How to Report a Crypto Scam Group in the Philippines

I. Introduction

Cryptocurrency scams have become increasingly common in the Philippines, especially through Facebook groups, Telegram channels, Discord servers, Viber communities, fake investment platforms, dating applications, and messaging apps. These scams often promise guaranteed profits, daily returns, “double-your-money” offers, trading mentorship, fake mining packages, fake airdrops, or exclusive membership in a crypto investment group.

In the Philippine legal context, a crypto scam group may give rise to criminal, civil, administrative, and regulatory consequences. Victims may report the scam to law enforcement agencies, financial regulators, platform operators, cryptocurrency exchanges, and, where appropriate, prosecutors or courts.

This article explains what a crypto scam group is, what laws may apply, what evidence should be preserved, where to report, how to draft a complaint, and what remedies may be available under Philippine law.

II. What Is a Crypto Scam Group?

A crypto scam group is any organized group, online community, or network that uses cryptocurrency, digital wallets, trading platforms, or blockchain-related claims to deceive people into sending money, crypto assets, personal data, or account access.

Common forms include:

  1. Fake investment groups promising guaranteed crypto profits.
  2. Ponzi or pyramid schemes where payouts depend on recruiting new members.
  3. Fake trading groups showing fabricated screenshots of profits.
  4. Impersonation scams using the names of celebrities, government officials, legitimate exchanges, or licensed companies.
  5. Romance or relationship crypto scams, sometimes called “pig butchering,” where scammers build trust before asking the victim to invest.
  6. Fake exchange or wallet platforms that allow deposits but block withdrawals.
  7. Pump-and-dump groups that manipulate low-value tokens.
  8. Phishing groups that steal wallet seed phrases, passwords, OTPs, or private keys.
  9. Airdrop or giveaway scams requiring victims to send crypto first.
  10. Task-based crypto scams where victims are asked to deposit money to unlock commissions.

The scam may involve Philippine pesos, foreign currency, stablecoins, Bitcoin, Ethereum, tokens, NFTs, or funds transferred through banks, e-wallets, remittance centers, or crypto exchanges.

III. Philippine Laws That May Apply

A. Revised Penal Code: Estafa

The most common criminal offense in crypto scam cases is estafa under the Revised Penal Code. Estafa generally involves deceit, abuse of confidence, or fraudulent means that cause damage to another person.

A crypto scam may amount to estafa when the scammer uses false promises, fake credentials, manipulated investment results, or fraudulent representations to induce the victim to send money or cryptocurrency.

Examples include:

  • Promising guaranteed returns despite having no real investment operation.
  • Claiming to be a licensed trader or exchange when this is false.
  • Showing fake proof of profits.
  • Blocking withdrawals after funds are deposited.
  • Pretending that additional “taxes,” “unlocking fees,” or “verification fees” must be paid before release of funds.

Even if the asset involved is cryptocurrency rather than cash, the fraudulent taking of value may still be treated as a criminal offense because the victim suffered financial damage.

B. Cybercrime Prevention Act

If the scam was committed through the internet, social media, email, messaging apps, fake websites, online wallets, or electronic communications, the Cybercrime Prevention Act of 2012 may apply.

The law recognizes certain crimes committed through information and communications technology. In a crypto scam, traditional offenses such as estafa may become cyber-related when committed online. This may affect jurisdiction, investigation methods, penalties, and the agencies involved.

Examples of cyber-related conduct include:

  • Recruiting victims through Facebook, Telegram, or Discord.
  • Sending fraudulent investment links.
  • Operating a fake crypto trading website.
  • Using phishing pages to obtain login credentials.
  • Hacking or unauthorized access to wallets or accounts.
  • Using fake online identities to deceive victims.

C. Securities Regulation Code

A crypto scam group may also violate the Securities Regulation Code if it offers investment contracts or securities to the public without proper registration or authority.

