If money was taken from your bank account or e-wallet because of a fake seller, phishing link, bogus investment, romance scam, job scam, or account takeover, your best chance of recovery depends on two things: how fast you report and how complete your bank or e-wallet evidence is. Philippine law now gives banks, e-wallets, and other BSP-supervised financial institutions a clearer process for temporarily holding disputed funds and coordinating with each other, but recovery is not automatic. You need to report the transaction properly, preserve proof, follow up in writing, and, when needed, file complaints with the right government agencies.
What “recovering funds” means after an online scam
In practice, “fund recovery” after an online scam can mean several different things:
| Type of recovery | What it means | When it usually applies |
|---|---|---|
| Temporary hold of funds | The receiving bank or e-wallet blocks the disputed amount before it is withdrawn or moved | Best when you report very quickly |
| Return of held funds | The institution returns the amount to the source account after verification | Possible if the funds are still traceable and the transaction appears fraudulent |
| Bank or e-wallet restitution | The institution may be required to restore the loss if it failed to apply required safeguards or temporary holding rules | Depends on the facts and the institution’s fault |
| Criminal restitution | The court orders the offender to pay back the victim as part of criminal liability | Usually takes much longer |
| Civil recovery | You sue an identified person to recover money | More realistic if you know the scammer’s true identity and address |
The most time-sensitive route is the bank/e-wallet temporary holding process. Once the scammer withdraws, cashes out, converts to crypto, or transfers the money through several mule accounts, recovery becomes much harder.
Legal basis: your rights and remedies under Philippine law
RA 12010, or the Anti-Financial Account Scamming Act
Republic Act No. 12010, known as the Anti-Financial Account Scamming Act or AFASA, was signed in 2024 to address scams involving financial accounts, including bank accounts, e-wallets, credit card accounts, and other transaction accounts under BSP supervision. It covers institutions such as banks, nonbank financial institutions, payment service providers, and e-wallet providers regulated by the Bangko Sentral ng Pilipinas. (Lawphil)
AFASA is important because it expressly targets common online scam patterns, including:
- Money muling — using, lending, selling, renting, or opening a financial account so it can receive or move scam proceeds.
- Social engineering schemes — deception, impersonation, phishing, fake messages, or similar tactics used to obtain sensitive account information or control over a victim’s account.
- Economic sabotage — certain large-scale or organized financial account scams that meet the law’s aggravating circumstances. (Lawphil)
AFASA also allows a temporary holding of funds connected to a disputed transaction, generally up to 30 calendar days, unless extended by a court. The implementing BSP rules further break this down into an initial holding period of up to 5 calendar days, with possible extension within the 30-day maximum when the rules allow it. (Lawphil)
BSP rules on temporary holding and coordinated verification
The BSP’s 2025 implementing regulations under AFASA, including Circular Nos. 1213, 1214, and 1215, translate the law into operational rules for BSP-supervised institutions. Circular No. 1215 specifically covers temporary holding and coordinated verification for disputed transactions. (Bureau of the Treasury)
In simple terms:
- The originating financial institution is the bank or e-wallet where the money came from.
- The receiving financial institution is the bank or e-wallet where the money was sent.
- A subsequent receiving institution is another bank or e-wallet where the funds were later transferred.
Once a proper complaint or fraud detection trigger exists, the originating institution should verify the transaction details, prepare a disputed transaction report, and coordinate with the receiving institution to check whether the funds can still be held. The rules require case reference numbers, logs, and coordination steps so institutions can later show whether they acted on time. (Bureau of the Treasury)
RA 11765, or the Financial Products and Services Consumer Protection Act
Republic Act No. 11765, the Financial Products and Services Consumer Protection Act, protects consumers of financial products and services, including digital financial services. It recognizes rights such as fair treatment, disclosure and transparency, protection of consumer assets against fraud and misuse, data privacy, and timely handling of complaints. It also gives regulators such as the BSP authority over consumer complaints involving financial transactions within their jurisdiction. (Supreme Court E-Library)
For ordinary consumers, this matters because a scam report is not only a criminal complaint. It may also be a financial consumer complaint if your bank or e-wallet delayed action, ignored your report, failed to secure your account, or did not properly handle your dispute.
