How to Follow Up on a Cybercrime Case Filing in the Philippines

I. Introduction

Filing a cybercrime complaint is only the beginning of the legal process. In the Philippines, complainants often assume that once a complaint has been filed with the police, the National Bureau of Investigation, or the prosecutor’s office, the case will automatically move forward without further action from them. In practice, proper follow-up is essential.

Cybercrime cases frequently involve digital evidence, platform records, mobile numbers, bank accounts, electronic messages, online profiles, and technical tracing. These matters may require coordination among law enforcement, prosecutors, banks, telecommunications companies, internet platforms, and sometimes foreign service providers. A complainant who follows up properly can help preserve evidence, clarify facts, comply with requests, and monitor the progress of the complaint without interfering with the investigation.

This article discusses how to follow up on a cybercrime case filing in the Philippine context, including where to follow up, what documents to prepare, what timelines to expect, what agencies may be involved, and what practical steps may help a complainant protect their rights.

This article is for general legal information and should not be treated as a substitute for advice from a Philippine lawyer.

II. Common Cybercrime Complaints in the Philippines

Cybercrime cases in the Philippines may involve offenses under Republic Act No. 10175, or the Cybercrime Prevention Act of 2012, as well as crimes under the Revised Penal Code and special laws when committed through information and communications technology.

Common cybercrime-related complaints include:

  1. Online libel;
  2. Identity theft;
  3. Hacking or unauthorized access;
  4. Cybersex or online sexual exploitation;
  5. Computer-related fraud;
  6. Phishing and online scams;
  7. Illegal access to accounts;
  8. Online threats, harassment, or extortion;
  9. Non-consensual sharing of intimate images;
  10. Unauthorized use of personal data;
  11. Fake accounts or impersonation;
  12. Investment scams conducted through social media or messaging apps;
  13. E-wallet, bank, or payment platform fraud;
  14. Business email compromise;
  15. Ransomware or malware attacks;
  16. Defamation, threats, or coercion carried out online.

A complaint may be filed not only for a cybercrime offense under the Cybercrime Prevention Act, but also for an ordinary crime committed through electronic means. For example, estafa, grave threats, unjust vexation, coercion, or violations of special laws may have a cyber component.

III. Where Cybercrime Complaints Are Commonly Filed

A cybercrime complaint may be initiated before different offices depending on the nature of the case, the location of the complainant, the available evidence, and the urgency of the matter.

A. Philippine National Police Anti-Cybercrime Group

The Philippine National Police Anti-Cybercrime Group is commonly approached for complaints involving online scams, hacking, threats, identity theft, cyber harassment, and similar offenses. Local police stations may also assist, but specialized cybercrime units are generally better equipped to handle digital evidence and technical investigation.

B. National Bureau of Investigation Cybercrime Division

The National Bureau of Investigation Cybercrime Division also handles cybercrime complaints, especially cases involving technical investigation, account tracing, online fraud, impersonation, hacking, or broader cybercrime schemes.

C. Office of the City or Provincial Prosecutor

A complainant may file a criminal complaint directly with the prosecutor’s office through a complaint-affidavit and supporting evidence. If filed first with law enforcement, the case may later be referred to the prosecutor for preliminary investigation or inquest, depending on the circumstances.

D. Department of Justice Office of Cybercrime

The Department of Justice Office of Cybercrime has a policy, coordination, and international cooperation role in cybercrime matters. It may become relevant when preservation requests, international coordination, or cybercrime policy issues are involved.

E. Other Agencies

Depending on the facts, the following agencies may also be relevant:

  1. National Privacy Commission, for personal data breaches or unauthorized processing of personal information;
  2. Securities and Exchange Commission, for investment scams, fake corporations, or unauthorized investment solicitation;
  3. Bangko Sentral ng Pilipinas, for bank or e-wallet-related complaints within its regulatory coverage;
  4. Department of Trade and Industry, for consumer-related online transactions;
  5. Anti-Money Laundering Council, for money laundering dimensions;
  6. Inter-Agency Council Against Trafficking, for online sexual exploitation or trafficking-related cases;
  7. Local government or barangay authorities, if threats, harassment, or community-level disputes are involved, though serious cybercrime matters generally proceed through law enforcement or prosecutors.

IV. What Happens After Filing a Cybercrime Complaint

After filing, the complaint may pass through several stages. Understanding these stages helps the complainant know where and how to follow up.

A. Initial Evaluation

The receiving office reviews the complaint, the complainant’s affidavit, screenshots, links, transaction records, chat logs, emails, phone numbers, account names, and other evidence. The investigator may determine whether the matter appears to be criminal, civil, administrative, or regulatory.

B. Evidence Assessment

Cybercrime cases are evidence-heavy. Investigators may examine whether the submitted screenshots, electronic records, device data, transaction receipts, URLs, IP logs, account identifiers, and communications are complete and usable.

