How to File an Estafa or Online Scam Complaint in the Philippines

A practical legal guide for victims of fraudulent online transactions, identity-based scams, and internet-enabled swindling.

1) Estafa and “Online Scam”: What the Law Actually Covers

A. What “Estafa” means under Philippine law

“Estafa” is swindling. It is a criminal offense under the Revised Penal Code (RPC), Article 315, generally punished when a person defrauds another through deceit or abuse of confidence, causing damage or prejudice (usually financial loss).

While “online scam” is not a single named crime in the RPC, most online scams are charged as one (or more) of the following:

  • Estafa (RPC Art. 315) – the most common charge for scams involving deception, misrepresentation, or misuse of money/property entrusted by the victim.
  • Other Deceits (RPC Art. 318) – for certain fraudulent acts that do not neatly fit the classic estafa modes.
  • Bouncing Checks (Batas Pambansa Blg. 22 / BP 22) – if payment or “refund” is made with a worthless check.
  • Access Devices and payment fraud offenses (e.g., credit card misuse) – often under special laws when a card/account is involved.
  • Theft / Qualified Theft – if property is taken without consent (sometimes relevant to account takeovers by insiders).

B. Cybercrime layer: when the scam is done online

If the scam is committed by, through, and with the use of information and communications technology (ICT) (social media, messaging apps, e-commerce platforms, email, websites, online banking/e-wallets), prosecutors often consider:

  • Cybercrime Prevention Act (RA 10175)

    • It penalizes computer-related fraud and also recognizes that traditional crimes (like estafa) may be prosecuted when committed through ICT, often pleaded as: “Estafa under Article 315 of the Revised Penal Code, in relation to Section 6 of RA 10175.”
    • Cybercrime framing can affect investigation tools, jurisdiction, and sometimes penalty treatment under the statute.

Key idea: “Online scam” is usually estafa, sometimes computer-related fraud, and often charged with a cybercrime “in relation to” component when ICT is central to how the deception and loss occurred.

2) Common Online Scam Patterns and Their Usual Criminal Theories

A. Online selling / “item not delivered” scams

Typical facts: seller posts goods, victim pays, seller disappears or blocks the victim. Typical charge: Estafa (deceit / false pretenses); sometimes pled in relation to RA 10175.

B. Investment / crypto / “guaranteed returns” schemes

Typical facts: victim is lured to invest; promised high returns; withdrawals blocked; “fees” demanded. Typical charges: Estafa, possibly violations of securities-related laws if it involves unregistered securities / solicitation (often also reported to the SEC), and cybercrime-related pleading if done online.

C. Phishing, account takeover, OTP/social engineering scams

Typical facts: victim is tricked into revealing OTP/PIN/password; funds transferred out. Typical charges: can include estafa, computer-related fraud, and other cybercrime provisions depending on how the access/transfer occurred.

D. Romance scams / impersonation / “emergency” money requests

Typical facts: fake identity builds trust; asks for money; excuses; continuous demands. Typical charge: Estafa (deceit); cybercrime-related pleading if online-based.

3) Before Filing: Do These Immediately (They Matter Legally)

A. Preserve evidence (do not “clean up” the trail)

Online scam cases are won or lost on evidence. Take steps that preserve authenticity:

  1. Save conversations in original form

    • Keep full chat threads (not only cropped screenshots).
    • If the platform allows export/download, do it.

  2. Screenshot with context

    • Include the scammer’s profile page, username/URL, timestamps, and the conversation showing the representations made.

  3. Keep transaction proofs

    • Bank transfer receipts, e-wallet reference numbers, payment gateway confirmations, remittance slips, delivery booking attempts, etc.

  4. Record identifiers

    • Account numbers, wallet numbers, QR codes, order IDs, tracking numbers, profile links, email headers, phone numbers.

  5. Back up originals

    • Store copies in two separate locations (e.g., phone + secure drive).

  6. Do not edit images/files

    • Avoid cropping that removes timestamps/usernames; avoid “beautifying” screenshots. If you must crop, keep an uncropped original too.

B. Make a timeline while memory is fresh

Write down (with dates/times):

  • first contact
  • promises/representations
  • payments made and amounts
  • follow-ups and excuses
  • demand/refund request (if any)
  • when you were blocked / they disappeared

A clear timeline is extremely helpful for the complaint-affidavit and for prosecutors who will decide probable cause.