Revised Penal Code: estafa and other deceits
Many online scams may fall under estafa, or swindling, under Article 315 of the Revised Penal Code. Estafa generally involves defrauding another person through abuse of confidence, false pretenses, fraudulent acts, or deceit. Article 318 also punishes other deceits that may not fall squarely under estafa but still involve fraudulent conduct. (Lawphil)
Examples include:
- A fake seller accepting payment for goods they never intended to deliver.
- A person pretending to be a bank officer to obtain OTPs or passwords.
- A bogus investment promoter promising guaranteed returns.
- A scammer using a fake identity to induce a victim to transfer money.
RA 10175, or the Cybercrime Prevention Act
Republic Act No. 10175, the Cybercrime Prevention Act of 2012, applies when the fraud is committed through information and communications technology. It covers offenses such as computer-related fraud, computer-related identity theft, illegal access, and computer-related forgery. It also provides that crimes under the Revised Penal Code and special laws may carry a higher penalty when committed through ICT. (Supreme Court E-Library)
The law also authorizes cybercrime units of the National Bureau of Investigation and the Philippine National Police to handle cybercrime investigations. For online scams, this is why victims are often directed to the NBI Cybercrime Division or PNP Anti-Cybercrime Group. (Supreme Court E-Library)
Preserve your bank and e-wallet evidence immediately
Your evidence should help prove four things:
- You own or control the source account.
- A specific amount left your account on a specific date and time.
- The funds went to a specific receiving account, wallet, merchant, QR code, or reference number.
- The transfer was connected to fraud, deception, phishing, impersonation, or unauthorized access.
Evidence to save before anything disappears
Preserve these as early as possible:
Transaction receipt or screenshot showing:
- amount
- date and time
- reference number
- sender account or wallet
- recipient name, number, wallet, or bank
- transfer channel, such as InstaPay, PESONet, QR Ph, bank transfer, card payment, or e-wallet transfer
Bank statement, e-wallet transaction history, or downloadable PDF/CSV record
Screenshots of the scammer’s profile, page, username, phone number, email address, QR code, or payment instructions
Full chat history, including deleted-message notices if visible
Links to the fake website, marketplace listing, social media page, or advertisement
Emails, SMS messages, OTP prompts, phishing pages, or fake bank notices
Delivery or order records, if it involved a fake seller
Any ticket number from your bank, e-wallet, marketplace, telco, CICC, PNP, or NBI
Government ID and proof that the account belongs to you, if the institution asks for identity verification
Do not rely only on cropped screenshots. Keep the original screenshots, full-page captures, screen recordings, and exported chat files where possible. A cropped image may be useful for quick reporting, but investigators and institutions often need the full context.
Practical evidence tips
- Take screenshots showing the phone’s date and time if possible.
- Save images in a folder and rename them in order:
01-payment-receipt,02-scammer-chat,03-profile-page, and so on. - Do not delete chats even if they are painful or embarrassing.
- Do not edit screenshots except to make a separate redacted copy for public posting.
- If you used a web browser, save the URL and take a full-page screenshot.
- If you spoke by phone, write a short timeline immediately after the call while your memory is fresh.
Step-by-step guide: what to do in the first 24 hours
1. Secure your bank, e-wallet, email, and SIM
Before chasing the money, stop further loss.
Change your:
- bank and e-wallet passwords
- MPINs
- email password
- social media password if the scam happened there
- marketplace password
- password manager master password, if compromised
Also:
- unlink unknown devices
- remove saved cards from suspicious accounts
- lock your card or wallet if the app allows it
- call your telco if your SIM may have been swapped, stolen, or compromised
- enable multi-factor authentication that does not rely only on SMS if available
The BSP rules specifically expect consumers to immediately report disputed transactions, cooperate with their institutions, and change authentication credentials such as MFA, PINs, or passwords when they suspect compromise. (Bureau of the Treasury)
2. Report to your bank or e-wallet immediately
Use your bank or e-wallet’s official fraud hotline, in-app help center, email channel, or branch. Say clearly that you are reporting a disputed transaction due to an online scam.
Use direct language such as:
I am the source account owner. I am reporting a disputed transaction involving an online scam. Please create a fraud case, issue a case reference number, initiate coordinated verification, and request temporary holding of funds under the Anti-Financial Account Scamming Act and BSP rules if the funds are still with the receiving institution.