The complainant may be asked to submit:

  1. A complaint-affidavit;
  2. Government-issued identification;
  3. Screenshots of posts, messages, emails, or profiles;
  4. URLs or links;
  5. Transaction receipts;
  6. Bank or e-wallet records;
  7. SIM card or phone number details;
  8. Email headers;
  9. Device information;
  10. Witness affidavits;
  11. A timeline of events;
  12. Any prior demand letters, reports, or correspondence.

C. Case Assignment

The complaint may be assigned to a specific investigator, agent, police officer, or prosecutor. This assignment is important because follow-ups should ideally be directed to the person or office actually handling the matter.

D. Further Investigation

The investigator may request additional evidence, issue invitations, take supplemental statements, coordinate with other agencies, or prepare documents for subpoenas, preservation requests, or referral to prosecutors.

E. Referral to Prosecutor

If law enforcement believes there is sufficient basis, the complaint may be referred to the prosecutor’s office for preliminary investigation. The prosecutor then evaluates whether probable cause exists to file an Information in court.

F. Preliminary Investigation

During preliminary investigation, the respondent may be required to submit a counter-affidavit. The complainant may be allowed to submit a reply-affidavit. The prosecutor then resolves whether to dismiss the complaint or file charges in court.

G. Court Filing

If the prosecutor finds probable cause, the case may be filed in court. Once filed, the case proceeds under the Rules of Criminal Procedure and applicable rules on electronic evidence.

V. Why Follow-Up Matters

Following up serves several legitimate purposes:

  1. To confirm that the complaint was actually received and docketed;
  2. To obtain the case reference number, docket number, or report number;
  3. To determine the assigned investigator or prosecutor;
  4. To know whether additional evidence is needed;
  5. To check whether the case has been referred to another office;
  6. To verify whether notices, subpoenas, or orders have been issued;
  7. To prevent missed deadlines;
  8. To update the case record with new evidence;
  9. To preserve digital evidence before it disappears;
  10. To ensure that contact information remains current.

Cybercrime evidence can be volatile. Online posts may be deleted, accounts may be deactivated, messages may be unsent, transaction trails may become harder to obtain, and digital logs may be retained only for limited periods. A complainant who follows up promptly may help prevent loss of critical evidence.

VI. First Step: Secure Proof of Filing

After filing a complaint, the complainant should secure proof that the complaint was received.

This may include:

  1. A receiving copy of the complaint-affidavit;
  2. A police blotter number;
  3. A complaint sheet;
  4. A case reference number;
  5. A docket number;
  6. A stamped copy of the complaint;
  7. A receipt from the receiving office;
  8. An email acknowledgment;
  9. The name and contact details of the assigned investigator;
  10. The date and place of filing.

The complainant should keep both physical and digital copies. The proof of filing will be needed for future follow-ups.

VII. How Soon Should a Complainant Follow Up?

There is no single universal follow-up period for all cybercrime complaints. The appropriate timing depends on the office, the urgency, the complexity of the case, and whether the complainant was told to wait for a specific notice.

As a practical guide:

  1. Immediately after filing, confirm the receiving details and case reference number.
  2. Within one to two weeks, follow up to ask whether the complaint has been assigned to an investigator or evaluator.
  3. After submitting additional documents, follow up to confirm receipt.
  4. If urgent evidence may disappear, follow up sooner and emphasize the need for preservation.
  5. If the matter has been referred to the prosecutor, follow up with the prosecutor’s office using the docket number.
  6. If notices or subpoenas are expected, monitor email, phone, registered mail, and physical address.

Follow-up should be persistent but professional. Repeated daily follow-ups without new information may be counterproductive unless there is an urgent risk, such as ongoing threats, continuing fraud, imminent dissipation of funds, or disappearance of evidence.

VIII. Proper Ways to Follow Up

A. Follow Up in Person

Personal follow-up is often the most effective method, especially when documents must be submitted or when the complainant needs to clarify case status.

When going in person, bring:

  1. Valid government ID;
  2. Copy of the complaint-affidavit;
  3. Proof of filing;
  4. Case reference number;
  5. Additional evidence;
  6. Printed screenshots;
  7. A USB drive or storage device, if requested;
  8. A written list of questions;
  9. Authorization or special power of attorney, if following up for another person.

The complainant should ask politely for the assigned investigator, case officer, records section, or prosecutor’s office docket section.

B. Follow Up by Phone

Phone follow-up may be useful for checking whether the assigned officer is available, whether documents were received, or whether there are scheduled proceedings.

When calling, be ready to provide:

  1. Full name of complainant;
  2. Name of respondent, if known;
  3. Date of filing;
  4. Case number or docket number;
  5. Nature of complaint;
  6. Name of assigned investigator or prosecutor.