In Philippine law, an “investment contract” may exist when people invest money in a common enterprise with the expectation of profits primarily from the efforts of others. Many crypto investment schemes fit this description, especially where members are promised passive income or guaranteed returns from the supposed trading, mining, staking, or arbitrage activities of the group.

Possible red flags include:

  • “Invest ₱5,000 and earn ₱500 daily.”
  • “Guaranteed 20% monthly return.”
  • “No need to trade; our experts will trade for you.”
  • “Referral bonuses for every recruit.”
  • “Your crypto will be locked for a fixed period and will earn automatically.”
  • “Only admins control the trading pool.”

Where the scheme involves securities or investment contracts, the Securities and Exchange Commission may investigate and issue advisories, cease-and-desist orders, revocation orders, or refer matters for criminal prosecution.

D. Financial Products and Services Consumer Protection

If the scam involves financial products, digital platforms, wallets, or entities that appear to be financial service providers, consumer protection rules may be relevant. Victims may report suspicious or abusive financial practices to the appropriate regulator, depending on the nature of the entity involved.

E. Anti-Money Laundering Rules

Crypto scams often involve money laundering because scammers attempt to hide the proceeds through multiple wallets, bank accounts, e-wallets, exchanges, remittance channels, or nominees.

The Anti-Money Laundering Council may become relevant when the proceeds of unlawful activity are moved, concealed, converted, or layered through financial systems. Victims generally do not directly prosecute money laundering cases themselves, but they may submit information to law enforcement and regulators that could assist in tracing funds.

F. Data Privacy Act

The Data Privacy Act of 2012 may apply if the scam group collected, exposed, sold, misused, or unlawfully processed personal information.

Examples include:

  • Requiring victims to submit IDs, selfies, addresses, or bank details.
  • Publishing victims’ personal information in group chats.
  • Using personal data for identity theft.
  • Selling or sharing KYC documents with other scammers.
  • Creating fake accounts using victims’ names or photos.

Victims may consider reporting privacy-related violations to the National Privacy Commission.

IV. Who May Be Liable?

Potentially liable persons may include:

  1. Group administrators who created, managed, promoted, or controlled the scam group.
  2. Recruiters or uplines who knowingly induced victims to invest.
  3. Fake traders or fund managers who controlled pooled funds.
  4. Persons receiving funds through bank accounts, e-wallets, crypto wallets, or remittance channels.
  5. Owners of fake websites or platforms used in the scam.
  6. Impersonators using fake identities or stolen photos.
  7. Accomplices who helped launder or transfer the proceeds.

Liability depends on proof of participation, knowledge, conspiracy, benefit, control, and fraudulent intent. A person is not automatically criminally liable merely because they were a member of a group. However, active promotion, recruitment, receipt of funds, concealment, and continued participation despite knowledge of fraud may become legally significant.

V. Immediate Steps for Victims

A victim should act quickly. Crypto transfers are often difficult to reverse, and scammers may delete messages, deactivate accounts, or move assets across wallets.

1. Stop Sending Money

Do not pay additional “withdrawal fees,” “tax clearance fees,” “gas fees,” “account verification fees,” or “anti-money laundering clearance charges” demanded by the scam group. These are often secondary scams designed to extract more money.

2. Preserve Evidence

Take screenshots and save copies of:

  • Group name and link.
  • Admin names, usernames, phone numbers, and profile links.
  • Chat conversations.
  • Investment promises.
  • Payment instructions.
  • Wallet addresses.
  • Bank account numbers.
  • E-wallet numbers.
  • Receipts and transaction confirmations.
  • Crypto transaction hashes.
  • Fake certificates, permits, or licenses.
  • Website URLs.
  • Emails and SMS messages.
  • Voice notes, videos, and livestreams.
  • Names of other victims or witnesses.

Screenshots should show dates, timestamps, usernames, and complete conversation context whenever possible.

3. Do Not Delete Chats

Even if the messages are painful or embarrassing, preserve them. Deleted chats may weaken the complaint.

