immediate refund. Restitution or civil recovery may require separate steps.

38. Civil Remedies

A victim may pursue civil remedies, especially if the scammer is known.

Possible civil remedies include:

  1. small claims action;
  2. civil action for sum of money;
  3. damages;
  4. recovery based on fraud;
  5. restitution;
  6. attachment, where legally available;
  7. claim within criminal case;
  8. settlement agreement.

Small claims may be useful for straightforward money claims when the respondent is identifiable and within jurisdiction.

39. Small Claims for Online Scam

Small claims may be considered if:

  1. the amount is within the covered threshold;
  2. the scammer’s real identity and address are known;
  3. the claim is for payment or refund of money;
  4. evidence is documentary;
  5. the victim wants a simplified civil remedy.

Small claims do not replace criminal reporting if fraud or cybercrime occurred.

40. Criminal Case Versus Civil Recovery

A criminal case punishes the offender and may include civil liability. A civil case focuses on recovering money or damages.

A victim may pursue both depending on procedure and strategy.

Important distinction:

  1. criminal case requires proof beyond reasonable doubt;
  2. civil claim generally requires lower proof;
  3. criminal case may take time;
  4. civil recovery depends on locating the respondent and assets;
  5. settlement may affect civil claims but not always criminal liability.

41. Reporting Investment Scams

If the scam involves investments, report to the appropriate securities regulator or enforcement office in addition to cybercrime authorities.

Evidence should include:

  1. investment offer;
  2. promised returns;
  3. SEC registration claims;
  4. contracts;
  5. payment receipts;
  6. referral system;
  7. website or app;
  8. names of promoters;
  9. group chats;
  10. payout records;
  11. withdrawal refusal;
  12. public posts or advertisements.

Investment scams often involve securities violations, estafa, cybercrime, and money laundering concerns.

42. Reporting Fake Online Sellers

If the scam involves online selling, report to:

  1. platform marketplace;
  2. payment provider;
  3. cybercrime authorities;
  4. consumer protection office if a registered merchant is involved;
  5. local police or prosecutor if seller is known.

Evidence should show:

  1. product listing;
  2. seller identity;
  3. agreement to sell;
  4. payment;
  5. failure to deliver;
  6. excuses or blocking;
  7. fake tracking, if any.

43. Reporting Fake Loan Apps or Lenders

If the scam involves fake loans or abusive online lending, report to relevant regulators, privacy authorities, and cybercrime units.

Evidence should include:

  1. app name;
  2. website;
  3. lender name;
  4. SEC registration claims;
  5. permissions requested;
  6. fees paid;
  7. loan agreement, if any;
  8. harassment messages;
  9. contact list misuse;
  10. payment account;
  11. screenshots of app and messages.

If the app collected personal data and harassed contacts, data privacy complaint may also be appropriate.

44. Reporting Romance Scams

Romance scam complaints should include:

  1. dating profile;
  2. social media accounts;
  3. photos used;
  4. chat history;
  5. promises and emotional manipulation;
  6. requests for money;
  7. payment receipts;
  8. recipient accounts;
  9. fake documents;
  10. travel or package claims;
  11. video call screenshots, if any.

Victims should not feel ashamed. Romance scams are designed to manipulate trust.

45. Reporting Sextortion

If the scam involves threats to release intimate images or videos:

  1. preserve all threats;
  2. do not send more images;
  3. do not pay more money;
  4. report the account to the platform;
  5. report to cybercrime authorities;
  6. if a minor is involved, seek urgent child protection assistance;
  7. warn close contacts only if necessary and safely;
  8. request platform takedown if content is posted.

Do not publicly repost the content as evidence.

46. If the Victim Is a Minor

If the victim is a child, the case should be handled with special care.

Report to:

  1. parent or guardian, unless unsafe;
  2. Women and Children Protection Desk;
  3. cybercrime authorities;
  4. social welfare office;
  5. school child protection officer, if school-related;
  6. prosecutor, where needed.

Protect the child’s identity. Do not share screenshots publicly. If sexual content is involved, preserve evidence securely and report immediately.

47. Identity Theft in Scams

A scam may involve identity theft when the scammer uses another person’s name, photo, ID, account, or business identity.

The victim of identity theft should report:

  1. fake account;
  2. unauthorized use of photo;
  3. fake ID;
  4. fake business page;
  5. unauthorized loan application;
  6. fake seller using victim’s name;
  7. scam messages sent under victim’s account.