Avoid disclosing sensitive details to persons whose identity or authority has not been confirmed.

C. Follow Up by Email

Email follow-up creates a written trail. It is useful when submitting supplemental evidence, confirming prior conversations, or asking for status updates.

A follow-up email should be concise and respectful. It should include:

  1. Subject line with case reference number;
  2. Name of complainant;
  3. Date and place of filing;
  4. Nature of complaint;
  5. Request for status update;
  6. List of attached documents, if any;
  7. Contact details.

D. Follow Up Through Counsel

For serious cases, cases involving substantial financial loss, public accusations, online libel, sensitive images, corporate data breaches, or complex jurisdictional issues, a lawyer may follow up on behalf of the complainant. Counsel can help ensure that pleadings, affidavits, and evidence are properly presented.

E. Follow Up Through the Records Section

If the case has reached the prosecutor’s office, the records or docket section may provide procedural status, such as whether the complaint has been raffled, whether a subpoena has been issued, whether a counter-affidavit has been filed, or whether a resolution has been released.

IX. What to Ask During Follow-Up

A complainant should ask specific, practical questions. Vague questions such as “What happened to my case?” may result in vague answers.

Useful questions include:

  1. Has my complaint been docketed?
  2. What is the case reference number or docket number?
  3. Who is the assigned investigator, agent, officer, or prosecutor?
  4. Has the complaint been evaluated?
  5. Are there missing documents or evidence?
  6. Do I need to submit a supplemental affidavit?
  7. Has the respondent been identified?
  8. Has the case been referred to another office?
  9. Has the case been forwarded to the prosecutor?
  10. Has a subpoena or notice been issued?
  11. Is there a scheduled hearing, conference, or preliminary investigation?
  12. Has the respondent submitted a counter-affidavit?
  13. Do I need to file a reply-affidavit?
  14. Has a resolution been issued?
  15. Where and when can I obtain a copy of the resolution?
  16. If dismissed, what remedies are available?
  17. If filed in court, what is the court branch and case number?

The complainant should take notes of each follow-up, including the date, time, person spoken to, and information received.

X. Documents to Bring or Submit During Follow-Up

Cybercrime complaints often require more than ordinary narrative statements. The complainant should prepare organized evidence.

A. Complaint-Affidavit

The complaint-affidavit should clearly state:

  1. The identity of the complainant;
  2. The identity of the respondent, if known;
  3. The facts in chronological order;
  4. The specific online acts complained of;
  5. The platforms used;
  6. The harm suffered;
  7. The evidence attached;
  8. The relief or action requested.

B. Screenshots and Printouts

Screenshots should show:

  1. The full page or message;
  2. Account name or username;
  3. Date and time;
  4. URL, if available;
  5. Profile details;
  6. Conversation context;
  7. Relevant metadata, where possible.

Screenshots should not be edited, cropped excessively, or altered in a way that may raise authenticity issues. It is often useful to preserve both the screenshot and the original link or file.

C. URLs and Account Identifiers

For online posts, accounts, or messages, provide:

  1. Full URL;
  2. Username;
  3. Display name;
  4. User ID, if available;
  5. Platform name;
  6. Date and time accessed;
  7. Screenshots of profile pages;
  8. Any archived copies, if available.

D. Transaction Records

For online scams or fraud, submit:

  1. Bank deposit slips;
  2. E-wallet receipts;
  3. Transfer confirmations;
  4. Account numbers;
  5. Merchant details;
  6. Chat conversations with the seller or scammer;
  7. Order confirmations;
  8. Delivery records;
  9. Dispute records with the platform;
  10. Demand letters or refund requests.

E. Communications

Include:

  1. Emails;
  2. Chat messages;
  3. SMS messages;
  4. Call logs;
  5. Voice messages;
  6. Social media messages;
  7. Threats or demands;
  8. Payment instructions;
  9. Account recovery emails.

F. Device or Account Evidence

If relevant, preserve:

  1. Compromised account notices;
  2. Password reset emails;
  3. Login alerts;
  4. IP address notifications;
  5. Security logs;
  6. Device screenshots;
  7. Malware alerts;
  8. System logs.

G. Witness Affidavits

Witnesses may include persons who saw the post, received the message, transacted with the same scammer, helped identify the respondent, or suffered similar harm.

XI. Preserving Digital Evidence

Evidence preservation is one of the most important parts of following up on a cybercrime complaint.

A. Do Not Delete Original Messages

Even if the messages are offensive, threatening, or distressing, do not delete them. Original messages may be necessary for authentication.

B. Preserve the Device

The phone, laptop, or tablet used to receive messages or access the account may contain relevant data. Avoid resetting, reformatting, or replacing the device before evidence is secured.

C. Save Original Files

Save original emails, files, photos, videos, receipts, and downloaded records. Keep backup copies in secure storage.

