You are not helpless if an online lending app, fake loan agent, or “loan approval” scam took your money, used your ID, accessed your contacts, or threatened to shame you online. In the Philippines, the same incident may involve estafa, cybercrime, data privacy violations, unfair debt collection, and even financial account scams if bank accounts or e-wallets were used. The right filing strategy depends on what actually happened: Was there deceit before you paid? Was your identity used without consent? Did the app harvest your contact list? Did collectors threaten, harass, or publicly shame you? This guide explains how to classify the case, preserve evidence, choose the right office, and prepare a complaint that investigators and prosecutors can actually act on.
First, Identify What Kind of Case You Have
Online lending problems are not all the same. Some are loan disputes, some are abusive collection cases, and some are outright criminal scams.
| Situation | Possible case or remedy | Where it usually goes |
|---|---|---|
| You paid a “processing fee,” “unlocking fee,” “tax,” “insurance,” or “advance payment,” but no loan was released | Estafa; cybercrime if done through phone, app, website, chat, or online account | NBI Cybercrime Division, PNP Anti-Cybercrime Group, prosecutor’s office |
| A fake lender used a bank account, e-wallet, or mule account to receive scam payments | Estafa; cybercrime; possible violation of the Anti-Financial Account Scamming Act | NBI, PNP ACG, bank/e-wallet provider, BSP-regulated institution |
| A real online lending app contacts your phonebook, threatens public shaming, or sends humiliating messages | SEC complaint for unfair debt collection; NPC complaint for data privacy violations; possible criminal case if threats, coercion, or libel are involved | SEC, National Privacy Commission, NBI/PNP/prosecutor |
| Someone used your ID, selfie, phone number, or personal data to take a loan | Cyber identity theft; data privacy complaint; estafa if money or property was obtained through fraud | NBI/PNP cybercrime, NPC, concerned lending company |
| Collectors threaten to file estafa because you cannot pay a loan | Usually not estafa by itself if it is only non-payment of debt; harassment or illegal data processing may still be actionable | SEC, NPC, possibly police/NBI depending on threats |
The most important distinction is this: estafa focuses on fraud or deceit, while a simple inability to pay a loan is usually a civil or contractual issue. But if a person or app used lies, fake identities, unauthorized accounts, stolen IDs, or deceptive online systems to obtain money, the case can become criminal.
Legal Basis: Estafa, Cybercrime, Data Privacy, and Lending Rules
Estafa under Article 315 of the Revised Penal Code
Estafa is the Philippine crime of swindling. Under Article 315 of the Revised Penal Code, a person commits estafa when they defraud another through abuse of confidence, deceit, fraudulent acts, or similar schemes. For online loan scams, the most common theory is estafa by deceit: the scammer made false representations before or at the time the victim sent money, and the victim relied on those lies and suffered damage.
The Supreme Court has described the elements of estafa by deceit under Article 315(2)(a) as: false pretenses or fraudulent representations; the deceit was made before or at the same time as the fraud; the offended party relied on it and parted with money or property; and damage resulted. (Supreme Court E-Library)
In a fake online loan scam, examples of deceit may include:
- “Your loan is approved, but you must first pay a release fee.”
- “Send ₱5,000 as insurance and your ₱100,000 loan will be credited today.”
- “This is a legitimate lending company,” when the account, app, or agent is fake.
- “We are from a government-accredited financing office,” when no such authority exists.
- “You need to deposit money to verify your bank account,” but the money is simply stolen.
The penalties for estafa depend heavily on the amount involved. Republic Act No. 10951, enacted in 2017, updated the property-value thresholds under Article 315, including the brackets for estafa amounts above ₱40,000, ₱1.2 million, ₱2.4 million, and ₱4.4 million. (Supreme Court E-Library)
When an online loan scam becomes cybercrime
Republic Act No. 10175, the Cybercrime Prevention Act of 2012, applies when the fraud is committed through information and communications technology, including computers, mobile phones, smartphones, internet-connected devices, apps, websites, online accounts, and similar systems. The law expressly includes computer-related fraud and computer-related identity theft as cybercrime offenses. (Supreme Court E-Library)
This matters because many loan scams happen through:
- Facebook pages or ads
- Messenger, Viber, Telegram, WhatsApp, SMS, or email
- Fake lending apps
- Phishing links
- E-wallet transfers
- Fake customer service accounts
- Uploaded IDs and selfies
- Online forms that collect personal information
RA 10175 also provides that crimes under the Revised Penal Code and special laws, when committed by, through, and with the use of information and communications technology, are covered by the Cybercrime Prevention Act and may be punished one degree higher. (Supreme Court E-Library)
Cybercrime cases are generally handled by law enforcement cybercrime units and, once filed in court, by Regional Trial Courts with cybercrime jurisdiction. RA 10175 gives Philippine courts jurisdiction when an element of the offense was committed in the Philippines, when the computer system was located in the Philippines, or when damage was caused to a person in the Philippines. (Supreme Court E-Library)
Data privacy violations by online lending apps
Online lending apps often become legally problematic not only because of interest rates or collection calls, but because of how they collect, use, store, and disclose personal data.