4. Record the Transaction Trail

Prepare a timeline showing:

  • When the victim joined the group.
  • Who invited the victim.
  • What promises were made.
  • How much was sent.
  • Where the funds were sent.
  • What happened after the payment.
  • When withdrawal was denied.
  • What excuses were given.
  • When the group disappeared or blocked the victim.

5. Contact the Bank, E-Wallet, or Exchange

If the payment was made through a bank, e-wallet, remittance service, or crypto exchange, immediately report the transaction as fraudulent. Ask whether the account can be frozen, flagged, or investigated.

For crypto transactions, provide the transaction hash and receiving wallet address. While blockchain transactions are usually irreversible, exchanges may be able to flag wallet addresses if they are associated with accounts on their platform.

VI. Where to Report a Crypto Scam Group in the Philippines

A. Philippine National Police Anti-Cybercrime Group

Victims may report online crypto scams to the PNP Anti-Cybercrime Group. This is appropriate when the scam involved social media, messaging apps, fake websites, phishing, online impersonation, hacking, or internet-based fraud.

A complaint may include:

  • A sworn statement or affidavit.
  • Screenshots of conversations.
  • Proof of payment.
  • Identity documents.
  • Links to the scam group.
  • Names and usernames of suspects.
  • Wallet addresses and transaction hashes.

B. National Bureau of Investigation Cybercrime Division

Victims may also report to the NBI Cybercrime Division, especially where the fraud is complex, organized, involves multiple victims, or includes impersonation, phishing, hacking, or large financial losses.

The NBI may assist in cybercrime investigation, digital evidence handling, and possible referral for prosecution.

C. Securities and Exchange Commission

If the crypto scam group solicited investments from the public, promised profits, operated a pooling scheme, or appeared to sell investment contracts without registration, victims may report the matter to the Securities and Exchange Commission.

The SEC is especially relevant where the group:

  • Claims to be an investment company.
  • Offers guaranteed or passive income.
  • Solicits money from the public.
  • Uses referral commissions.
  • Claims SEC registration as proof of authority to sell investments.
  • Misuses a corporate registration number.
  • Operates as an unregistered investment scheme.

A key point: SEC company registration, by itself, does not automatically authorize a company to solicit investments from the public.

D. Bangko Sentral ng Pilipinas

The Bangko Sentral ng Pilipinas may be relevant if the scam involves regulated financial institutions, e-money issuers, payment systems, or virtual asset service providers. A victim may report suspicious activity involving regulated entities, especially if a platform is falsely claiming to be licensed or is misusing the name of a regulated institution.

E. National Privacy Commission

A report to the National Privacy Commission may be appropriate if the scam involved misuse of personal data, identity theft, unauthorized publication of personal information, or unlawful collection of IDs and sensitive information.

F. Platform Reports

Victims should also report the group directly to the platform used by the scammers, such as Facebook, Telegram, Discord, TikTok, Instagram, YouTube, X, Viber, WhatsApp, or the hosting provider of a fake website.

This does not replace a police or regulatory complaint, but it may help prevent further victimization.

G. Cryptocurrency Exchanges

If the receiving wallet is connected to a known exchange, the victim should report the wallet address and transaction hash to that exchange. Exchanges may request a police report, affidavit, or proof of ownership of the sending wallet.

VII. Evidence Checklist

A strong complaint should include the following:

Personal Documents

  • Valid government ID of the complainant.
  • Contact details.
  • Address.
  • Affidavit or sworn statement.

Scam Group Details

  • Name of the group.
  • Platform used.
  • Group URL or invite link.
  • Date joined.
  • Number of members, if visible.
  • Names or usernames of admins.
  • Screenshots of group rules, announcements, and promotions.

Suspect Details

  • Full names, if known.
  • Usernames and profile links.
  • Phone numbers.
  • Email addresses.
  • Bank account names and numbers.
  • E-wallet account names and numbers.
  • Crypto wallet addresses.
  • Photos or videos used by the suspects.
  • Referral codes or user IDs.