C. Report quickly to platforms and financial channels (separately from filing a criminal case)

These are not substitutes for a criminal complaint, but they can help reduce further harm:

  • Report the profile/account to the platform (marketplace/social media/messaging app).

  • Report the transaction to the bank/e-wallet immediately.

    • Some channels may act on fraud reports, flag accounts, or guide you through dispute procedures (especially for card payments/chargebacks).
    • Note: retrieval/freezing of funds often requires legal process; do not assume a bank can simply “return” money without basis.

4) Where to File in the Philippines (Criminal Route)

In Philippine practice, most criminal cases begin through a complaint filed for preliminary investigation with the prosecutor’s office, often with help from law enforcement.

A. Main filing options

  1. Office of the City/Provincial Prosecutor (DOJ prosecutors)

    • This is the formal track for criminal charging.
    • You file a Complaint-Affidavit with supporting evidence.

  2. PNP Anti-Cybercrime Group (PNP-ACG)

    • Common entry point for online scam victims.
    • They may assist in evidence evaluation, case build-up, and coordination.

  3. NBI Cybercrime Division

    • Another primary investigative body for cyber-enabled offenses.
    • Can assist in technical tracing and documentation.

Practical approach: Many victims first go to PNP-ACG or NBI for documentation and investigative help, then proceed to the prosecutor’s office for preliminary investigation and filing.

B. Regulators/administrative complaints (parallel options)

Depending on the scam type, you may also report to:

  • SEC (investment solicitation, “trading platforms,” “investment clubs,” unregistered schemes)
  • DTI (consumer complaints involving online sellers—often best when the seller is identifiable and the issue is transactional)
  • NPC / Data Privacy concerns (if sensitive personal data is misused), though this is usually separate from the main fraud case

These can run in parallel with a criminal complaint, but they are not replacements for criminal prosecution if the goal is to pursue estafa.

5) Venue and Jurisdiction: Where You’re Allowed to File

A. General criminal venue principle

Criminal cases are generally filed where the offense was committed, but fraud and online transactions can be “transitory” (parts happen in different places).

For estafa and online scams, prosecutors typically consider where key elements occurred, such as:

  • where the deceptive representations were received/read
  • where the payment was made/sent
  • where the victim suffered damage (often the victim’s location when acting on the deceit)
  • where the suspect is located (if known)

B. Cybercrime considerations

When ICT is central, cybercrime pleading can expand how jurisdiction is assessed and allows specialized cybercrime procedures. In practice, victims commonly file:

  • where the victim resides or transacted, or
  • where law enforcement can practically investigate and the prosecutor can serve processes.

Important: Correct venue helps avoid dismissal or long delays. If the suspect’s address is unknown, cases may be archived until service becomes possible—so providing any workable address or location information matters.

6) The Core Document: The Complaint-Affidavit

A criminal case for estafa/online scam commonly starts with a Complaint-Affidavit subscribed and sworn to before an authorized officer (often a prosecutor or notary public, depending on office practice).

A. What must be proven (estafa basics)

While estafa has different modes, the core themes are:

  • Deceit or abuse of confidence
  • Reliance by the victim (you acted because of what was represented)
  • Damage/prejudice (loss of money/property; measurable harm)
  • Connection between the deceit and the loss

B. What a strong complaint-affidavit contains

A clear affidavit usually includes:

  1. Your identity and capacity

    • name, age, address, contact details

  2. How you encountered the respondent

    • platform, username/profile, page link/identifier

  3. Exact fraudulent representations

    • what was promised (goods, service, investment return, job, loan approval, etc.)

  4. Your actions in reliance

    • what you did because you believed it (paid money, sent OTP, handed over details, etc.)

  5. Payments and amounts

    • dates, amounts, channels, reference numbers

  6. Non-performance and evasions

    • non-delivery, blocked communications, repeated demands for “fees,” etc.

  7. Demand and refusal (if applicable)

    • demand messages, deadlines, response (or silence)

  8. Resulting damage

    • exact amount lost; other expenses (if properly documented)

  9. The offenses charged

    • typically Estafa (RPC Art. 315); and when online-based, often in relation to RA 10175

  10. Attachments labeled as annexes

  • “Annex A” payment proof, “Annex B” screenshots, etc.

C. Charging language (typical practice)

Prosecutors often decide the final wording, but victims commonly allege:

  • Estafa (RPC Art. 315)
  • Estafa in relation to RA 10175 (when online/ICT is integral)

If uncertain whether cybercrime pleading applies, include the facts showing ICT use and let the prosecutor evaluate the best charging theory.