Identity theft complaints may involve cybercrime and data privacy issues.

48. Fake Government or Bank Messages

Scammers often impersonate:

  1. banks;
  2. e-wallets;
  3. BIR;
  4. SSS;
  5. PhilHealth;
  6. Pag-IBIG;
  7. PSA;
  8. DSWD;
  9. LTO;
  10. immigration;
  11. police;
  12. courts;
  13. delivery companies.

Report impersonation to the real institution and cybercrime authorities. Do not click links or call numbers in the suspicious message.

49. SIM Registration and Scam Calls

SIM registration does not eliminate scams. Scammers may use registered SIMs under fake, stolen, borrowed, or mule identities.

If you have the scammer’s number:

  1. screenshot SMS and call logs;
  2. report to telecom provider;
  3. include number in cybercrime complaint;
  4. avoid calling repeatedly or threatening the person;
  5. preserve the SIM-related evidence.

Telecom records may require lawful process.

50. Cryptocurrency Scam

Crypto scams may involve fake exchanges, fake wallets, fake traders, Ponzi schemes, pig-butchering scams, fake mining, or fake recovery services.

Evidence should include:

  1. wallet addresses;
  2. transaction hashes;
  3. exchange account records;
  4. chat logs;
  5. website URLs;
  6. investment promises;
  7. screenshots of dashboard balances;
  8. withdrawal refusal;
  9. names of promoters;
  10. bank or e-wallet funding records.

Crypto transactions may be hard to reverse, but blockchain records can help trace movement.

51. Fake Recovery Scam

After a victim is scammed, another scammer may offer to recover the funds for a fee.

Red flags include:

  1. guaranteed recovery;
  2. upfront fee;
  3. claim of hacker access;
  4. fake law enforcement identity;
  5. request for wallet seed phrase;
  6. request for bank credentials;
  7. pressure to act fast.

Do not pay recovery scammers. Report through official channels.

52. What If the Scammer Returns the Money?

If the scammer refunds the full amount, the victim may decide whether to pursue the case further. However, refund does not automatically erase criminal liability if a crime was committed.

A settlement should be documented in writing.

The victim should be cautious if the scammer asks for withdrawal of complaint before payment is actually received and cleared.

53. Settlement Agreement

If settlement occurs, the agreement should state:

  1. names of parties;
  2. amount to be refunded;
  3. payment deadline;
  4. payment method;
  5. acknowledgment of receipt;
  6. whether claims are released;
  7. confidentiality, if any;
  8. no further harassment;
  9. consequences of nonpayment;
  10. reservation of rights if partial payment.

Do not sign broad waivers without understanding them.

54. Retraction of Complaint

A victim may submit a desistance or withdrawal in some cases, but criminal cases may still proceed depending on the offense and public interest.

Authorities are not always bound by private settlement, especially in serious or repeated fraud.

55. Barangay Blotter

A barangay blotter may document the incident if the scammer is local or known. However, a barangay blotter is not a substitute for cybercrime reporting.

Barangay officials generally cannot fully investigate anonymous online accounts, bank records, IP logs, or platform data.

Use barangay blotter only as supplementary documentation.

56. Police Blotter

A police blotter records the complaint at a police station. It may be useful, but it is not the same as a full criminal complaint or cybercrime investigation.

Ask whether the case will be referred to a cybercrime unit or investigator.

57. Authentication of Electronic Evidence

Electronic evidence may need to be authenticated.

Helpful practices include:

  1. preserve original device;
  2. keep original chat thread;
  3. save URLs;
  4. print screenshots;
  5. execute affidavit explaining how screenshots were taken;
  6. ask witnesses to execute affidavits;
  7. keep metadata where possible;
  8. preserve email headers;
  9. avoid editing screenshots;
  10. submit digital copies along with printed copies.

The goal is to show that the evidence is genuine and unaltered.

58. Should Screenshots Be Notarized?

Screenshots themselves are not usually notarized as documents in the same way affidavits are. Instead, the complainant may execute an affidavit identifying and explaining the screenshots.

In some cases, a lawyer or notary may help prepare sworn statements and certified printouts.

59. Email Header Evidence

If the scam was through email, preserve full email headers. Headers may show technical routing information useful for investigation.

Do not merely screenshot the email body. Save the original email.

