How to File Case Against Online Scammer Impersonating Foreigner

How to File a Case Against an Online Scammer Impersonating a “Foreigner” (Philippine Guide)

This is general information for Philippine readers and not a substitute for legal advice. If you can, consult a lawyer early—especially when money or sensitive data is involved.

The short version

  1. Secure and preserve evidence (don’t delete chats; export copies; keep originals).
  2. Identify the offense(s) (estafa, computer-related identity theft, etc.).
  3. Report immediately to NBI Cybercrime Division or PNP Anti-Cybercrime Group for case build-up and data preservation orders.
  4. Prepare a complaint-affidavit (with annexes) and file with the Office of the City/Provincial Prosecutor that has venue.
  5. Pursue related remedies (bank/e-wallet disputes, Data Privacy complaint, platform takedowns).
  6. Follow the preliminary investigation through to the filing of an Information in the proper Regional Trial Court (Special Cybercrime Court).
  7. Claim civil damages in the criminal case, or file a separate civil/small-claims action.

What crimes typically apply

An online scammer “posing as a foreigner” doesn’t change the nature of the offense; the law looks at acts and results, not the nationality they claim. These are the usual bases:

  • Estafa (swindling) under the Revised Penal Code (RPC, Art. 315) – deceit + damage (e.g., you were induced to send money/goods). When estafa is done through ICT (apps, social media, e-wallets, email), the Cybercrime Prevention Act of 2012 (RA 10175, Sec. 6) generally makes the penalty one degree higher.

  • Computer-Related Identity Theft (RA 10175, Sec. 4(b)(3)) – “acquisition, use, misuse, transfer, possession, alteration, or deletion of identifying information belonging to another, without right.” If the scammer used a real person’s name/photos/passport—especially a real foreigner—this fits.

  • Computer-Related Fraud (RA 10175, Sec. 4(b)(2)) – manipulation of computer data or systems with fraudulent intent.

  • Using a fictitious name / concealing true name (RPC, Art. 178) – often added where appropriate.

  • If applicable, special laws:

    • Data Privacy Act (RA 10173) – unauthorized processing or misuse of personal data.
    • Access Devices Law (RA 8484) – if credit/debit cards or access devices are abused.
    • Anti-Photo and Video Voyeurism (RA 9995) or Anti-Child Pornography (RA 9775) – if “sextortion” or sexual images are involved.

Tip: You don’t have to pick only one. Prosecutors often combine estafa (for the loss) with computer-related identity theft/fraud (for the online modality).

Jurisdiction, venue, and cross-border issues

  • You can file in the Philippines if any element occurred here (e.g., you received the deceiving messages here, sent money from here, or suffered loss here).
  • RA 10175 allows extraterritorial application in several scenarios (e.g., when a Filipino or a Philippine computer system is involved), which helps if the scammer is abroad.
  • Criminal complaints are first filed with the City/Provincial Prosecutor for preliminary investigation. Trials go to Regional Trial Courts designated as Special Cybercrime Courts.
  • If the scammer is unknown (“John/Jane Doe”), you may still open a case and request law-enforcement build-up (subpoenaing platforms, telcos, banks/e-wallets).
  • Barangay conciliation usually does not apply to cybercrime (different localities, unknown address, or offenses punishable by more than 1 year).

Evidence: what to keep, how to preserve, and why it matters

Under the Rules on Electronic Evidence, electronic documents are admissible if you can show authenticity and integrity. Do this:

Capture and preserve

  • Keep originals on your device/service. Don’t edit or “forward” as your sole copy.
  • Export chats/messages (Telegram/FB/WhatsApp/IG), download email headers, and save HTML/PDF copies.
  • Screenshots are fine as working copies, but keep the native files too. Try to capture the system clock in screen recordings.
  • Save filenames with dates; keep a simple log (who/what/when/how much).
  • Bank/e-wallet proofs: receipts, reference numbers, transaction IDs; if crypto, TXIDs and wallet addresses.
  • Account links: profile URLs/handles, phone numbers, email addresses, IPs (if any), courier receipts, GCASH/Maya reference nos., etc.