7) Evidence: What Prosecutors Actually Look For

A. Must-have attachments

  • Proof of payment: bank/e-wallet receipts, transaction IDs, screenshots + official confirmation messages
  • Conversation proof: chats where the offer/promise and payment instructions appear
  • Profile/account evidence: profile page screenshots, URLs, usernames, phone numbers
  • Demand/refund attempt: messages showing you asked for delivery/refund and they refused/ignored
  • Identity evidence (if any): government ID they sent, selfies, viber/telegram numbers, delivery addresses, bank account holder name (if displayed), etc.

B. Avoid common evidence mistakes

  • Submitting only cropped screenshots that remove the username or date/time
  • Providing a narrative without attaching transaction references
  • Not identifying the respondent beyond “a scammer on Facebook” (always capture the exact profile details)
  • Deleting chats or reinstalling apps (can destroy metadata)
  • Relying on hearsay posts instead of your own direct transaction evidence

C. Authenticating electronic evidence (Philippine court reality)

The Philippines recognizes electronic evidence, but it must be presented in an admissible way under:

  • Rules on Electronic Evidence, and
  • ordinary rules on authentication (a witness explains what the screenshots/files are and how they were obtained).

Practical steps that help:

  • Keep original files (not only printouts).

  • Prepare an affidavit statement explaining:

    • what device you used
    • when you accessed the chats
    • that screenshots are true and faithful representations
    • that you can identify the account and conversation

  • Keep the device available in case authenticity is challenged.

8) Step-by-Step: Filing the Criminal Complaint (Estafa / Online Scam)

Step 1: Prepare a case packet

  • Complaint-Affidavit (signed, sworn)
  • Annexes: evidence compiled and labeled
  • Photocopies of your valid government ID
  • Extra sets (many offices require multiple copies)

Step 2: File with the proper office

  • Submit to the Office of the City/Provincial Prosecutor with jurisdiction, or file through/with assistance of PNP-ACG or NBI Cybercrime who may help endorse or guide filing.

Step 3: Docketing and issuance of subpoena

If the complaint is sufficient on its face, the prosecutor will docket it and issue a subpoena to the respondent, attaching your complaint and annexes.

Step 4: Respondent’s counter-affidavit

The respondent is given a period (often around 10 days, extensions may be granted) to file:

  • Counter-Affidavit
  • Evidence/annexes
  • Affidavits of witnesses (if any)

Step 5: Your reply (optional/allowed by procedure)

You may be allowed to file a Reply-Affidavit, addressing defenses and clarifying facts.

Step 6: Clarificatory conference (if needed)

Some prosecutors set clarificatory hearings; others resolve based on affidavits.

Step 7: Resolution

The prosecutor determines whether there is probable cause.

  • If probable cause is found: an Information is filed in court.
  • If dismissed: remedies may include motions for reconsideration or appeal within the DOJ framework (subject to rules and timelines).

Step 8: Court proceedings

Once in court, the process commonly includes:

  • issuance of warrant or summons (depending on the case posture)
  • arraignment
  • pre-trial
  • trial
  • judgment (including civil liability if proven)

9) Cybercrime-Specific Investigation Tools (What Victims Should Know)

When cybercrime is involved, law enforcement may seek special court-authorized processes under Supreme Court cybercrime warrant rules, which can include orders to:

  • preserve computer data
  • disclose subscriber/account information
  • search and seize devices and examine computer data
  • intercept computer data in limited lawful circumstances (highly regulated)

Important: These are typically applied for by law enforcement (and reviewed by courts), not something a private complainant personally issues. The victim’s job is to provide enough identifiers and evidence so investigators have a basis to seek lawful orders.

10) Recovering Money: What Is Realistic and What Routes Exist

A. Criminal case and civil liability

In Philippine criminal practice, the civil action to recover damages is often impliedly instituted with the criminal case (unless reserved/waived). If the accused is convicted, the court may order:

  • restitution (return of what was taken)
  • reparation and other damages (as proven)

Reality check: A conviction does not automatically produce cash recovery if the accused has no traceable assets or cannot be found. Recovery improves when:

  • the suspect is identified early, and
  • accounts/assets are traceable and legally reachable.

B. Bank/e-wallet recovery paths

  • Card payments sometimes allow dispute/chargeback processes (time-sensitive and policy-based).
  • Transfers (bank-to-bank, e-wallet-to-e-wallet) are harder to reverse without the recipient’s consent or lawful compulsion.
  • Financial institutions are constrained by privacy, bank secrecy principles, and internal controls; they often require formal legal processes for disclosures/freezes.