60. Website Evidence

If the scam used a website:

  1. screenshot the homepage;
  2. screenshot terms and payment instructions;
  3. save URL;
  4. note date and time accessed;
  5. save WHOIS or domain information if available;
  6. preserve emails from the website;
  7. save payment page;
  8. report domain to hosting provider or platform;
  9. include website in cybercrime complaint.

Websites can disappear quickly.

61. Fake Documents Sent by Scammer

Scammers may send fake IDs, permits, SEC certificates, DTI certificates, business permits, courier receipts, bank receipts, or court documents.

Preserve them. Do not assume they are real.

Authorities may verify:

  1. document number;
  2. issuing office;
  3. name on document;
  4. photo;
  5. signature;
  6. QR code;
  7. formatting;
  8. date;
  9. seal;
  10. whether document was altered.

Using fake documents may support falsification-related charges.

62. If the Scammer Used Someone Else’s ID

Scammers often send stolen IDs to gain trust. The person on the ID may also be a victim.

Do not automatically accuse the ID owner unless there is evidence that they controlled the scam.

Provide the ID to authorities and explain how it was used.

63. Avoid Public Accusations Without Proof

Posting the scammer’s name, photo, or ID online may expose the victim to defamation, privacy, or harassment claims if the identification is wrong.

A safer public warning is:

I was scammed by an account using the name [account name] and payment details [limited details]. I have reported the matter to authorities. Please verify carefully before transacting.

Avoid posting full IDs, addresses, account numbers, or private data.

64. Public Warning Posts

Public warnings can help others, but should be factual.

A careful post may include:

  1. platform account name;
  2. general description of scam;
  3. date of incident;
  4. instruction to avoid transacting;
  5. statement that matter has been reported;
  6. no threats;
  7. no unsupported accusations;
  8. no unnecessary private information.

Avoid statements like “this person is a criminal” unless legally established.

65. If the Scammer Threatens You

Threats may create additional offenses.

Preserve:

  1. threatening messages;
  2. call recordings, if lawfully obtained;
  3. screenshots;
  4. phone numbers;
  5. names;
  6. threats to family;
  7. threats to release images;
  8. threats of violence;
  9. threats of fake cases.

Report immediately, especially if there is risk of physical harm or sextortion.

66. If Your Account Was Used to Scam Others

If your account was hacked and used to scam people:

  1. secure the account;
  2. warn contacts;
  3. report hacking to platform;
  4. report to cybercrime authorities;
  5. preserve login alerts;
  6. save messages sent by hacker;
  7. file identity theft or account takeover report;
  8. coordinate with victims;
  9. request platform logs through proper process;
  10. avoid deleting evidence before saving it.

You may need to prove you were also a victim, not the scammer.

67. If Your Name or Photo Was Used

If your identity was used in a scam:

  1. screenshot fake account;
  2. save profile URL;
  3. report impersonation to platform;
  4. file cybercrime report;
  5. file data privacy complaint if personal data was misused;
  6. issue factual advisory through official account;
  7. notify contacts;
  8. preserve messages from victims;
  9. gather proof of your real identity;
  10. request takedown.

Identity theft can damage reputation and may expose you to wrongful accusations.

68. If the Scam Involves a Business

A business victim should preserve:

  1. invoices;
  2. purchase orders;
  3. emails;
  4. supplier messages;
  5. bank transfer records;
  6. delivery documents;
  7. corporate approvals;
  8. employee communications;
  9. fake vendor documents;
  10. internal incident report.

Business email compromise should be handled urgently because funds may be large.

69. Business Email Compromise

Business email compromise occurs when scammers impersonate executives, suppliers, clients, or finance officers to redirect payments.

Signs include:

  1. sudden change in bank details;
  2. urgent payment request;
  3. similar but fake email domain;
  4. hacked supplier email;
  5. invoice with altered account number;
  6. pressure to bypass approval;
  7. confidentiality request;
  8. unusual grammar or formatting.

Report to bank, cybercrime authorities, and affected business partners immediately.

70. Internal Employee Involvement

If an employee assisted the scam, the business may pursue:

  1. internal investigation;
  2. administrative discipline;
  3. criminal complaint;
  4. civil recovery;
  5. data privacy breach response;
  6. audit of controls;
  7. freezing of access;
  8. preservation of logs and devices.

Observe labor due process before imposing discipline.