Transaction Evidence

  • Bank deposit slips.
  • Online transfer receipts.
  • GCash, Maya, or e-wallet receipts.
  • Remittance receipts.
  • Crypto transaction hashes.
  • Wallet screenshots.
  • Exchange withdrawal confirmations.
  • QR codes used for payment.
  • Amounts sent and dates.

Representations Made

  • Promises of returns.
  • Investment packages.
  • Fake licenses or certificates.
  • Testimonials.
  • Profit screenshots.
  • Withdrawal policies.
  • Referral commission charts.
  • Statements that the investment was “risk-free” or “guaranteed.”

Damage Evidence

  • Total amount lost.
  • Additional fees paid.
  • Borrowed funds or loans used.
  • Emotional or reputational harm, if relevant.
  • Other victims’ statements, if available.

VIII. How to Prepare a Complaint-Affidavit

A complaint-affidavit should be clear, chronological, and evidence-based. It should avoid exaggeration and focus on facts.

A basic structure may include:

  1. Personal information of the complainant.
  2. How the complainant discovered the crypto group.
  3. Who invited or persuaded the complainant.
  4. What representations were made.
  5. Why the complainant believed those representations.
  6. How much money or crypto was sent.
  7. Where the funds were sent.
  8. What happened after payment.
  9. How the complainant discovered the scam.
  10. What evidence is attached.
  11. Request for investigation and prosecution.

Sample Complaint-Affidavit Language

“I joined the online group known as [name of group] on or about [date] through [platform]. The group was administered by persons using the names/usernames [names/usernames]. The administrators represented that members could earn [promised return] by investing in their crypto trading program. They posted screenshots of alleged profits, testimonials, and instructions for payment.

Relying on these representations, I transferred the amount of [amount] on [date] to [bank/e-wallet/crypto wallet details]. Copies of the transaction receipts are attached. After I sent the funds, I was informed that my investment had earned profits, but when I attempted to withdraw, the administrators required me to pay additional fees. Despite my payments and repeated follow-ups, no withdrawal was released. Eventually, I was blocked from the group and the administrators stopped responding.

I later discovered that the representations made to me were false and that other members had also been unable to withdraw their funds. I am executing this affidavit to request investigation and the filing of appropriate charges for estafa, cybercrime-related offenses, securities violations, and other offenses as may be warranted by the evidence.”

IX. Reporting to the SEC: What to Emphasize

When reporting to the SEC, the complaint should focus on the investment-solicitation aspect. The key issue is often whether the group was offering securities or investment contracts to the public without authority.

Important facts to include:

  • The group solicited money from the public.
  • The scheme promised profits.
  • Members did not control the supposed trading or investment activity.
  • Profits depended on the efforts of admins, traders, bots, or the company.
  • There were referral bonuses or recruitment incentives.
  • The group claimed legitimacy using corporate registration, fake certificates, or misleading documents.
  • The group used social media or messaging apps to invite investors.

Victims should attach screenshots of promotional materials, investment packages, return schedules, referral systems, and admin announcements.

X. Reporting to Law Enforcement: What to Emphasize

When reporting to the PNP or NBI, the complaint should focus on deception, identity of suspects, digital evidence, and financial loss.

Important facts to include:

  • The specific false statements made.
  • Who made the statements.
  • When and where they were made.
  • How the victim relied on them.
  • The amount sent.
  • The receiving accounts or wallets.
  • The failure or refusal to return funds.
  • The suspects’ disappearance, blocking, or deletion of accounts.
  • Any continuing attempts to demand more money.

Law enforcement may ask for original devices, screenshots, exported chats, URLs, account links, and receipts. Victims should preserve the phone or computer used in the communications.