Ask for:
- a case or ticket number
- the date and time your report was logged
- confirmation that the receiving institution was contacted
- the exact documents they need from you
- the expected next update date
Under the BSP rules, the originating institution verifies key information such as the transaction reference number, source account details, amount, mode, date and time, receiving institutions, and beneficiary account information if known. (Bureau of the Treasury)
3. Give complete transaction details
Prepare a short incident summary:
- Your full name
- Source bank/e-wallet and account or wallet number
- Date and time of the transaction
- Amount
- Reference number
- Recipient name, number, bank, wallet, merchant, or QR details
- How the scam happened
- Whether you authorized the transfer because you were deceived, or whether the transaction was completely unauthorized
- Whether you shared an OTP, clicked a phishing link, downloaded an app, or gave remote access
- Whether there were other transfers after the first one
The goal is to help the bank or e-wallet trace the money quickly. Vague reports like “I got scammed, please refund me” usually cause delays.
4. Report to the receiving bank or e-wallet too, if known
Your own bank or e-wallet should coordinate with the receiving institution, but if you know where the money went, report there as well. Provide the same documents and your original case number.
This is especially useful when:
- you sent money to a visible e-wallet number
- the receipt shows a receiving bank
- the scammer gave a QR code with a merchant name
- the receiving institution has its own fraud reporting channel
Do not threaten or harass the account owner. The recipient may be a mule, a fake identity, or a compromised account. Your priority is to get the institution to log the report properly and preserve traceable funds.
5. File a cybercrime report
You can report cyber-related scams through government cybercrime channels. The Inter-Agency Response Center Hotline 1326 is a 24/7 government reporting number for online scams, phishing, cybercrimes, and related incidents, coordinated with agencies such as the CICC, DICT, NPC, NTC, PNP, and NBI. (Philippine Information Agency)
You may also report to:
- PNP Anti-Cybercrime Group
- NBI Cybercrime Division
- the local police station, especially if you need a blotter or referral
- the prosecutor’s office, usually after evidence is organized and the respondent is identifiable enough for a complaint
The NBI Cybercrime Division’s citizen-facing process includes complaint intake, preliminary interview or investigation, sworn statements or affidavits, and examination of a device when needed. Its listed initial assistance process has no fee in the citizen’s charter and is designed for victims of computer crimes. (National Bureau of Investigation)
6. Escalate to BSP if the financial institution mishandles the complaint
If your bank or e-wallet does not act, gives no useful response, refuses to provide a case number, or fails to explain its action after you used its official complaint process, you may escalate to the BSP’s consumer assistance mechanism.
The BSP treats its consumer assistance mechanism as a second-level recourse. Consumers are generally expected to first report to the financial institution’s own Financial Consumer Protection Assistance Mechanism or customer service channel before escalating to the BSP.
BSP guidance also warns consumers not to share sensitive information such as PINs, passwords, account numbers, card numbers, or passport details when filing complaints through consumer channels.
How the AFASA temporary hold process works
AFASA and the BSP implementing rules are most helpful when the scam proceeds are still inside the banking or e-wallet system.
Initial holding period
When the rules are triggered, a bank or e-wallet may temporarily hold disputed funds for an initial period of up to 5 calendar days. Triggers may include a complaint through the institution’s 24/7 fraud reporting channel, fraud management system detection, or a request from another financial institution involved in the transfer chain. (Bureau of the Treasury)
Extension within the 30-day maximum
If there are reasonable grounds and more time is needed to complete verification, the temporary hold may be extended, but the total temporary holding period is generally not more than 30 calendar days, unless a court extends it. (Bureau of the Treasury)
During the hold, the funds may still be credited to the beneficiary account but cannot be withdrawn, transferred, or used. The account owner must cooperate and provide information when requested. (Bureau of the Treasury)
Coordinated verification
The involved institutions then perform coordinated verification. If funds were held, verification is generally completed within the 30-calendar-day temporary holding period unless a court extends it. If no funds were held, the process may still continue, generally within 30 calendar days, extendable up to 60 calendar days for meritorious reasons. (Bureau of the Treasury)
The source account owner may request transaction reference numbers, information on the receiving institutions involved, and relevant dates and times from the originating institution, subject to the rules. (Bureau of the Treasury)
Release or return of funds
Held funds may be released to the beneficiary if the transaction is confirmed as legitimate or the holding period lapses without a legal basis to continue holding. However, funds may be returned to the source account owner’s institution when information shows money muling, unlawful activity, social engineering, lack of clear economic purpose, or similar indicators under the rules. (Bureau of the Treasury)
This is why the quality of your evidence matters. The bank or e-wallet is not simply deciding based on sympathy. It needs verifiable facts showing that the transaction is connected to a scam.