Republic Act No. 10173, the Data Privacy Act of 2012, requires personal data processing to follow the principles of transparency, legitimate purpose, and proportionality. Personal information must be adequate, relevant, not excessive, and retained only as long as necessary for the declared purpose. (Supreme Court E-Library)
This is important for borrowers because many abusive lending apps request access to:
- Contacts
- Photos
- Camera
- Microphone
- Location
- SMS
- Device identifiers
- Social media accounts
A 2026 joint advisory by the DICT, NPC, and SEC specifically warned online lending platforms against unnecessary app permissions, unauthorized or excessive processing of contact lists, and using borrower data in ways that lead to harassment, intimidation, public shaming, or fraudulent debt collection. The advisory also emphasized that contacting people in the borrower’s address book is not allowed unless they are actual guarantors or properly identified references under lawful and proportionate processing.
The Data Privacy Act also penalizes acts such as unauthorized processing, processing for unauthorized purposes, unauthorized access, malicious disclosure, and unauthorized disclosure of personal or sensitive personal information. (Supreme Court E-Library)
SEC rules on online lending platforms and unfair collection
Lending companies in the Philippines are regulated by the Securities and Exchange Commission. Under Republic Act No. 9474, the Lending Company Regulation Act of 2007, a lending company must generally be a corporation and must have authority from the SEC to operate as a lending company. (Supreme Court E-Library)
For online lending platforms, the SEC has issued specific rules, including:
- SEC Memorandum Circular No. 18, Series of 2019 on the prohibition of unfair debt collection practices
- SEC Memorandum Circular No. 19, Series of 2019 on disclosure requirements for advertisements and reporting of online lending platforms (SEC Appointment System)
This means that even if a lending app is real and the borrower actually owes money, the app or collector cannot freely harass, shame, threaten, mislead, or misuse personal data.
Anti-Financial Account Scamming Act for bank and e-wallet scams
Republic Act No. 12010, the Anti-Financial Account Scamming Act, is relevant when the scam uses financial accounts such as bank accounts, e-wallets, or mule accounts. The law covers acts such as money muling, social engineering schemes, and misuse of sensitive identifying information in financial account scams. (Lawphil)
This is useful in online lending scams where victims are told to send payments to a bank account or e-wallet account controlled by a scammer or mule. The law also provides mechanisms for temporary holding of funds involved in disputed transactions, subject to the requirements of the law and implementing procedures. (Lawphil)
AFASA does not replace estafa or cybercrime charges. It expressly allows prosecution under other laws, including the Revised Penal Code and the Cybercrime Prevention Act, when the same facts support those offenses. (Lawphil)
What To Do Immediately After You Realize It Is a Scam
The first few hours matter. Online evidence disappears quickly, accounts get renamed, SIM cards are discarded, and scam pages are deleted.
1. Stop sending money
Scammers often continue the fraud by inventing new fees:
- “Final release fee”
- “Anti-money laundering clearance”
- “Account correction fee”
- “Tax clearance”
- “Insurance”
- “Late cancellation penalty”
- “Attorney’s fee”
- “Blacklist removal fee”
If no loan was released and the demands keep changing, stop paying. Additional payments often make recovery harder.
2. Preserve everything before blocking or deleting
Do not delete chats, SMS messages, call logs, emails, app notifications, or transaction receipts. If you need to block the person for safety, first capture the evidence.
Save:
- Screenshots showing the full conversation
- Screen recordings showing the profile, username, page URL, phone number, or app interface
- Bank or e-wallet receipts with reference numbers
- Account names and account numbers
- App name, package name, developer name, and app store link
- Loan agreement, privacy policy, disclosure statement, or collection messages
- Photos of threats sent to you or your contacts
- Names and numbers of people contacted by the app or collector
3. Secure your accounts and identity
If you uploaded IDs, selfies, signatures, or bank details:
- Change passwords for email, banking, e-wallet, and social media accounts.
