If you found a fake shopping site, a phishing page pretending to be a bank or government agency, or an “investment platform” that took your money, treat it as both a cybercrime report and a damage-control problem. In the Philippines, the fastest path is usually: preserve evidence, report the website to the proper cybercrime channel, notify your bank or e-wallet immediately, and escalate to the correct regulator depending on the type of scam. This guide explains where to report a scam website in the Philippines, what evidence to prepare, what laws may apply, and what usually happens after you file a complaint.
What Counts as a Scam Website in the Philippines?
A scam website is any website, landing page, online store, payment page, investment portal, login page, or fake “verification” page used to deceive people into giving money, account access, personal information, or financial details.
Common examples include:
- Fake bank, GCash, Maya, Shopee, Lazada, SSS, PhilHealth, BIR, DFA, or PSA login pages
- Online stores that accept payment but never deliver
- Fake courier or delivery fee pages
- Fake job recruitment pages asking for “processing fees”
- Fake investment, crypto, forex, casino, or “tasking” platforms
- Romance or “pig-butchering” websites where the victim is slowly pushed to invest
- Fake charity, donation, or government ayuda pages
- Websites collecting IDs, selfies, OTPs, passwords, MPINs, or card details
A scam website can involve several offenses at once. For example, a fake bank login page may involve computer-related identity theft, computer-related fraud, estafa, phishing, financial account scamming, and violations of data privacy or consumer protection laws.
First Things to Do Before Reporting
Act quickly, but do not destroy evidence. Scam websites often disappear within hours or days.
Stop logging in or sending more information. Do not enter another OTP, password, MPIN, recovery code, or ID photo.
Take screenshots immediately. Capture the full website URL, homepage, product or investment page, payment instructions, chat messages, fake receipts, and any countdown timers or urgent demands.
Copy the exact website address. Save the full URL, not just the domain. For example, save
https://example.com/login/verify-gcash-account, not onlyexample.com.Preserve payment records. Keep bank transfer receipts, e-wallet reference numbers, QR codes, account names, account numbers, crypto wallet addresses, and screenshots of confirmation pages.
Change passwords from a clean device. If you typed your password or MPIN into the scam site, change it using the official app or official website only.
Call your bank, e-wallet, or card issuer immediately. Ask them to block the account, freeze suspicious transactions if possible, replace compromised cards, and open a fraud ticket.
Do not publicly post sensitive evidence. You may warn others, but do not upload your full ID, account number, OTP screenshots, home address, or unblurred bank details.
Where to Report a Scam Website in the Philippines
There is no single office for every scam. The correct office depends on what happened.
| Situation | Where to Report | Why |
|---|---|---|
| Phishing site, fake login page, hacked account, online fraud | CICC Hotline 1326, PNP Anti-Cybercrime Group, or NBI Cybercrime Division | These are the main cybercrime reporting and law enforcement channels |
| You lost money through a bank or e-wallet | Your bank/e-wallet first, then BSP if unresolved | The financial institution must act quickly on fraud reports |
| Fake online seller or deceptive online store | DTI Consumer Care / DTI Fair Trade channels | DTI handles consumer complaints involving online sellers and internet transactions |
| Fake investment, crypto, lending, forex, or securities scheme | SEC Philippines | SEC handles unauthorized investment solicitation and securities-related scams |
| Your personal data, ID, selfie, or account details were misused | National Privacy Commission | NPC handles privacy violations and personal data breach complaints |
| The website uses a domain, hosting provider, social media page, or search result | Report to the platform, registrar, host, browser, or search engine | This can help remove or flag the site faster |
Reporting to the CICC Hotline 1326
For urgent scam reports, many victims now start with the Cybercrime Investigation and Coordinating Center (CICC) through the 1326 anti-scam and cybercrime hotline. The CICC was created under the Cybercrime Prevention Act of 2012 as the inter-agency body that coordinates cybercrime prevention and response.
Use this route when:
- The website is still active
- You were tricked into sending money
- The scam involves phishing, text messages, email, fake ads, or social media links
- You need quick guidance on which agency should handle the report
- Other people may still be at risk
Prepare these details before calling or reporting:
- Full scam website URL
- Date and time you accessed it
- How you found it: SMS, Facebook ad, Google search, email, Telegram, WhatsApp, TikTok, etc.