71. What Happens After Filing a Complaint?

After filing, possible steps include:

  1. evaluation of complaint;
  2. interview of complainant;
  3. request for additional documents;
  4. preservation requests to platforms or providers;
  5. tracing of payment accounts;
  6. coordination with banks or e-wallets;
  7. identification of suspect;
  8. subpoena or lawful requests for records;
  9. preliminary investigation;
  10. filing of information in court if probable cause exists;
  11. trial;
  12. judgment and civil liability.

The process may take time, especially if the scammer used fake identities.

72. Preliminary Investigation

In cases requiring preliminary investigation, the respondent may be asked to submit a counter-affidavit. The prosecutor determines whether probable cause exists.

The complainant should attend proceedings, submit additional evidence when required, and update contact information.

73. Court Case

If charges are filed, the case proceeds in court. The victim may need to testify and authenticate evidence.

The victim should preserve original devices and records throughout the case.

74. Restitution and Civil Liability in Criminal Case

If the accused is convicted, the court may order civil liability such as restitution, indemnity, or damages.

However, recovery depends on the accused’s ability to pay and available assets.

75. Prescription and Timeliness

Cybercrime and fraud complaints are subject to legal time limits depending on the offense. Victims should not delay.

Even if a complaint is still legally possible, delay may make evidence harder to obtain.

Report as soon as possible.

76. Jurisdiction and Venue

Cybercrime cases may involve complex venue issues because the victim, scammer, platform, server, and payment account may be in different locations.

A complaint may be filed where the victim resides, where the offense was accessed or consummated, where payment was sent or received, or where authorities have jurisdiction depending on the facts and law.

Law enforcement or prosecutors may advise on proper venue.

77. If the Scammer Is Abroad

If the scammer is outside the Philippines, reporting is still useful, but enforcement may be more difficult.

Issues include:

  1. foreign platform data;
  2. international bank accounts;
  3. extradition limits;
  4. mutual legal assistance;
  5. fake identities;
  6. cryptocurrency transfers;
  7. foreign law enforcement coordination.

Even when recovery is difficult, reports help document the crime and may support platform takedown or financial investigation.

78. If the Victim Is Abroad

A Filipino abroad who was scammed by someone in the Philippines may still report. They may coordinate with:

  1. Philippine cybercrime authorities;
  2. Philippine embassy or consulate for document notarization or authentication;
  3. Philippine counsel;
  4. local law enforcement abroad;
  5. bank or e-wallet provider;
  6. platform.

Affidavits executed abroad may need proper consular or apostille formalities depending on use.

79. If the Scam Uses a Foreign Platform

Many scams occur on foreign platforms. Philippine authorities may still investigate, but platform records may require formal requests.

Victims should provide:

  1. exact URLs;
  2. account IDs;
  3. usernames;
  4. screenshots;
  5. dates and times;
  6. report confirmation numbers;
  7. email headers or technical data.

80. Data Privacy Complaint

A data privacy complaint may be appropriate when scammers or abusive lenders misuse personal data.

Examples:

  1. posting IDs online;
  2. using stolen selfies;
  3. opening accounts using victim’s data;
  4. harvesting contact lists;
  5. messaging contacts to shame borrower;
  6. leaking private information;
  7. unauthorized processing by a company;
  8. failure of a company to secure data.

A data privacy complaint may be filed separately from cybercrime and fraud complaints.

81. Consumer Complaint

If the scammer is a registered business or merchant, consumer remedies may apply.

Examples:

  1. paid product not delivered;
  2. deceptive online selling;
  3. false advertising;
  4. defective product;
  5. refusal to refund;
  6. misrepresentation by seller;
  7. fake warranty;
  8. misleading promo.

Consumer remedies may be useful when the dispute is with a real business rather than an anonymous scammer.

82. SEC Complaint for Investment Scam

If the scam involves investment solicitation, the securities regulator may investigate.

Report when there are:

  1. investment contracts;
  2. pooled funds;
  3. guaranteed returns;
  4. referral commissions;
  5. unregistered securities;
  6. crypto investment platform;
  7. fake corporation;
  8. lending investment program;
  9. farm, franchise, or trading scheme promising returns;
  10. Ponzi-like structure.

Include advertisements, group chats, payment records, and names of promoters.

83. DOLE or POEA/DMW-Related Job Scams

For employment scams, especially overseas job scams, report to labor or migrant worker authorities where appropriate.

Evidence includes:

  1. job post;
  2. recruiter name;
  3. agency name;
  4. placement fee demand;
  5. payment receipts;
  6. fake contract;
  7. fake visa;
  8. interview messages;
  9. promised country and employer;
  10. license claims.