- Enable two-factor authentication.
- Contact your bank or e-wallet provider and report a suspected scam transaction.
- Ask whether the transaction can be flagged, disputed, reversed, or temporarily held under applicable financial account scam rules.
- Monitor your credit, loan, and e-wallet accounts for unauthorized activity.
- Tell close contacts not to respond to suspicious messages using your name or photo.
4. Keep the device if the app is still installed
If the case involves a suspicious lending app, do not immediately factory-reset your phone if you can safely preserve it. Investigators may need to examine the device, app permissions, installation history, notifications, or malware-like behavior.
The NBI Cybercrime Division’s citizen-facing process includes execution of sworn statements, submission of affidavits, examination of devices when needed, and preparation of investigative authority and documentation. (National Bureau of Investigation)
Evidence Checklist for Estafa or Cybercrime Complaints
A strong complaint is not just a story. It is a chronological file that lets an investigator or prosecutor understand exactly what happened, who did it, how the fraud worked, and how much damage was caused.
| Evidence | Why it matters |
|---|---|
| Screenshots of chats, SMS, emails, and app messages | Shows the false promises, threats, instructions, and timeline |
| Full profile details, phone numbers, usernames, page links, and app links | Helps trace the account or identify the respondent |
| Bank transfer, e-wallet, or remittance receipts | Proves payment, amount, date, reference number, and recipient account |
| Loan application forms, approval notices, and “fee” instructions | Shows the scam method and representations made before payment |
| Valid IDs and selfie submissions | Relevant if identity theft or misuse of personal data occurred |
| Contact-list harassment evidence | Supports SEC and NPC complaints |
| Statements from family, friends, employers, or contacts who were messaged | Helps prove harassment, disclosure, reputational damage, or threats |
| Screen recording of app permissions | Useful in data privacy complaints involving excessive or unauthorized access |
| Device used in the transaction | May help cybercrime investigators preserve or examine digital evidence |
| Chronological affidavit | Turns scattered evidence into a coherent legal complaint |
For Filipinos abroad, OFWs, and foreigners outside the Philippines, documents signed abroad may need consular notarization or apostille depending on where they are executed and where they will be used. If a representative in the Philippines will file or follow up, prepare a clear Special Power of Attorney authorizing that person to file complaints, submit evidence, receive notices, and sign necessary documents.
Step-by-Step: How to File an Estafa or Cybercrime Case
Step 1: Write a clear timeline
Before going to any office, prepare a timeline with dates, times, amounts, and names. Keep it simple:
- When you first saw the app, ad, page, or message
- What the person or app promised
- What information you submitted
- What fees or payments were requested
- When and how you paid
- What happened after payment
- Whether more money was demanded
- Whether threats, harassment, or contact-list messages followed
- Total amount lost
- Current status of the app, account, or collector
This timeline becomes the backbone of your complaint-affidavit.
Step 2: Prepare a complaint-affidavit
A complaint-affidavit is a sworn written statement explaining the facts of the case. It should be signed before a notary public or authorized officer.
Include:
- Your full name, address, contact number, email, and government ID details
- The respondent’s name, if known
- If the identity is unknown, describe the respondent as “John Doe,” “Jane Doe,” or “unknown persons using the following accounts/numbers”
- The app name, website, page name, phone number, email address, or username involved
- The exact false representations made
- The dates and amounts paid
- The bank, e-wallet, remittance, or payment details
- The damage suffered
- A list of attachments or annexes
Use annex labels such as:
- Annex “A” – Screenshot of loan advertisement
- Annex “B” – Messenger conversation
- Annex “C” – GCash receipt dated ___
- Annex “D” – Screenshot of threat message
- Annex “E” – Statement of contacted family member
Avoid emotional accusations without facts. Instead of writing “they are criminals and scammers,” write exactly what they said, what you believed, what you paid, and what happened after.
Step 3: File with the proper cybercrime or law enforcement office
For online lending scams, the most practical filing options are usually:
- NBI Cybercrime Division
- PNP Anti-Cybercrime Group
- A regional cybercrime unit, if available
- The city or provincial prosecutor’s office, especially if the respondent is known and evidence is complete
The joint DICT-NPC-SEC advisory identifies the NBI Cybercrime Division and PNP Anti-Cybercrime Group as reporting channels for harassment, threats, frauds, scams, and cyber-related incidents involving online lending platforms.