XI. Common Defenses Raised by Scammers

Scammers or promoters may attempt to avoid liability by saying:

  1. “Crypto is risky; you accepted the risk.”
  2. “The market crashed.”
  3. “We are only a community, not an investment company.”
  4. “The victim voluntarily sent the money.”
  5. “The admin account was hacked.”
  6. “Withdrawals are delayed because of taxes or compliance.”
  7. “The complainant violated platform rules.”
  8. “The investment will be released after another payment.”
  9. “The company is SEC-registered.”
  10. “The recruiter was also a victim.”

These defenses do not automatically defeat a complaint. The central issue is whether there was fraud, misrepresentation, unauthorized investment solicitation, conspiracy, or unlawful taking of value.

A person may still be liable even if crypto investments are generally risky, because investment risk is different from fraud. Risk involves uncertainty in a legitimate transaction. Fraud involves deception from the beginning or dishonest conduct during the transaction.

XII. Red Flags of a Crypto Scam Group

A crypto group should be treated with caution when it shows any of the following signs:

  • Guaranteed profits.
  • Unrealistically high returns.
  • Pressure to invest immediately.
  • Referral commissions.
  • Anonymous admins.
  • No verifiable office or registration.
  • Use of fake celebrity endorsements.
  • Claims of “BSP-approved” or “SEC-approved” without proof.
  • Refusal to disclose company officers.
  • No written contract.
  • No clear risk disclosure.
  • Requirement to send funds to personal accounts.
  • Requirement to pay more money before withdrawal.
  • Fake countdown timers or limited slots.
  • Members discouraged from asking questions.
  • Critics removed or blocked.
  • Admins using multiple aliases.
  • Poorly written certificates or permits.
  • Website recently created or lacking legal disclosures.
  • Promises that losses are impossible.

XIII. Can Victims Recover Their Money?

Recovery is possible but not guaranteed. The chance of recovery depends on how quickly the victim acts, whether the receiving accounts can be identified, whether funds remain in those accounts, whether exchanges or banks can freeze assets, and whether suspects can be located.

Possible recovery routes include:

  1. Bank or e-wallet freezing, if funds are still traceable.
  2. Exchange cooperation, if crypto reached a centralized exchange.
  3. Criminal restitution, if ordered in connection with a criminal case.
  4. Civil action for damages, if suspects are identifiable and have assets.
  5. Settlement, though victims should be cautious of fake settlement promises.
  6. Regulatory enforcement, where authorities are able to preserve or recover assets.

Victims should be wary of “recovery agents” who claim they can retrieve stolen crypto for an upfront fee. Many of these are secondary scams.

XIV. Civil Remedies

Apart from criminal complaints, victims may consider civil remedies, such as:

  • Recovery of sum of money.
  • Damages for fraud.
  • Attachment or freezing of assets, where legally available.
  • Claims against identifiable persons who received or benefited from the funds.

A civil action may be useful when the identities of the scammers are known and they have assets that can be pursued. Legal counsel should be consulted to evaluate cost, venue, evidence, and strategy.

XV. Class or Group Complaints

Where many victims were affected by the same crypto scam group, coordinated reporting may be helpful. Victims may organize evidence, prepare individual affidavits, and submit a consolidated complaint or coordinated reports.

However, each victim should still document their own transaction, reliance, and loss. A group chat of victims may be helpful, but it should be managed carefully to avoid spreading unverified claims or defamatory statements.

A coordinated complaint is stronger when it includes:

  • A list of victims.
  • Individual affidavits.
  • Common scam materials.
  • Shared admin identities.
  • Common wallet addresses or bank accounts.
  • A master timeline.
  • Total estimated losses.
  • Evidence that the scheme operated publicly.

XVI. Defamation and Responsible Public Warnings

Victims often want to warn others online. While public warnings may help prevent further harm, victims should be careful with wording.