Where to file and what each office can do
| Office or institution | What it can do | When to use it |
|---|---|---|
| Your bank or e-wallet | Log the disputed transaction, secure your account, start fraud review, coordinate with receiving institutions | Always report here first and immediately |
| Receiving bank or e-wallet | Check whether funds remain, hold funds if rules apply, review recipient account activity | Report here too if you know where the money went |
| BSP consumer assistance | Handle complaints against BSP-supervised financial institutions after first-level complaint | Use if the bank or e-wallet mishandles or ignores your complaint |
| CICC / Hotline 1326 | Receive cybercrime and online scam reports and coordinate with relevant agencies | Useful for online selling scams, phishing, spoofing, and other cyber incidents |
| PNP Anti-Cybercrime Group | Investigate cybercrime complaints and gather evidence for prosecution | Use for phishing, identity theft, online fraud, account takeover, or organized scams |
| NBI Cybercrime Division | Investigate computer-related crimes, receive sworn statements, examine digital evidence | Useful for serious, repeated, cross-platform, or technically complex scams |
| Prosecutor’s office | Conduct preliminary investigation when criminal charges are pursued | Usually when the suspect can be identified or evidence is ready |
| Court | Issue orders, hear criminal or civil cases, order restitution or damages | Needed for litigation, criminal conviction, or court-extended holding |
| AMLC / Court of Appeals route | Freeze assets in money-laundering situations through legal procedures | Usually for serious organized scam proceeds, not ordinary customer hotline disputes |
For suspected money laundering, freeze orders under the Anti-Money Laundering Act are handled through a separate process before the Court of Appeals. The Supreme Court has explained that AMLA freeze orders may cover accounts materially linked to unlawful activity when probable cause exists, are immediately effective for a limited period, and may be extended under legal standards. This is different from a consumer’s immediate AFASA temporary holding request through a bank or e-wallet. (Supreme Court of the Philippines)
Practical timelines, fees, and bottlenecks
| Item | Practical expectation |
|---|---|
| Reporting to bank or e-wallet | Do it immediately, ideally within minutes or hours |
| Initial temporary hold | Up to 5 calendar days if the rules are triggered and funds are found |
| Extended temporary hold | Within the 30-calendar-day maximum unless a court extends |
| Coordinated verification if funds are held | Generally within the temporary holding period |
| Coordinated verification if funds are not held | May continue, generally 30 days and extendable up to 60 days for meritorious reasons |
| BSP escalation | After using the institution’s own complaint process or when there is inaction |
| NBI or PNP investigation | Initial intake may be quick, but full investigation and prosecution can take months or longer |
| Criminal case | Often lengthy, especially if identities, platforms, or cross-border transfers are involved |
| Court filing fees | Depend on the type of case; criminal complaints do not work the same way as civil money claims |
Common bottlenecks include:
- The money was withdrawn or transferred before the report.
- The scammer used a mule account.
- The account was opened with fake or stolen identity documents.
- The victim has only cropped screenshots and no reference number.
- The victim reported to police but not to the bank or e-wallet.
- The scam involved crypto, foreign platforms, or unregulated payment channels.
- The victim sent money voluntarily due to deception, making the bank’s review more fact-sensitive.
- The victim gave OTPs, passwords, or remote access, requiring a deeper review of account compromise and safeguards.
Common scenarios and what to do
Fake seller or marketplace scam
This usually involves a seller who accepts payment through bank transfer, e-wallet, or QR code, then blocks the buyer or never ships the item.
Your strongest evidence usually includes:
- listing screenshot
- seller profile
- chat history
- payment instructions
- transaction receipt
- delivery promise
- proof that the seller blocked you or reused the same listing
Report both to your payment provider and the platform where the seller operated. The platform report helps preserve the account and listing details, while the bank or e-wallet report helps trace the funds.
Phishing link or fake bank message
This happens when a scammer impersonates a bank, e-wallet, delivery service, government office, or employer to obtain OTPs, passwords, or account access.