When filing, bring:
- Printed complaint-affidavit
- Printed annexes
- Digital copies in USB or cloud storage
- Original phone or device, if relevant
- Government-issued ID
- Proof of payment
- Witness affidavits, if available
Ask the receiving officer how the complaint will be docketed, whether additional affidavits are needed, and whether the case will require cyber preservation requests, subpoenas, or coordination with banks, e-wallets, telecoms, or platforms.
Step 4: Request urgent preservation of digital evidence
Digital evidence can vanish. RA 10175 allows preservation of computer data and traffic data under legally required procedures. It also provides rules on disclosure, warrants, custody, and admissibility of computer data evidence. (Supreme Court E-Library)
In practical terms, you should tell investigators if there is a risk that the scammer may delete:
- Facebook pages
- Chat accounts
- App listings
- E-wallet accounts
- Email accounts
- Website domains
- Server logs
- SIM-related data
Law enforcement, not the private complainant, usually coordinates formal preservation or disclosure requests through proper legal channels.
Step 5: Preliminary investigation at the prosecutor’s office
If the evidence supports a criminal charge and the respondent can be identified, the complaint may proceed to preliminary investigation before the prosecutor.
During preliminary investigation:
- The complainant files the complaint-affidavit and evidence.
- The prosecutor evaluates whether the complaint is sufficient.
- If the respondent is identifiable, the prosecutor may issue a subpoena.
- The respondent may file a counter-affidavit.
- The complainant may be required to submit a reply-affidavit.
- The prosecutor issues a resolution finding probable cause or dismissing the complaint.
- If probable cause is found, an Information is filed in court.
In real life, this stage can take weeks to months. Delays commonly happen because of incomplete evidence, difficulty identifying anonymous accounts, unavailable platform records, wrong addresses, or the need to coordinate with banks, e-wallets, telecoms, or foreign platforms.
Step 6: Court proceedings
If the prosecutor files the case in court, cybercrime cases are generally handled by courts with cybercrime jurisdiction. Under RA 10175, Regional Trial Courts have jurisdiction over cybercrime cases, including when an element of the offense occurred in the Philippines, a computer system involved was in the Philippines, or damage was caused to a person in the Philippines. (Supreme Court E-Library)
Court proceedings may involve arraignment, bail, pre-trial, trial, presentation of digital evidence, and judgment. Criminal cases can take a long time, especially when there are multiple respondents, unknown account holders, or technical evidence from financial institutions and online platforms.
Where Else to File Complaints Against Online Lending Apps
A criminal complaint is not always the only filing. For online lending apps, you may need parallel complaints depending on the misconduct.
| Office | File here when | Typical evidence |
|---|---|---|
| NBI Cybercrime Division or PNP Anti-Cybercrime Group | Fake loan scam, identity theft, threats, cyber harassment, phishing, e-wallet scam, online estafa | Complaint-affidavit, screenshots, receipts, device, account details |
| Prosecutor’s Office | Respondent is known and evidence is ready for criminal evaluation | Complaint-affidavit, annexes, witness statements |
| Securities and Exchange Commission | Lending app is unregistered, violates SEC lending rules, uses unfair debt collection, or operates undisclosed online lending platforms | App name, company name, screenshots, collection messages, loan documents |
| National Privacy Commission | Contact-list shaming, unauthorized use of personal data, excessive app permissions, disclosure of IDs or sensitive information | Notarized complaint, proof of prior written notice to respondent, screenshots, privacy notice, witness statements |
| Bank or e-wallet provider | Money was transferred to a suspected scam account or mule account | Transaction receipt, reference number, recipient account, timeline |
| App store or social media platform | Fake app, fake page, impersonation, phishing link, or abusive account should be taken down | Screenshots, URLs, account names, proof of impersonation |
For NPC complaints, the process is more technical than many people expect. The NPC requires a formal complaint in the required format, usually notarized, with supporting evidence. The complainant generally must first inform the respondent in writing of the privacy violation and give the respondent a chance to act; if there is no timely or appropriate response within 15 calendar days, proof of that step should be attached. (National Privacy Commission)
Common Scenarios
“I borrowed money from an online lending app and cannot pay. Can they file estafa?”
Non-payment alone is usually not estafa. Estafa requires fraud, deceit, abuse of confidence, or another criminal element. If you borrowed under your real name, intended to pay, and later could not pay because of hardship, job loss, emergencies, or high charges, that is generally a debt issue.