- Name used by the scammer or website
- Amount lost, if any
- Payment method used
- Account name, account number, mobile wallet number, or crypto wallet used by the scammer
- Screenshots and transaction receipts
For practical purposes, the 1326 report is often a first-response report. If money was lost or a criminal case must be built, you may still need to file a formal complaint with the PNP Anti-Cybercrime Group or NBI Cybercrime Division.
Reporting to the PNP Anti-Cybercrime Group
The Philippine National Police Anti-Cybercrime Group (PNP-ACG) investigates cybercrime complaints, including online scams, phishing, identity theft, and fraudulent websites. Under Section 10 of RA 10175, the NBI and PNP are the law enforcement authorities responsible for enforcing the Cybercrime Prevention Act.
Report to PNP-ACG when:
- You need a police cybercrime complaint
- The scammer is still communicating with you
- You have identifying details such as phone numbers, bank accounts, addresses, names, or social media profiles
- You need assistance preserving digital evidence
- You may later need a police report for your bank, e-wallet, insurer, employer, or foreign authority
Typical evidence to prepare:
- Government-issued ID
- Written timeline of events
- Screenshots of the scam website
- Screenshots of chats, emails, SMS, or calls
- Transaction receipts
- Bank or e-wallet fraud ticket number
- Links to social media ads or pages connected to the website
- Device used, browser used, and approximate date/time of access
- Any suspect names, account names, phone numbers, or email addresses
In practice, bring both printed copies and digital copies. Investigators may ask for the original device for viewing or forensic handling if the case requires it.
Reporting to the NBI Cybercrime Division
The National Bureau of Investigation Cybercrime Division (NBI-CCD) also handles cybercrime complaints. The NBI Citizen’s Charter for investigative assistance for victims of computer crimes states that the service is available to the general public, involves filing a complaint at the Cybercrime Division, a preliminary interview, sworn statements or affidavits, and submission of supporting documents. The NBI’s posted process lists no filing fee for that assistance and shows an initial front-desk/interview process, but the actual investigation can take much longer depending on the complexity of the case.
Report to the NBI when:
- The scam appears organized or large-scale
- Several victims are involved
- The website impersonates a company, government office, or financial institution
- The scam involves foreign nationals, offshore operators, crypto wallets, or multiple money mule accounts
- You want an investigation by a national law enforcement agency
Useful official reference: NBI Investigative Assistance for Victims of Computer Crimes
What a Sworn Complaint-Affidavit Should Contain
For a formal complaint, you may be asked to execute a sworn statement or complaint-affidavit. “Sworn” means you sign it under oath before a notary public, prosecutor, or authorized officer.
A practical complaint-affidavit should include:
- Your full name, address, contact number, and email
- A statement that you are the complainant/victim
- The exact scam website URL
- The date and time you first saw or used the website
- How the scammer contacted you
- What representations were made
- What information or money you gave
- The exact amount lost
- The account, wallet, QR code, or payment channel used
- A list of attached screenshots, receipts, and documents
- A request for investigation and appropriate action
Keep the narration chronological. Investigators and prosecutors need a clear timeline.
Report the Transaction to Your Bank or E-Wallet Immediately
If money was transferred, do this before anything else:
- Call the official hotline of your bank, e-wallet, or card issuer.
- Report the transaction as fraud or scam-related.
- Ask for your account to be secured.
- Ask whether a hold, recall, chargeback, dispute, or fraud investigation is possible.
- Request a case number.
- Send supporting documents through official channels only.
Under the Anti-Financial Account Scamming Act (RA 12010, 2024), Philippine law now specifically penalizes money muling and social engineering schemes involving financial accounts. A “money mule” is a person who uses, lends, sells, rents, or allows the use of a financial account to receive or move proceeds of scams. RA 12010 also allows covered financial institutions to temporarily hold funds subject of a disputed transaction under conditions set by the BSP, generally not exceeding 30 calendar days unless extended by a court.
This is why speed matters. Once funds move through several mule accounts, cash withdrawals, crypto conversion, or overseas transfers, recovery becomes much harder.