Avoid spoliation

  • Don’t block or delete until you’ve captured the content.
  • Don’t “clean” your device. Forensic artifacts (cookies, logs) can help tie the account to a person.

Move fast on data preservation

  • Ask NBI/PNP to issue preservation requests to platforms/telcos/banks under RA 10175 (Sec. 15) so logs aren’t auto-deleted.
  • Because of the SIM Registration Act (RA 11934), subscriber data may be traceable (subject to due process, e.g., subpoena/court order).

Exactly where to go and what to file

1) Law-enforcement intake (recommended first)

  • NBI Cybercrime Division or PNP Anti-Cybercrime Group: bring your ID, narrative, and evidence bundle.

  • They can:

    • Help identify offenses and prepare a complaint-affidavit;
    • Seek preservation and later disclosure of platform/telco/bank records;
    • Coordinate case build-up (e.g., tracing e-wallet KYC, IP logs, CCTV at cash-out points).

2) Prosecutor’s Office (criminal case)

  • File a Complaint-Affidavit with annexes at the Office of the City/Provincial Prosecutor where any element occurred (e.g., where you sent the funds, where you received the deceitful message).

  • What to submit:

    • Complaint-Affidavit (notarized/subscribed before the prosecutor) narrating facts chronologically;
    • Annexes: compiled evidence with exhibit labels;
    • Witness affidavits, if any;
    • IDs and proof of authority if you represent a company.

  • Preliminary investigation follows: the prosecutor subpoenas respondents, receives counter-affidavits, and issues a Resolution. If probable cause is found, an Information is filed in court.

3) Parallel remedies (often at the same time)

  • Bank/e-wallet dispute/chargeback/fraud report: earlier is better; provide your police/NBI reference if available.
  • Data Privacy Complaint (National Privacy Commission) if your personal data was misused or disclosed.
  • Platform takedown: report the account/profile/pages and submit your police/NBI reference.
  • Civil action: You may (a) let civil liability be included in the criminal case, (b) file a separate civil action for damages (Civil Code Arts. 19/20/21, or quasi-delict), or (c) use Small Claims (useful for purely money claims up to the current small-claims ceiling; check the latest limit before filing).

Penalties and money recovery, in plain terms

  • Estafa penalties scale with the amount defrauded (the thresholds were adjusted by RA 10951). If done via ICT, expect a one-degree higher penalty under RA 10175.
  • Computer-related identity theft/fraud are punishable with imprisonment and fines under RA 10175.
  • Civil damages may be awarded (actual loss, moral/exemplary damages, attorney’s fees).
  • Asset freezing/forfeiture can be pursued via law enforcement and, where appropriate, the AMLC (especially for larger or patterned transactions).

Step-by-step checklist (you can literally follow this)

  1. Make a working evidence folder. Put raw exports, screenshots, receipts, and a simple timeline.
  2. List every identifier tied to the scammer (usernames, URLs, phone/email, bank/e-wallet details, courier info, crypto wallets).
  3. Compute your loss (principal + fees/shipping/forex).
  4. Report to NBI/PNP; request data preservation on platforms/telcos/banks/e-wallets.
  5. Draft your Complaint-Affidavit (see template below) and file with the Prosecutor (bring original ID; sign before prosecutor or a notary).
  6. Submit platform/bank reports and note reference numbers.
  7. Track the prosecutor’s subpoena (ask for the IS/Case number) and respond to any clarifications.
  8. If identity becomes known, law enforcement may apply for cyber warrants (search/seizure/disclosure of computer data) to complete attribution.
  9. Decide on civil strategy (join in the criminal case or file separate/small-claims).
  10. Keep all communications from authorities and service providers in your folder.

Venue pointers (to avoid dismissal)

  • You can generally file where you sent the money, received the deceit, kept your affected account, or where a device used in the offense is located.
  • If multiple places are involved, pick one and justify it in your affidavit (“I sent ₱___ from my bank in ___ City; I received the deceitful messages in ___ City”).
  • If the respondent is unknown or abroad, say so and emphasize that elements and loss occurred in the Philippines.