However, collectors may still face consequences if they use threats, public shaming, false legal claims, unauthorized contact-list messaging, or unlawful processing of personal data.
“I paid processing fees but the loan was never released.”
This is one of the clearest online loan scam patterns. If the supposed lender represented that a loan was approved and induced you to pay fees before release, but never intended to release the loan, the facts may support estafa. If the transaction happened through online chats, apps, e-wallets, fake pages, or electronic accounts, cybercrime provisions may also apply.
“The lending app messaged my contacts and told them I am a scammer.”
This may involve SEC lending rules, the Data Privacy Act, and possibly criminal laws depending on the wording and method. Save screenshots from each contact who received messages. Ask those contacts to preserve the messages and, if possible, execute short written statements describing what they received, from what number or account, and when.
“The app used my ID to create a loan I never applied for.”
Treat this as identity theft and possible fraud. File with a cybercrime unit and notify the lending company in writing that the loan is disputed. Also consider an NPC complaint if your personal data was collected, disclosed, or processed without lawful basis.
RA 10175 includes computer-related identity theft, which covers unauthorized acquisition, use, misuse, transfer, possession, alteration, or deletion of identifying information belonging to another person. (Supreme Court E-Library)
“The scammer is outside the Philippines. Can I still file?”
Possibly, yes. Philippine cybercrime jurisdiction may still apply if an element of the offense occurred in the Philippines, the computer system was in the Philippines, or damage was caused to a person in the Philippines. AFASA also recognizes jurisdiction in financial account scam situations involving Philippine elements, including damage in the Philippines or accounts maintained with institutions operating in the Philippines. (Supreme Court E-Library)
The practical challenge is enforcement. Identifying and arresting a foreign-based scammer may require platform records, bank records, mutual legal assistance, and coordination between agencies.
“The lending company is registered. Does that mean it cannot be liable?”
No. Registration does not give a lender permission to harass borrowers, misuse data, deceive consumers, or violate SEC and privacy rules. A registered lender can still face regulatory, administrative, civil, or criminal consequences depending on the conduct.
“Can I recover the money?”
Recovery is possible but not guaranteed. The fastest practical route is often through the bank, e-wallet, or financial institution if reported quickly and if funds can still be traced or held. Criminal complaints may also result in restitution or civil liability, but this usually takes longer and depends on whether the offender is identified, prosecuted, and has recoverable assets.
Required Documents, Fees, and Timelines
| Item | Practical notes |
|---|---|
| Complaint-affidavit | Must be factual, chronological, signed, and notarized when required |
| Government-issued ID | Bring original and photocopies |
| Screenshots and digital files | Print important screenshots, but also preserve original digital copies |
| Payment receipts | Include reference numbers, recipient names, account numbers, and dates |
| Witness statements | Useful when contacts, employers, relatives, or co-workers received harassment messages |
| Device used | Bring the phone if the app, messages, or malware-like behavior are relevant |
| SPA or authorization | Needed if someone else will file or follow up for you |
| Foreign documents | May need consular notarization, apostille, or certified translation |
| NPC complaint form | NPC complaints have a specific format and documentary requirements |
| SEC complaint evidence | Include the app name, company name, screenshots, ads, messages, and loan documents |
Typical timelines vary widely:
- Initial complaint receiving: often same day, if documents are complete
- Evidence review or cybercrime assessment: days to weeks
- Bank/e-wallet tracing or dispute: depends on provider and urgency
- Preliminary investigation: often several weeks to several months
- Court case: may take years, especially if technical evidence or multiple respondents are involved
- NPC or SEC administrative action: depends on completeness, response of the company, and agency workload
The most common bottlenecks are incomplete screenshots, missing transaction reference numbers, anonymous accounts, deleted conversations, uncooperative platforms, wrong respondent names, and failure to explain the timeline clearly.
Mistakes to Avoid
Deleting messages after taking screenshots
Screenshots help, but original messages are better. Keep the original chat thread, SMS, emails, app notifications, and transaction records when possible.
Sending only cropped screenshots
Cropped screenshots can be questioned. Include full-screen versions showing the date, time, number, username, profile, URL, or app interface.
Paying more to “avoid a case”
Some abusive collectors threaten immediate arrest, barangay action, NBI cases, or public posting to pressure borrowers into paying. If the demand is suspicious or the fees keep changing, preserve evidence instead of sending more money.