Preserve:
- the SMS or email
- sender number or email address
- link or URL
- screenshots of the fake page
- unauthorized transaction records
- device login alerts
- password reset emails
Tell the bank or e-wallet whether you clicked a link, entered credentials, gave an OTP, installed an app, or allowed remote access. These details may feel embarrassing, but they are necessary for proper fraud classification.
Bogus investment or crypto scam
Investment scams often involve “guaranteed profits,” fake dashboards, romance manipulation, group chats, or small early withdrawals followed by larger deposits.
Preserve:
- all deposit receipts
- wallet addresses or bank accounts used
- screenshots of the investment dashboard
- group chat messages
- names of recruiters or uplines
- promised returns
- withdrawal denial messages
- instructions asking for “tax,” “unlocking fee,” or “verification fee”
Do not pay additional amounts to “release” your funds. That is a common second-stage scam.
Romance scam or emergency scam
These scams often involve emotional pressure: a supposed partner, foreign soldier, seafarer, doctor, investor, or friend asking for urgent money.
Preserve:
- identity used by the scammer
- photos and profiles
- chats showing the request for money
- payment receipts
- promises to repay
- any threats, blackmail, or coercion
If intimate images or threats are involved, preserve the evidence and report the coercion separately. Do not send more money to stop threats.
Money sent to a real person’s account
Sometimes the receiving account belongs to a real person who claims they are innocent. This may be a money mule situation. Under AFASA, money muling can include allowing one’s financial account to be used to receive or transfer proceeds of fraud, including lending, selling, renting, or opening accounts for that purpose. (Lawphil)
Do not assume the named recipient is the mastermind. Focus on preserving evidence, reporting the transaction, and letting the institution and investigators trace the flow of funds.
Special considerations for OFWs and foreigners
A Filipino abroad or a foreigner dealing with a Philippine bank, e-wallet, or scammer can still have remedies if the transaction involves a Philippine financial account, a Philippine-based institution, or damage connected to the Philippines. AFASA recognizes jurisdiction in situations involving Philippine accounts, devices, or elements of the offense connected to the Philippines. (Lawphil)
Practical issues include:
- time zone delays when calling bank hotlines
- need for a Philippine mobile number to access OTPs or app support
- difficulty visiting a branch
- identity verification for foreign passports
- appointment requirements for affidavits abroad
- need for a representative in the Philippines
If someone in the Philippines will act for you, the bank, e-wallet, police, or prosecutor may ask for a Special Power of Attorney. Documents signed abroad may need consular notarization or apostille, depending on the country and the intended use. The DFA’s apostille process generally applies to Philippine public documents for use abroad, while documents executed abroad follow the authentication rules of the place where they were signed and the receiving Philippine office’s requirements. (Apostille Philippines)
Documents checklist for fund recovery reports
| Document or evidence | Why it matters |
|---|---|
| Government ID | Proves identity of the complainant |
| Proof of account ownership | Shows you are the source account owner |
| Transaction receipt | Identifies amount, date, time, and reference number |
| Bank or e-wallet statement | Confirms the transaction from official records |
| Scam chat history | Shows deception, inducement, or impersonation |
| Seller profile, website, or social media page | Helps identify the scam channel |
| Phone numbers, emails, usernames, URLs | Helps investigators trace accounts |
| Screenshots of phishing links or fake pages | Supports cybercrime classification |
| Customer service ticket numbers | Shows when and how you reported |
| Police, CICC, PNP, or NBI reference numbers | Helps connect financial and criminal reports |
| Affidavit or sworn statement | Often needed for formal investigation or prosecution |
| Special Power of Attorney | Needed if a representative files or follows up for you |
Mistakes that reduce your chance of recovery
Waiting too long
Speed is critical. Even a few hours can matter because scam funds are often moved quickly through multiple accounts.
Reporting only to police, not to the bank or e-wallet
A police or NBI report is important, but it does not automatically trigger your bank or e-wallet’s internal fraud process. Report to the financial institution immediately.
Posting the scammer online before preserving evidence
Public warnings can help others, but posting too early may cause the scammer to delete accounts, chats, or pages. Preserve evidence first.
Sending more money to recover the first loss
Scammers often ask for “tax,” “processing fee,” “unlocking fee,” “anti-money laundering clearance,” or “verification deposit.” These are usually part of the same scam.
Trusting “recovery agents”
Be careful with people who claim they can recover your money for an upfront fee, hack the scammer, or access bank systems. Many victims are scammed a second time.