Practical affidavit template (fill-in outline)

Title: Complaint-Affidavit for Estafa (Art. 315), Computer-Related Identity Theft and Fraud (RA 10175) Complainant: [Your full name], Filipino, of legal age, [civil status], with address at [complete address]. Respondent/s: [Name/s if known], a.k.a. “[username/handle]”, and John/Jane Doe.

  1. Introduction. I am filing this Complaint-Affidavit to charge the Respondent/s with Estafa under Article 315 of the RPC, in relation to RA 10175, and Computer-Related Identity Theft/Fraud under RA 10175, as the facts show.
  2. Chronology. (Dates/times; where you were; platform used; what they said; why you believed them; amounts sent; where/how sent; delivery/non-delivery.)
  3. Impersonation details. (State that Respondent pretended to be a foreign national; attach screenshots/links; if a real person was impersonated, note proof.)
  4. Loss/Damage. (Exact amounts; attach proofs; emotional distress if claiming moral damages in civil aspect.)
  5. Elements of the offenses. (Tie facts to deceit + damage; use of ICT; unauthorized use of identity/information.)
  6. Venue/Jurisdiction. (Why the prosecutor has venue; where elements occurred.)
  7. Reliefs. (Find probable cause; file Information in court; issue subpoenas to platforms/telcos/banks to identify Respondent and secure records; include civil liability.)

Annexes: A – Chat export; B – Screenshots; C – Transaction receipts; D – Platform report receipts; E – Your ID; F – Any witness affidavit; G – Proof that the identity used belongs to someone else (if available).

Jurat: (Subscribed and sworn to before the prosecutor/notary, with ID details and date.)

Common fact patterns and how they map to charges

  • Romance/“US soldier/engineer” scamEstafa + Computer-Related Identity Theft; sometimes Data Privacy if your photos/data were harvested and reused.
  • Investment/crypto flipping with bogus “foreign fund manager” → Estafa + Computer-Related Fraud; possibly Securities issues if public solicitation (report also to SEC).
  • Parcel/customs fee ruse (“I sent gifts from abroad; pay clearance”) → Estafa; supporting evidence: fake airway bills, fake BOC emails.
  • Sextortion by “foreigner” → Estafa (if money extorted), Anti-Voyeurism (RA 9995), and RA 10175 offenses.
  • Account takeovers leading to requests to your friends → Illegal Access + Computer-Related Identity Theft + Estafa.

Timelines, costs, and expectations

  • No filing fee for criminal complaints; you’ll spend for printing/notarization and (optionally) counsel.
  • Preliminary investigation often takes weeks to a few months. Complex cyber attributions can take longer—hence the value of early preservation.
  • Recovery of funds is not guaranteed, but quick bank/e-wallet reports, asset freezing, and civil claims increase your chances.

Good practices that strengthen your case

  • Name your files sensibly (e.g., 2025-08-31_GCash_Ref123456.pdf).
  • Authenticate exports (email headers, chat exports) and keep device originals.
  • Keep an event log (date–action–who you spoke with–reference numbers).
  • Don’t negotiate with the scammer once you decide to pursue a case—stop contact after preservation.
  • Don’t publicly dox; let authorities handle it (defamation and privacy issues can boomerang).

FAQs

Q: I never learned the real identity. Can I still file? Yes. File against John/Jane Doe with all available identifiers. Law enforcement can subpoena platforms/telcos/banks for KYC/IP logs.

Q: What if I sent money via e-wallet or remittance? Keep reference numbers and time stamps. Those enable tracing to cash-out points and KYC’d accounts.

Q: Can I sue for damages only? Yes. You can reserve the civil action in the criminal case or file separately (including Small Claims for purely money claims up to the current ceiling).

Q: The scammer used my photos/name to fool others. You may file Computer-Related Identity Theft and a Data Privacy complaint, plus request platform takedowns.

Final reminders

  • Speed matters. Platform and telco logs can expire—ask for preservation right away.
  • Completeness beats volume. A clean timeline + clearly labeled exhibits persuades prosecutors.
  • Stay safe. If threats arise, keep copies off-device and inform authorities.

If you want, I can turn this into a fillable complaint-affidavit template and a one-page evidence checklist you can print and use.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login