Filing only with the wrong office
If the issue is a fake loan scam, SEC alone may not be enough. If the issue is contact-list shaming, NBI alone may not address the privacy and regulatory side. Many cases require parallel filing: cybercrime complaint for the scam, SEC complaint for lending violations, NPC complaint for data misuse, and bank/e-wallet report for the money trail.
Treating every unpaid loan as estafa
Borrowers should not exaggerate facts. Estafa requires legally relevant fraud or deceit. A stronger complaint is honest and specific: what was promised, what was false, when payment was made, and how damage occurred.
Posting the collector’s personal data online
Do not respond to unlawful disclosure by doing the same thing. Publicly posting IDs, phone numbers, addresses, or private photos can create new legal problems. Preserve evidence and file through proper channels.
Ignoring NPC pre-filing requirements
For data privacy complaints, the NPC may require proof that you first informed the respondent in writing and gave them time to act, unless an exception applies. Missing this step can delay or weaken the complaint. (National Privacy Commission)
Frequently Asked Questions
Can I file estafa against an online lending app in the Philippines?
Yes, if the facts show fraud or deceit. A common example is when a fake lender promises an approved loan, asks you to pay advance fees, and then disappears or demands more fees without releasing any loan. If the fraud was done through an app, website, social media, chat, or e-wallet, cybercrime provisions may also apply.
Is not paying an online loan considered estafa?
Usually, no. Mere non-payment of a loan is generally a civil or contractual issue, not automatically estafa. Estafa requires deceit, fraud, abuse of confidence, or another criminal element. However, using fake IDs, false identities, or intentionally fraudulent information at the start of the transaction may change the legal analysis.
Where do I file a cybercrime complaint against a loan scam?
You may file with the NBI Cybercrime Division, PNP Anti-Cybercrime Group, or a regional cybercrime office. If the respondent is known and your evidence is complete, the complaint may also be brought to the prosecutor’s office for preliminary investigation.
Can online lending apps contact my friends or family?
They cannot freely harvest your phonebook and shame you through your contacts. The 2026 DICT-NPC-SEC advisory warned against unnecessary permissions, excessive contact-list processing, and borrower harassment or public shaming through personal data misuse.
What if I paid a processing fee but no loan was released?
Preserve all messages and receipts, stop paying additional fees, report the transaction to your bank or e-wallet, and consider filing an estafa and cybercrime complaint. The key evidence is the promise that the loan would be released after payment and proof that you relied on that promise when you sent money.
Can I file a case if I am an OFW or foreigner outside the Philippines?
Yes, if the facts connect the offense to the Philippines, such as a victim in the Philippines, damage suffered in the Philippines, a Philippine bank or e-wallet account, or a Philippine-based lending app or operator. If you are abroad, you may need a notarized or apostilled affidavit and a Special Power of Attorney for a representative in the Philippines.
What should I do if my ID was used for a loan I did not apply for?
Immediately notify the lending company in writing that the loan is disputed, file a cybercrime complaint for identity theft or related fraud, and consider filing a complaint with the National Privacy Commission. Attach proof that your ID or personal data was used without authority.
Will an SEC or NPC complaint get my money back?
Not always. SEC and NPC complaints are mainly regulatory and administrative remedies, though their findings can support other action. For money recovery, you should also report the transaction to your bank or e-wallet as soon as possible and pursue criminal and civil remedies where appropriate.
How long does an estafa or cybercrime case take?
Initial complaint filing can be done quickly if your documents are ready, but investigation and prosecution can take months or longer. Court cases may take years. Cases move faster when the evidence is organized, the money trail is clear, the respondent is identifiable, and digital evidence is preserved early.
Key Takeaways
- Estafa requires fraud or deceit. Non-payment of a loan alone is usually not enough.
- Online loan scams often involve cybercrime when done through apps, social media, SMS, chat, websites, e-wallets, or online accounts.
- Save evidence immediately. Keep screenshots, original messages, payment receipts, app details, phone numbers, and device data.
- File in the right places. NBI or PNP cybercrime units handle online fraud; SEC handles lending-company violations; NPC handles personal data misuse; banks and e-wallets handle transaction disputes and possible fund holds.
- Contact-list shaming and harassment are not normal collection practices. They may violate SEC rules, the Data Privacy Act, and other laws.
- Foreigners and OFWs can still file when the scam has Philippine elements, but documents executed abroad may need apostille, consular notarization, or an authorized representative.
- The strongest complaints are specific, chronological, and evidence-based. Show what was promised, why it was false, what you paid, who received it, and what damage resulted.