Illegal recruitment may be involved.

84. What If the Scammer Is a Minor?

If the alleged scammer is a minor, juvenile justice rules may apply. The victim may still report, but handling differs.

Authorities may involve:

  1. social welfare officer;
  2. barangay child protection mechanisms;
  3. diversion processes;
  4. parents or guardians;
  5. prosecutor or court where required.

The victim’s right to restitution may still be considered.

85. What If the Victim Accidentally Participated as a Money Mule?

Some victims are tricked into receiving and forwarding money.

If you suspect you were used as a mule:

  1. stop transactions immediately;
  2. preserve all communications;
  3. report to your bank;
  4. report to authorities;
  5. do not spend the funds;
  6. identify who instructed you;
  7. cooperate with investigation;
  8. seek legal advice.

Continuing to move funds after suspicion may create legal risk.

86. Money Mule Recruitment

Scammers recruit people to receive funds by offering:

  1. commission per transfer;
  2. “payment processor” job;
  3. use of e-wallet account;
  4. rental of bank account;
  5. SIM registration for others;
  6. crypto conversion job;
  7. online task work involving transfers.

Do not lend or sell bank accounts, e-wallets, SIMs, or IDs.

87. Protecting Yourself After Filing

After filing, protect yourself from further harm:

  1. block scammer after preserving evidence;
  2. secure accounts;
  3. alert contacts;
  4. monitor bank and e-wallet accounts;
  5. check credit records where applicable;
  6. replace compromised SIM or card;
  7. change passwords;
  8. report fake accounts;
  9. avoid responding to threats alone;
  10. keep all new messages from scammer.

88. Emotional and Practical Impact

Scam victims often feel shame, anger, or fear. These reactions are normal. Scams are designed to manipulate urgency, trust, fear, greed, romance, or confusion.

Do not let embarrassment prevent reporting. Early reporting helps protect both the victim and others.

89. Prevention Tips

To avoid cybercrime scams:

  1. verify seller identity;
  2. avoid paying full amount upfront to unknown sellers;
  3. use platform escrow where available;
  4. check reviews but beware fake reviews;
  5. do reverse image search for product photos;
  6. verify business registration;
  7. call official numbers from official websites;
  8. never share OTP or MPIN;
  9. do not click suspicious links;
  10. enable two-factor authentication;
  11. use strong passwords;
  12. verify investment registration and authority;
  13. avoid guaranteed-return offers;
  14. avoid advance fee loan offers;
  15. inspect URLs carefully;
  16. do not use public Wi-Fi for financial transactions;
  17. keep devices updated;
  18. avoid installing unknown APKs;
  19. monitor account activity;
  20. trust caution over urgency.

90. Red Flags of Cybercrime Scams

Common red flags include:

  1. deal is too good to be true;
  2. seller refuses meet-up or video verification;
  3. payment must be sent immediately;
  4. name on payment account differs from seller;
  5. seller uses newly created account;
  6. no legitimate business address;
  7. poor grammar in official messages;
  8. fake urgency;
  9. request for OTP or password;
  10. investment guarantees high returns;
  11. loan requires upfront fee;
  12. buyer sends suspicious payment link;
  13. customer support contacts you from personal account;
  14. seller blocks questions;
  15. website URL is misspelled;
  16. seller asks to continue outside official platform;
  17. account uses stolen photos;
  18. demand for secrecy;
  19. repeated additional fees;
  20. refusal to provide official receipt.

91. Practical Checklist: Before Filing

Before filing, gather:

  1. valid ID;
  2. written timeline;
  3. screenshots of scam account;
  4. screenshots of conversation;
  5. account links and URLs;
  6. payment receipts;
  7. bank or e-wallet statement;
  8. recipient account details;
  9. phone numbers and emails;
  10. platform report confirmation;
  11. bank or e-wallet ticket number;
  12. fake documents;
  13. witness names;
  14. other victim details, if any;
  15. affidavit draft.

92. Practical Checklist: What to Ask Authorities

When reporting, ask:

  1. what offense may apply;
  2. what additional evidence is needed;
  3. whether a complaint-affidavit is required;
  4. whether original device must be preserved;
  5. whether bank or e-wallet records should be requested;
  6. whether they can send preservation requests;
  7. where to file if venue is an issue;
  8. whether other victims can join;
  9. whether civil recovery is possible;
  10. what reference number proves the report.