Giving OTPs or passwords during the complaint process
Banks, e-wallets, BSP, police, and legitimate government agencies should not ask for your OTP, password, MPIN, or full card security details. BSP consumer guidance specifically warns against sharing sensitive account information.
Filing a false or exaggerated report
AFASA penalizes malicious reporting, and the BSP rules require institutions to warn complainants about malicious disputed transaction reports. Stick to facts, attach proof, and clearly separate what you know from what you suspect. (Bureau of the Treasury)
Frequently Asked Questions
Can GCash, Maya, or my bank reverse a scam transfer?
They may be able to hold or return funds if the money is still traceable and the transaction meets the requirements under AFASA and BSP rules. But if the recipient already withdrew or moved the money, a simple reversal may no longer be possible. Your best chance is to report immediately with the reference number, amount, date, time, and receiving account details.
How fast should I report an online scam transaction?
Report within minutes if possible. Do not wait for the scammer to reply, ship the item, or “fix” the issue. The temporary holding process is time-sensitive because funds can be withdrawn or transferred quickly.
What if I willingly sent the money because I was tricked?
You may still report it. Many scams involve authorized transfers induced by deception, such as fake sellers, romance scams, job scams, or bogus investments. Explain clearly that you were deceived and provide the messages, listings, promises, or impersonation evidence that caused you to send the money.
Do I need a police report before reporting to the bank or e-wallet?
Usually, no. You should report to the bank or e-wallet first because they are the ones that can start transaction tracing and temporary holding procedures. A police, PNP-ACG, CICC, or NBI report can follow and may strengthen the case, especially for investigation and prosecution.
Can the bank or e-wallet give me the scammer’s full name and address?
Not always. Banks and e-wallets must follow privacy and account confidentiality rules. During coordinated verification under AFASA, secrecy and data privacy restrictions do not prevent institutions and authorities from exchanging necessary information for the process, but that does not mean all recipient details will be freely released to the victim. (Lawphil)
What if the scammer already withdrew the money?
Recovery becomes harder, but you should still file the report. The institution may trace whether the funds moved to another receiving institution. A cybercrime complaint may also help identify the account user, mule network, or related accounts. If the scammer is later identified, criminal restitution or civil recovery may still be possible.
Is an online scam considered estafa in the Philippines?
It can be. If the scammer used deceit, false pretenses, fake identity, fraudulent promises, or similar acts to make you send money, the facts may support estafa under Article 315 of the Revised Penal Code. If the scam was committed through digital systems, RA 10175 may also apply. (Lawphil)
Should I file with BSP, PNP, NBI, or CICC?
Use different channels for different purposes. Report first to your bank or e-wallet for fund tracing. Use BSP if the financial institution mishandles your complaint. Use CICC Hotline 1326, PNP-ACG, or NBI Cybercrime Division for cybercrime reporting and investigation.
Can I sue the scammer in small claims court?
If you know the scammer’s real identity and address, and your claim is a civil money claim within the small claims threshold, small claims may be an option. But small claims is not a substitute for urgent bank reporting or cybercrime investigation. It also does not work well when the scammer is anonymous, using a mule account, or outside the court’s practical reach.
Can OFWs or foreigners recover funds from a Philippine online scam?
Yes, it may be possible if the transaction involved a Philippine bank, e-wallet, account, platform, or offender within Philippine jurisdiction. The main practical challenge is documentation. You may need notarized or authenticated documents, a representative in the Philippines, and clear proof of account ownership and transaction details.
Key Takeaways
- Report the scam to your bank or e-wallet immediately and ask for a case reference number.
- Use the words disputed transaction, temporary holding, and coordinated verification when reporting.
- Preserve complete evidence: receipts, reference numbers, chats, profiles, URLs, phone numbers, and statements.
- AFASA allows temporary holding of disputed funds, generally up to 30 calendar days, with an initial holding period of up to 5 calendar days under BSP rules.
- A police, NBI, PNP-ACG, or CICC report helps with investigation, but it does not replace the urgent bank or e-wallet report.
- BSP escalation is mainly for complaints against financial institutions after using the institution’s own complaint process.
- Recovery is easiest when funds are still inside the bank or e-wallet system; it becomes harder after withdrawal, cash-out, crypto conversion, or multiple transfers.
- Do not send more money, share OTPs, or trust “recovery agents” who ask for upfront fees.