If your bank or e-wallet does not resolve the complaint, you may escalate to the Bangko Sentral ng Pilipinas (BSP) through its Consumer Assistance Mechanism. BSP instructs consumers to use the BSP Online Buddy (BOB) or submit the required form and supporting documents by email. Useful official reference: BSP Consumer Assistance Channels
Report Fake Online Sellers to DTI
If the scam website is an online store, seller page, or e-commerce transaction, report it to the Department of Trade and Industry (DTI).
The Internet Transactions Act of 2023 (RA 11967) applies to many business-to-consumer internet transactions where one party is in the Philippines or the online merchant, e-retailer, or digital platform is availing of the Philippine market. It created an E-Commerce Bureau under DTI and gives DTI authority over e-commerce matters, including receiving and referring complaints, issuing compliance orders, and in certain cases issuing takedown orders.
DTI’s own e-commerce FAQ says consumer complaints against online sellers may be sent to the DTI Fair Trade Enforcement Bureau at fteb@dti.gov.ph, with eco@dti.gov.ph copied. Useful official reference: DTI E-Commerce FAQs
When DTI Is Useful
DTI is useful when the issue is:
- Non-delivery after payment
- Fake or misleading product listing
- Counterfeit goods
- Refusal to refund
- Online seller hiding business details
- Platform or marketplace complaint
- Seller pretending to be a legitimate merchant
When DTI May Not Be Enough
If the “seller” is not really a business and the entire website is a criminal phishing or fraud operation, DTI may refer or advise reporting to cybercrime authorities. For criminal investigation, go to PNP-ACG, NBI-CCD, or CICC.
Report Investment Scam Websites to the SEC
If the website asks people to “invest,” “trade,” “stake,” “mine,” “double money,” join a crypto pool, buy packages, recruit others, or earn guaranteed returns, report it to the Securities and Exchange Commission (SEC Philippines).
The SEC is the proper regulator for many unauthorized investment solicitation schemes, especially where a person or group offers returns to the public without the required registration or license.
Red flags include:
- Guaranteed daily, weekly, or monthly returns
- “No risk” investment promises
- Referral commissions or recruitment bonuses
- Crypto trading platforms that do not allow withdrawals
- Fake SEC certificates or edited registration documents
- Claims that “SEC registration” alone means authority to solicit investments
- Use of celebrities, lawyers, pastors, influencers, or fake news articles for credibility
Important distinction: SEC company registration is not the same as authority to solicit investments from the public. A corporation may be registered as a company but still be unauthorized to sell securities or investment contracts.
You can submit concerns through the SEC’s official ticketing platform: SEC i-Message
Report Privacy and Identity Misuse to the National Privacy Commission
If the scam website collected or misused your personal information, you may also report to the National Privacy Commission (NPC).
This is especially relevant if you submitted:
- Passport
- Driver’s license
- National ID
- UMID
- TIN ID
- Selfie holding an ID
- Signature specimen
- Bank statement
- Credit card photo
- Address and birthday
- Account credentials
- OTPs or recovery codes
The Data Privacy Act of 2012 (RA 10173) protects personal information and sensitive personal information. NPC complaint rules generally require a complaint in the proper format, and the NPC mechanics mention a filled-out and notarized complaint form for formal complaints. Useful official references: NPC Mechanics for Complaints and NPC Filing a Complaint
Report to NPC when the issue is not only loss of money but also:
- Identity theft
- Unauthorized use of your ID
- Fake account created using your details
- Threats to expose your personal information
- Misuse of your photos or documents
- A company’s failure to secure your personal data
Legal Bases Commonly Involved in Scam Website Cases
Cybercrime Prevention Act of 2012 — RA 10175
RA 10175 is the main cybercrime law. Scam websites may involve:
- Computer-related fraud — fraud through unauthorized input, alteration, deletion, or interference with computer data or systems
- Computer-related identity theft — acquiring or using another person’s identifying information without right
- Computer-related forgery — creating or using inauthentic computer data for fraudulent purposes
- Cyber-squatting — bad-faith acquisition of a domain name to mislead, profit, destroy reputation, or deprive another of registration
- Other crimes committed through information and communications technology
The law also states that crimes under the Revised Penal Code and special laws, if committed through ICT, may be covered by RA 10175 with higher penalties where applicable.