C. Civil cases and small claims (when applicable)

Small claims is designed for straightforward money claims and may be available in some situations (e.g., clear unpaid obligations). But where the dispute is fundamentally fraud/delict-based, the more typical route is criminal prosecution with civil liability attached. The proper strategy depends on the facts and how the claim is framed.

11) Special Scenarios and Practical Notes

A. Unknown scammer: Can a case be filed against “John Doe”?

Yes. Complaints can be initiated even if the suspect’s legal name is unknown, provided you supply identifiers:

  • profile handles, URLs
  • phone numbers
  • account numbers / wallet numbers
  • transaction references
  • delivery addresses used
  • any real names shown on account displays

However, cases can stall if the respondent cannot be identified or served. Any additional traceable details significantly help.

B. Multiple victims

If several victims were scammed by the same account:

  • victims may file separately but coordinate evidence, or
  • file with aligned affidavits showing a pattern (useful to establish scheme and intent)

C. Barangay conciliation (Katarungang Pambarangay)

Many civil disputes between residents of the same locality require barangay conciliation first, but criminal cases like estafa are generally handled through the criminal justice system and are commonly not routed through barangay settlement requirements, especially when penalties are serious or when parties are not within the same barangay/city/municipality or the respondent is unknown. When in doubt, filing with the proper prosecutor or cybercrime desk avoids procedural dead-ends.

D. Demand letters and “refund deadlines”

A demand is not always a strict legal requirement for all estafa modes, but it often strengthens the narrative:

  • it shows you acted in good faith,
  • it documents refusal/evasion, and
  • it supports the inference of fraudulent intent in certain fact patterns (especially misuse of entrusted money).

12) A Victim’s Filing Checklist (Practical)

Identity & narrative

  • Government ID (copy)
  • Timeline of events (dated)
  • Complaint-Affidavit with clear, chronological narration

Platform/account evidence

  • Profile screenshots (username, URL, page details)
  • Chat thread screenshots (with timestamps and payment instructions)
  • Any voice notes/emails/SMS saved in original files

Payment evidence

  • Bank transfer slips / screenshots
  • E-wallet transaction references
  • Remittance receipts
  • Any “fees” paid after the first payment (often key in investment scams)

Post-transaction evidence

  • Proof of non-delivery / blocked account
  • Refund request / demand messages
  • Any admissions, excuses, or threats from the scammer

Organization

  • Annexes labeled (Annex “A”, “B”, “C”…), referenced in the affidavit
  • Extra printed sets and soft copies (as required by the receiving office)

13) Complaint-Affidavit Outline (Common Format)

  1. Caption (Office of the Prosecutor; your name as complainant; respondent name/“John Doe”)
  2. Personal circumstances (complainant details)
  3. Respondent identifiers (names/handles/accounts)
  4. Narration of facts (chronological, specific)
  5. Payments and loss (amounts, dates, reference numbers)
  6. Demand and respondent’s acts after payment
  7. Damage/prejudice (exact amount + documented expenses if any)
  8. Offenses charged (Estafa; plus cybercrime relation when appropriate)
  9. List of annexes
  10. Verification / jurat (sworn portion; signature and notarial/prosecutorial subscription)

14) Common Reasons Complaints Fail (and How to Avoid Them)

  • Vague facts (no dates, no amounts, no specific representations) → Use a timeline and transaction IDs.
  • Weak linkage to the respondent (no proof the account you paid is connected to the scammer’s identity) → Capture the payment instructions as given in chat and show the account details in the receipt.
  • Missing proof of deception (only “I was scammed”) → Show the specific promises and how they induced payment.
  • Evidence authenticity issues (edited screenshots only) → Keep originals, include full context, explain how obtained.
  • Service problems (no address, respondent untraceable) → Provide every possible identifier; file early; coordinate with cybercrime units.

15) Bottom Line

Filing an estafa/online scam complaint in the Philippines is a document-and-evidence-driven process: preserve the digital trail, build a clear affidavit with annexes, file through the prosecutor (often with PNP-ACG or NBI Cybercrime assistance), and be prepared for preliminary investigation before the case reaches court. The stronger and cleaner the evidence of deceit, reliance, and measurable loss—tied to traceable identifiers—the higher the chance of a finding of probable cause and meaningful remedies.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login