D. Record Dates and Times

Make a timeline containing:

  1. When the incident began;
  2. When the post or message was discovered;
  3. When payments were made;
  4. When threats were received;
  5. When accounts were accessed;
  6. When reports were made to platforms, banks, or law enforcement.

E. Use Notarized Affidavits When Needed

A sworn statement may be needed to support the complaint. In some cases, witnesses may execute affidavits confirming what they saw or experienced.

F. Avoid Entrapment or Vigilante Action

Complainants should avoid hacking back, threatening the respondent, publicly doxxing suspects, or fabricating interactions. Such conduct may create legal risks and weaken the case.

XII. Follow-Up When the Case Is Still With Law Enforcement

If the complaint remains with the PNP Anti-Cybercrime Group, NBI Cybercrime Division, or another investigating office, the complainant should determine whether the case is still under investigation or already referred to the prosecutor.

The complainant may ask:

  1. Is the matter still under case build-up?
  2. Has an investigator been assigned?
  3. Is there a need for a supplemental affidavit?
  4. Has the respondent been identified?
  5. Were preservation steps requested?
  6. Has the matter been referred for preliminary investigation?
  7. Was the complaint dismissed at the investigative level?
  8. Is additional evidence required before referral?

Law enforcement investigation may take time, especially when the identity of the offender is unknown, the account is fake, the platform is foreign-based, or financial tracing is required.

XIII. Follow-Up When the Case Is With the Prosecutor

Once the complaint reaches the Office of the City or Provincial Prosecutor, the case enters a more formal legal process.

A. Obtain the Docket Number

The docket number is critical. Without it, tracking the case may be difficult.

B. Check Whether a Subpoena Has Been Issued

The prosecutor may issue subpoenas requiring the respondent to submit a counter-affidavit. The complainant should monitor whether notices were sent and whether the addresses are correct.

C. Watch for Deadlines

If the respondent files a counter-affidavit, the complainant may be allowed or required to file a reply-affidavit. Missing deadlines may affect the presentation of the complainant’s side.

D. Ask Whether the Case Is Submitted for Resolution

After the affidavits and pleadings are complete, the case may be deemed submitted for resolution. The prosecutor will then determine whether probable cause exists.

E. Obtain a Copy of the Resolution

If the complaint is dismissed, the complainant should obtain the resolution promptly to determine the available remedy and the applicable period. If the complaint is approved for filing, the complainant should ask for the court branch and criminal case number once filed.

XIV. Preliminary Investigation in Cybercrime Cases

Preliminary investigation is the stage where the prosecutor determines whether there is probable cause to charge the respondent in court.

A. Probable Cause

Probable cause does not require proof beyond reasonable doubt. It requires sufficient basis to believe that a crime has been committed and that the respondent is probably guilty.

B. Counter-Affidavit

The respondent may submit a counter-affidavit denying the allegations, challenging the evidence, disputing identity, raising defenses, or arguing that the facts do not constitute a crime.

C. Reply-Affidavit

The complainant may submit a reply-affidavit to answer the respondent’s defenses. This is often important in cybercrime cases because respondents may claim that screenshots were fabricated, accounts were fake, identity was not established, or the statements were taken out of context.

D. Resolution

The prosecutor may:

  1. Dismiss the complaint;
  2. Find probable cause and file the case in court;
  3. Require additional evidence;
  4. Refer the matter to another office;
  5. Recommend a different offense based on the facts.

XV. What If the Complaint Is Dismissed?

A dismissal does not always mean the matter is permanently over. Depending on the reason for dismissal and the procedural stage, the complainant may have remedies.

Possible remedies may include:

  1. Motion for reconsideration before the prosecutor;
  2. Petition for review before the Department of Justice, where applicable;
  3. Filing of a new complaint if new evidence exists and the rules allow;
  4. Civil action, if the facts support civil liability;
  5. Administrative or regulatory complaint with another agency;
  6. Platform, bank, or payment provider dispute mechanisms;
  7. Data privacy complaint, if personal data rights are involved.

The appropriate remedy depends on the exact resolution, the office that issued it, the offense involved, and the applicable procedural rules. The complainant should pay close attention to deadlines.

XVI. What If the Case Is Filed in Court?

If the prosecutor files the case in court, the complainant should follow up on:

  1. The court branch;
  2. Criminal case number;
  3. Name of the accused;
  4. Date of filing;
  5. Status of warrant or summons;
  6. Arraignment schedule;
  7. Pre-trial schedule;
  8. Required witness appearances;
  9. Evidence marking;
  10. Coordination with the public prosecutor.

Once the case is in court, the public prosecutor generally handles the criminal prosecution. The complainant may still participate as a private complainant and may engage private counsel to assist the prosecution, subject to court rules and the control of the public prosecutor.

XVII. Following Up on Online Scam or Financial Fraud Cases

Online scam cases often require urgent action because funds may be transferred quickly.