Safer phrasing includes:

  • “I have filed a complaint regarding this group.”
  • “I was unable to withdraw funds after sending money.”
  • “This group promised returns and later demanded additional fees.”
  • “I advise others to verify registration and authority before investing.”
  • “I am sharing my experience and evidence.”

Riskier phrasing includes unsupported accusations against private individuals without evidence. Victims should avoid posting personal addresses, family details, private IDs, or threats. Public warnings should be factual, evidence-based, and limited to what the victim can prove.

XVII. Special Issues in Crypto Evidence

Crypto evidence can be technical. Victims should preserve:

  • Wallet addresses.
  • Transaction hashes.
  • Blockchain network used.
  • Token name and contract address.
  • Exchange account records.
  • Screenshots of deposits and withdrawals.
  • Dates and times of transfers.
  • Conversion values at the time of transfer.

A transaction hash can show that a crypto transfer occurred, but it does not always prove who controls the receiving wallet. Additional evidence is needed to connect a wallet to a suspect, such as payment instructions, admissions, exchange records, KYC information, or repeated use of the same wallet by the scam group.

XVIII. What Not to Do

Victims should avoid the following:

  1. Do not pay additional fees to “unlock” funds.
  2. Do not hire recovery agents without verification.
  3. Do not threaten suspects.
  4. Do not hack accounts or wallets.
  5. Do not impersonate law enforcement.
  6. Do not destroy or edit evidence.
  7. Do not submit fake screenshots.
  8. Do not exaggerate the amount lost.
  9. Do not share private data of other victims without consent.
  10. Do not assume that a platform report is enough.

The proper approach is to preserve evidence, report quickly, and coordinate with legitimate authorities.

XIX. Preventive Measures

To avoid crypto scams, the public should observe the following:

  • Verify whether the entity is authorized to solicit investments.
  • Do not rely on corporate registration alone.
  • Be suspicious of guaranteed returns.
  • Avoid sending funds to personal accounts.
  • Do not disclose seed phrases or private keys.
  • Use reputable exchanges and wallets.
  • Enable two-factor authentication.
  • Confirm website URLs carefully.
  • Avoid investment decisions based on group pressure.
  • Consult a qualified professional before investing large amounts.
  • Remember that legitimate investments disclose risks.

XX. Practical Reporting Template

A victim may use the following outline when preparing a report:

Subject: Complaint for Crypto Investment Scam / Online Fraud

Complainant: Name: Address: Contact Number: Email:

Platform Used: Facebook / Telegram / Discord / Viber / Website / Other:

Name of Scam Group: Group URL or Link:

Persons Involved: Names / Usernames / Profile Links / Phone Numbers:

Summary of Incident: I was invited to join the group on [date]. The group represented that members could earn [returns] by investing in [crypto trading/mining/staking/etc.]. I relied on these representations and sent [amount] to [account/wallet] on [date]. After payment, I was unable to withdraw my funds. The admins demanded additional payments / blocked me / deleted the group / stopped responding.

Amount Lost: ₱ / USDT / BTC / ETH / Other:

Transaction Details: Date: Amount: Mode of Transfer: Receiving Account or Wallet: Transaction Hash:

Evidence Attached: Screenshots, receipts, chat logs, group links, wallet addresses, IDs, and other supporting documents.

Request: I respectfully request investigation and the filing of appropriate criminal, civil, administrative, and regulatory actions against the persons responsible.

XXI. Conclusion

Reporting a crypto scam group in the Philippines requires speed, documentation, and proper filing with the correct authorities. Victims should preserve all digital evidence, prepare a clear timeline, identify the accounts and wallets involved, and report the matter to law enforcement and relevant regulators.

A crypto scam may involve estafa, cybercrime, unauthorized investment solicitation, money laundering, data privacy violations, and other offenses depending on the facts. While recovery of funds is not always guaranteed, prompt reporting increases the chances of tracing accounts, identifying suspects, preventing further victimization, and supporting prosecution.

The most important rule is simple: do not send more money, preserve all evidence, and report immediately.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login