93. Practical Checklist: Bank or E-Wallet Report

Provide:

  1. sender account;
  2. recipient account;
  3. transaction date and time;
  4. amount;
  5. reference number;
  6. fraud explanation;
  7. police or cybercrime report if available;
  8. screenshots;
  9. request for freeze or investigation;
  10. contact details.

94. Practical Checklist: Platform Report

Report and preserve:

  1. profile link;
  2. listing link;
  3. group link;
  4. message thread;
  5. fake page;
  6. transaction details;
  7. scam category;
  8. impersonation proof, if any;
  9. request for takedown;
  10. report confirmation.

95. Common Mistakes by Victims

Victims often weaken cases by:

  1. deleting chats;
  2. failing to save URLs;
  3. saving only cropped screenshots;
  4. waiting too long to report;
  5. sending more money;
  6. confronting scammer before preserving evidence;
  7. posting private data online;
  8. threatening the scammer;
  9. relying only on platform report;
  10. not reporting to payment provider;
  11. failing to get ticket numbers;
  12. using unofficial recovery services;
  13. losing access to hacked accounts;
  14. not preparing a timeline;
  15. assuming small scams cannot be reported.

96. Common Defenses of Accused Scammers

An accused person may claim:

  1. transaction was legitimate;
  2. delivery was delayed, not fraudulent;
  3. payment was for another purpose;
  4. account was hacked;
  5. they were only a payment receiver;
  6. they were also scammed;
  7. they refunded the money;
  8. screenshots are incomplete;
  9. complainant edited messages;
  10. complainant assumed risks;
  11. no deceit was used;
  12. wrong person was identified.

Complete evidence helps overcome these defenses.

97. What Makes a Complaint Strong?

A strong cybercrime scam complaint usually has:

  1. clear false representation;
  2. proof victim relied on it;
  3. proof of payment;
  4. proof of failure to deliver or perform;
  5. scammer account link;
  6. recipient payment details;
  7. complete chat history;
  8. prompt report;
  9. evidence linking respondent to account;
  10. organized timeline and annexes.

98. What Makes a Complaint Weak?

A complaint may be weak if:

  1. no proof of payment;
  2. no scammer account link;
  3. only cropped screenshots;
  4. no evidence of false promise;
  5. respondent is unknown and untraceable;
  6. payment was made to a different person without explanation;
  7. complainant deleted messages;
  8. transaction appears to be ordinary civil dispute;
  9. complainant cannot show damage;
  10. evidence was edited.

Weakness does not always mean no case, but more supporting evidence may be needed.

99. Civil Dispute Versus Scam

Not every failed online transaction is a crime. Some are civil disputes.

A case may be civil if:

  1. seller intended to deliver but failed due to genuine issue;
  2. parties disagree about quality or terms;
  3. refund is delayed but merchant is identifiable and communicating;
  4. there was no deceit at the start;
  5. business failure occurred after a genuine transaction.

A case is more likely a scam if:

  1. seller used fake identity;
  2. seller never had the item;
  3. same account scammed many victims;
  4. seller blocked after payment;
  5. payment account differs suspiciously;
  6. fake receipts or fake tracking were used;
  7. false documents were sent;
  8. promises were impossible or deceptive from the start.

100. Conclusion

Filing a cybercrime scam complaint in the Philippines requires speed, documentation, and the correct reporting channels. The victim should first preserve evidence, save screenshots and URLs, secure accounts, report to the bank or e-wallet provider, report the account to the platform, and file with cybercrime authorities where appropriate.

The complaint should clearly show what the scammer represented, how the victim relied on it, how much was paid, where the payment went, what evidence links the scammer to the account, and what damage resulted. A well-prepared complaint includes a sworn affidavit, organized annexes, transaction receipts, complete chat history, account links, and a clear timeline.

Cybercrime scam cases may involve estafa, computer-related fraud, identity theft, phishing, illegal access, data privacy violations, securities violations, consumer fraud, or other offenses. The exact charge depends on the facts. Victims do not need to solve every legal classification before reporting; they need to present complete and truthful evidence.

The most important practical rule is to act quickly. Report to payment providers before funds disappear, preserve digital evidence before accounts are deleted, and avoid sending more money. Cybercrime complaints are strongest when the victim responds promptly, documents carefully, and uses official legal channels rather than threats, public shaming, or unverified recovery services.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login