A complainant should consider the following steps:

  1. Report immediately to the bank or e-wallet provider;
  2. Request temporary freezing, hold, or investigation where available;
  3. Secure transaction reference numbers;
  4. Ask for written acknowledgment of the report;
  5. File a complaint with law enforcement;
  6. Submit proof of payment and communications;
  7. Follow up with the financial institution’s fraud unit;
  8. Coordinate with the prosecutor or investigator regarding bank records;
  9. Preserve all conversations and receipts;
  10. Avoid further payment to the scammer.

Financial institutions may have internal deadlines for reporting unauthorized transactions or fraud. Prompt reporting is therefore important.

XVIII. Following Up on Online Libel Complaints

Online libel is one of the most common cybercrime-related complaints in the Philippines. Follow-up requires careful attention to evidence and prescription periods.

A complainant should preserve:

  1. The allegedly libelous post or message;
  2. URL;
  3. Date and time of publication;
  4. Identity of the account;
  5. Screenshots showing public visibility;
  6. Comments, reactions, or shares, where relevant;
  7. Evidence that third persons saw the post;
  8. Proof that the statement refers to the complainant;
  9. Evidence of falsity and malice, where relevant;
  10. Evidence of damage to reputation.

During follow-up, the complainant should ask whether the evidence is sufficient to establish publication, identification, defamatory imputation, and the respondent’s participation.

XIX. Following Up on Identity Theft or Fake Account Complaints

For fake account or impersonation cases, the complainant should submit:

  1. Screenshots of the fake profile;
  2. URL of the fake account;
  3. Comparison with the real account;
  4. Messages sent by the fake account;
  5. Reports from victims or contacts;
  6. Proof of harm or confusion;
  7. Platform report acknowledgment;
  8. Evidence that the fake account used the complainant’s name, image, business identity, or personal information.

Follow-up may include asking whether preservation of account data was requested, whether the platform was contacted, and whether additional victims should submit affidavits.

XX. Following Up on Hacking or Unauthorized Access Complaints

For hacking or account intrusion cases, preserve:

  1. Login alerts;
  2. Password reset notifications;
  3. Recovery emails;
  4. Unrecognized devices;
  5. IP address notices;
  6. Changes made to the account;
  7. Messages sent by the intruder;
  8. Unauthorized transactions;
  9. Security logs;
  10. Screenshots of account recovery attempts.

The complainant should avoid making major changes to the compromised system before evidence is documented, though immediate security steps such as changing passwords, enabling two-factor authentication, and contacting the platform may be necessary to prevent further harm.

XXI. Following Up on Threats, Harassment, or Extortion

For threats, harassment, blackmail, sextortion, or extortion, urgency is often high.

The complainant should preserve:

  1. Threatening messages;
  2. Demands for money or action;
  3. Account details;
  4. Payment instructions;
  5. Screenshots of images or videos used for blackmail;
  6. Call logs;
  7. Voice notes;
  8. Witnesses;
  9. Prior incidents;
  10. Evidence of fear, harm, or coercion.

If there is immediate danger, the complainant should seek urgent law enforcement assistance. Where intimate images, minors, sexual exploitation, or trafficking are involved, specialized agencies and protective measures may be necessary.

XXII. Role of Barangay Proceedings

Barangay conciliation may apply to certain disputes between individuals residing in the same city or municipality, subject to exceptions. However, many cybercrime cases involve serious offenses, unknown respondents, different localities, or matters beyond barangay settlement.

A complainant should not assume that barangay proceedings are required for every cybercrime complaint. The necessity of barangay conciliation depends on the offense, the residence of the parties, and the applicable exceptions.

XXIII. Role of the Rules on Electronic Evidence

Electronic evidence is central in cybercrime cases. The Philippines recognizes electronic documents and electronic data messages under applicable rules and laws. However, admissibility and weight may still be challenged.

Evidence may be questioned on grounds such as:

  1. Authenticity;
  2. Integrity;
  3. Completeness;
  4. Relevance;
  5. Identity of the sender;
  6. Chain of custody;
  7. Alteration or manipulation;
  8. Hearsay concerns;
  9. Failure to link the account to the respondent.

Therefore, follow-up should not be limited to asking about case status. It should also include asking whether the evidence is complete, properly authenticated, and sufficient to support the complaint.

XXIV. Chain of Custody and Evidence Handling

Chain of custody refers to the documented handling of evidence from collection to presentation. In cybercrime cases, weak handling of evidence can create problems later.

Practical evidence-handling tips include:

  1. Keep original files;
  2. Avoid editing screenshots;
  3. Save metadata when possible;
  4. Use secure storage;
  5. Keep backups;
  6. Document when and how evidence was obtained;
  7. Identify the person who captured or downloaded the evidence;
  8. Avoid forwarding files repeatedly through apps that compress or alter them;
  9. Label files clearly;
  10. Submit organized copies to investigators or prosecutors.

XXV. Following Up with Platforms, Banks, and Service Providers

Cybercrime cases often require cooperation from private entities. The complainant may need to coordinate with:

  1. Social media platforms;
  2. Messaging applications;
  3. Email providers;
  4. Banks;
  5. E-wallet providers;
  6. Online marketplaces;
  7. Delivery platforms;
  8. Telecommunications companies;
  9. Web hosting providers;
  10. Domain registrars.

The complainant should keep copies of all reports submitted to these entities. Reports to platforms or banks do not replace a criminal complaint, but they may support it.

When following up with these entities, ask for:

  1. Reference number;
  2. Status of investigation;
  3. Confirmation of report;
  4. Whether the account was suspended;
  5. Whether funds were held;
  6. Whether additional documents are needed;
  7. Whether law enforcement requests are required for disclosure.

Private companies may refuse to disclose account data directly to private persons due to privacy and legal restrictions. Law enforcement or court processes may be needed.

XXVI. Data Privacy Considerations

Complainants must be careful when gathering and sharing information. Even when pursuing a cybercrime complaint, they should avoid unnecessary public disclosure of personal data, private conversations, identification documents, or sensitive images.

Posting the alleged offender’s personal information online may create legal exposure, especially if the information is inaccurate, excessive, or unlawfully obtained.

Data privacy concerns may arise in cases involving:

  1. Doxxing;
  2. Leaked private messages;
  3. Unauthorized publication of images;
  4. Breach of customer data;
  5. Misuse of IDs;
  6. Fake accounts using personal information;
  7. Unauthorized access to accounts;
  8. Disclosure of sensitive personal information.

The National Privacy Commission may be relevant where the issue involves personal data misuse or a data breach.

XXVII. Dealing with Delays

Cybercrime cases may be delayed for many reasons:

  1. Incomplete evidence;
  2. Difficulty identifying the respondent;
  3. Fake accounts or aliases;
  4. Foreign-based platforms;
  5. Multiple victims;
  6. Need for technical verification;
  7. Delays in subpoenas or notices;
  8. Heavy caseload of agencies;
  9. Lack of respondent address;
  10. Jurisdictional issues;
  11. Need for bank or telco records;
  12. Need for international cooperation.

If there is delay, the complainant should make a written follow-up. The follow-up should be polite, factual, and documented.

A good follow-up letter states:

  1. The case reference number;
  2. Date of filing;
  3. Name of complainant and respondent;
  4. Nature of complaint;
  5. Last action taken;
  6. Pending matter;
  7. Request for status update;
  8. Contact details.

XXVIII. Sample Follow-Up Letter

Subject: Follow-Up on Cybercrime Complaint Filed on [Date] – [Complainant Name] v. [Respondent Name, if known]

Dear Sir/Madam:

I respectfully follow up on the cybercrime complaint I filed on [date] regarding [brief description of complaint, such as online scam, identity theft, hacking, online libel, or threats].

The complaint was filed with your office on [date], and the reference number/docket number is [number], if applicable. I would like to ask for an update on the status of the complaint and whether there are additional documents, affidavits, or evidence that I need to submit.

For ease of reference, I am ready to provide copies of the complaint-affidavit, screenshots, transaction records, links, and other supporting documents previously submitted.

Kindly inform me of the assigned investigator/prosecutor or the next step in the proceedings.

Thank you.

Respectfully,

[Name] [Address] [Mobile Number] [Email Address]

XXIX. Sample Email Follow-Up

Subject: Follow-Up on Cybercrime Complaint – [Case Reference Number]

Dear [Office/Investigator/Prosecutor]:

Good day.

I respectfully follow up on my cybercrime complaint filed on [date] concerning [brief description]. The case reference number is [number], and the assigned officer/prosecutor, if applicable, is [name].

May I respectfully ask for the current status of the complaint and whether any additional documents are required from me?

I am attaching copies of [list attachments, if any] for reference.

Thank you.

Respectfully, [Name] [Contact Number] [Email Address]

XXX. Sample Follow-Up Checklist

Before following up, prepare the following:

  1. Complaint-affidavit;
  2. Proof of filing;
  3. Case reference number or docket number;
  4. Name of assigned investigator or prosecutor;
  5. Valid ID;
  6. Copies of submitted evidence;
  7. New evidence, if any;
  8. Written timeline;
  9. List of questions;
  10. Contact information;
  11. Authorization letter, if following up for someone else;
  12. Lawyer’s entry of appearance or authority, if represented by counsel.

XXXI. Common Mistakes to Avoid

A. Relying Only on Screenshots

Screenshots are useful but may not be enough. Preserve links, account identifiers, original files, emails, headers, transaction records, and device data.

B. Waiting Too Long

Delay can result in deleted posts, closed accounts, unavailable logs, transferred funds, or faded witness memory.

C. Posting About the Case Online

Publicly accusing the respondent may create defamation, privacy, or harassment issues. It may also alert the respondent and cause destruction of evidence.

D. Paying More Money to Scammers

Some scammers demand additional payments for refunds, account recovery, release of goods, or removal of compromising material. Further payment may worsen the loss.

E. Ignoring Notices

Failure to attend scheduled proceedings or submit required affidavits may harm the complaint.

F. Submitting Disorganized Evidence

Investigators and prosecutors handle many cases. Organized evidence helps them understand the complaint faster.

G. Altering Evidence

Editing, cropping, deleting, or manipulating evidence may raise doubts about authenticity.

H. Following Up Without a Case Number

Always secure and use the reference number, docket number, or complaint number.

XXXII. When to Get a Lawyer

A lawyer is especially helpful when:

  1. The case involves online libel;
  2. The respondent is known and may file counterclaims;
  3. Large sums of money are involved;
  4. Corporate systems or business data are affected;
  5. Sensitive personal or intimate images are involved;
  6. The case involves minors;
  7. The complaint was dismissed;
  8. A motion for reconsideration or petition for review is needed;
  9. The complainant receives a counter-affidavit;
  10. The complainant is unsure which offense applies;
  11. Civil damages may be claimed;
  12. A related civil, administrative, or regulatory complaint may be appropriate.

A lawyer can help prepare affidavits, organize evidence, analyze the proper offense, monitor deadlines, and coordinate with investigators and prosecutors.

XXXIII. The Importance of Jurisdiction and Venue

Cybercrime cases may raise venue and jurisdiction questions because online acts can occur across different places. A complainant may reside in one city, the respondent may be elsewhere, the platform may be foreign-based, and the harm may be felt in multiple locations.

When following up, it is important to ask whether the complaint was filed with the proper office and whether referral to another jurisdiction is necessary. Filing in the wrong venue may delay the case.

XXXIV. If the Respondent Is Unknown

Many cybercrime complaints begin with an unknown respondent. The complainant may know only a username, phone number, account name, email address, or bank account.

In such cases, follow-up should focus on investigation status and identification efforts. The complainant should provide all available identifiers, including:

  1. Username;
  2. Display name;
  3. Profile URL;
  4. Email address;
  5. Mobile number;
  6. Bank account or e-wallet number;
  7. Transaction reference number;
  8. IP-related notices, if available;
  9. Delivery address;
  10. Marketplace account;
  11. Domain or website information;
  12. Any photos, videos, or documents used by the suspect.

The complainant should understand that identifying an unknown cyber offender may take time and may require cooperation from platforms, banks, telecommunications providers, or foreign entities.

XXXV. If There Are Multiple Victims

If multiple people were victimized by the same account, scheme, or person, it may help to coordinate evidence. Each victim should ideally execute their own affidavit and provide their own transaction records or screenshots.

Multiple complaints may show a pattern, but each complainant should still establish their own facts, loss, and evidence.

XXXVI. If the Cybercrime Is Still Ongoing

If the unlawful act is continuing, the complainant should immediately update the investigator or prosecutor.

Examples include:

  1. Continuing threats;
  2. Ongoing extortion;
  3. Repeated defamatory posts;
  4. Continued impersonation;
  5. Additional scam victims;
  6. Further unauthorized access;
  7. Continued publication of intimate images;
  8. New fraudulent transactions.

The complainant should preserve each new incident and submit a supplemental affidavit if needed.

XXXVII. If the Complaint Involves Minors

Cybercrime cases involving minors require special care. These may include online sexual exploitation, grooming, trafficking, child abuse material, threats, or harassment.

The complainant should avoid circulating, forwarding, or reproducing sensitive material unnecessarily. Reports should be made directly to proper authorities. Protective measures, confidentiality, and child-sensitive procedures may apply.

XXXVIII. If the Complaint Involves Intimate Images

Cases involving non-consensual sharing or threatened sharing of intimate images require urgent and sensitive handling.

The complainant should:

  1. Preserve evidence without spreading the material;
  2. Report to law enforcement immediately;
  3. Report the content to the platform for removal;
  4. Avoid negotiating with extortionists without law enforcement guidance;
  5. Keep all threats and demands;
  6. Seek psychological and legal support;
  7. Ask about protective measures and confidentiality.

XXXIX. Monitoring Notices and Communications

After filing, the complainant should regularly monitor:

  1. Email inbox and spam folder;
  2. Mobile phone calls and text messages;
  3. Registered mail;
  4. Physical address used in the complaint;
  5. Lawyer’s office, if represented;
  6. Online filing portals, if applicable;
  7. Communications from investigators or prosecutors.

Missed notices can delay or weaken the case.

XL. How to Record Follow-Up Activity

Maintain a case log containing:

  1. Date of follow-up;
  2. Method of follow-up;
  3. Office contacted;
  4. Person spoken to;
  5. Information received;
  6. Documents submitted;
  7. Next step;
  8. Deadline, if any;
  9. Copies of emails or letters;
  10. Proof of receipt.

A well-maintained case log helps the complainant, lawyer, investigator, and prosecutor track progress.

XLI. Ethical and Legal Boundaries in Following Up

Following up is a right, but it must be done properly.

A complainant should not:

  1. Bribe or offer favors;
  2. Threaten investigators, prosecutors, or respondents;
  3. Harass government personnel;
  4. Fabricate evidence;
  5. Coach witnesses to lie;
  6. Publicly shame suspects;
  7. Hack accounts;
  8. Illegally obtain private data;
  9. Misrepresent facts;
  10. Ignore lawful processes.

Professional, documented, and respectful follow-up is more effective and safer.

XLII. Practical Timeline of a Cybercrime Complaint

A simplified timeline may look like this:

  1. Incident occurs;
  2. Evidence is preserved;
  3. Complaint-affidavit is prepared;
  4. Complaint is filed with law enforcement or prosecutor;
  5. Case is docketed;
  6. Investigator evaluates evidence;
  7. Additional evidence may be requested;
  8. Case is referred to prosecutor;
  9. Prosecutor issues subpoena;
  10. Respondent submits counter-affidavit;
  11. Complainant may submit reply-affidavit;
  12. Case is submitted for resolution;
  13. Prosecutor dismisses or files the case;
  14. If filed, court proceedings begin;
  15. Trial, judgment, and remedies follow.

Not all cases follow this exact sequence. Some cases may require more investigation before prosecutor referral. Others may be filed directly with the prosecutor.

XLIII. Frequently Asked Questions

1. Can I follow up even if I do not have a lawyer?

Yes. A complainant may follow up personally. However, a lawyer is advisable for serious, complex, or sensitive cases.

2. What if I lost my case reference number?

Return to the office where the complaint was filed and provide your name, respondent’s name, date of filing, and nature of complaint. The records section may help locate it.

3. Can I submit new evidence after filing?

Generally, yes. New evidence may be submitted through a supplemental affidavit or letter, depending on the stage of the case.

4. What if the online post was deleted?

Deleted content may still be supported by screenshots, witnesses, archives, platform reports, or technical records. However, preservation becomes harder after deletion, so prompt action is important.

5. Can I demand immediate arrest?

Not every cybercrime complaint results in immediate arrest. Arrest generally requires lawful grounds, such as a warrant or valid warrantless arrest circumstances. Most complaints proceed through investigation and preliminary investigation.

6. Can the police force a platform to give account information immediately?

Private platforms, especially foreign-based ones, may require proper legal process. Law enforcement may need subpoenas, preservation requests, court orders, or international cooperation mechanisms.

7. Can I settle a cybercrime case?

Some disputes may be settled, but settlement does not automatically erase criminal liability in all cases. The effect of settlement depends on the offense, procedural stage, and applicable law.

8. What if the respondent apologizes?

An apology may be relevant but does not automatically terminate the case. The complainant should consult counsel before withdrawing or compromising a complaint.

9. What if the investigator is not responding?

Make a written follow-up, contact the records section, visit the office personally, or ask for the supervising officer. Keep follow-up records.

10. What if the prosecutor dismisses the complaint?

Obtain the resolution immediately and consult counsel regarding remedies and deadlines.

XLIV. Best Practices for Complainants

The following practices improve the chances of orderly case handling:

  1. File promptly;
  2. Preserve original evidence;
  3. Prepare a clear timeline;
  4. Organize documents by date and type;
  5. Keep printed and digital copies;
  6. Use consistent names, dates, and contact details;
  7. Secure the case number;
  8. Follow up professionally;
  9. Submit supplemental evidence properly;
  10. Monitor notices and deadlines;
  11. Avoid public accusations;
  12. Consult counsel when the matter is serious.

XLV. Conclusion

Following up on a cybercrime case filing in the Philippines requires patience, organization, and awareness of procedure. A complainant should secure proof of filing, identify the assigned officer or prosecutor, preserve digital evidence, monitor notices, submit additional documents when needed, and keep a written record of all follow-ups.

Cybercrime cases are often complex because the evidence is digital, the offender may be anonymous, and relevant records may be held by banks, telecommunications companies, online platforms, or foreign service providers. Proper follow-up helps ensure that the complaint does not remain stagnant, that evidence is preserved, and that the complainant remains informed of the next procedural steps.

The most effective follow-up is not merely repeated inquiry. It is a disciplined process of documentation, evidence preservation, respectful communication, and timely compliance with investigative or prosecutorial requirements.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login