Useful official reference: RA 10175 — Cybercrime Prevention Act of 2012
Estafa Under Article 315 of the Revised Penal Code
Many scam website cases are also treated as estafa, or swindling, under Article 315 of the Revised Penal Code. In simple terms, estafa involves defrauding another person through deceit, abuse of confidence, false pretenses, or fraudulent acts, causing damage.
A fake website that promises delivery, investment returns, employment, loan approval, or account verification may support an estafa complaint if the facts show deceit and financial damage.
Anti-Financial Account Scamming Act — RA 12010
RA 12010 is important when a scam uses bank accounts, e-wallets, payment accounts, or money mules. It penalizes money muling and social engineering schemes, and it gives regulators and covered institutions stronger tools to respond to disputed transactions.
Useful official reference: RA 12010 — Anti-Financial Account Scamming Act
Internet Transactions Act of 2023 — RA 11967
RA 11967 is important for online shopping, e-commerce platforms, digital marketplaces, and online merchants. It strengthens consumer protection in internet transactions and gives DTI authority to handle e-commerce complaints and certain takedown-related actions.
Useful official reference: RA 11967 — Internet Transactions Act of 2023
Supreme Court Guidance in Disini v. Secretary of Justice
In Disini v. Secretary of Justice, G.R. No. 203335, the Supreme Court reviewed the constitutionality of RA 10175 and upheld many parts of the cybercrime law while striking down certain provisions. For scam website cases, the decision matters because it confirms that cybercrime enforcement must still respect constitutional rights, due process, and privacy.
Useful official reference: Disini v. Secretary of Justice
How to Preserve Evidence Properly
Good evidence can make the difference between a report that goes nowhere and a complaint that investigators can act on.
Save These Items
- Full website URL
- Domain name
- Screenshots of every relevant page
- Date and time of screenshots
- Chat logs
- Email headers, if available
- SMS sender name or number
- Social media profile links
- Advertisement links
- Payment receipts
- Bank or e-wallet reference numbers
- QR codes used for payment
- Account name and account number of recipient
- Courier tracking numbers, if any
- Fake permits, certificates, IDs, invoices, or receipts
- Names of other victims, if they consent to be included
Screenshot Tips
When taking screenshots:
- Show the URL bar if possible
- Show the date and time on your device
- Capture the full page, not just one cropped section
- Save original files before editing or blurring
- Do not rename files in a confusing way
- Back up copies to cloud storage or an external drive
Do Not Do These
- Do not delete chats out of embarrassment
- Do not threaten the scammer
- Do not hack, deface, or “trace” the website yourself
- Do not send fake payments to test the scammer
- Do not pay a “recovery agent” who promises guaranteed refund
- Do not share OTPs with anyone claiming to help
How to Request Website Takedown or Warning
Law enforcement reports are important, but takedown often requires reporting to the companies that control the website’s visibility or infrastructure.
You can also report the scam website to:
- The social media platform where the ad or link appeared
- The domain registrar
- The web hosting provider
- Google Safe Browsing
- Microsoft Defender SmartScreen
- The impersonated company or government agency
- The marketplace, app store, or payment gateway involved
For phishing pages, use official browser reporting tools such as Google Safe Browsing Report Phishing Page and Microsoft Report an Unsafe Site. These reports can help browsers warn users before they open the page.
If the website impersonates a bank, e-wallet, telco, government agency, airline, delivery company, or online marketplace, report it to the real organization’s fraud or security channel. They may be able to request takedown faster because their trademark, brand, or customer systems are being abused.
What Usually Happens After You Report
The process depends on the agency and the quality of the evidence.
For CICC or Hotline Reports
You may receive guidance, a reference number, or referral to the correct agency. If the website is actively harming the public, the report may be routed for coordination with law enforcement or other partners.
For PNP or NBI Complaints
You may be interviewed. You may be asked to submit a sworn statement, evidence, and IDs. Investigators may evaluate whether the facts show a cybercrime, estafa, identity theft, or another offense. If enough information exists, the matter may proceed to case build-up and possible referral to the prosecutor.
For Bank or E-Wallet Fraud Reports
The institution may temporarily restrict your account, investigate the transaction, coordinate with the receiving institution, or ask for a police/NBI report. Recovery is not guaranteed, especially if the funds have already been withdrawn or transferred again.
For BSP Escalation
BSP generally expects that you first raised the issue with the bank or BSP-supervised financial institution. If unresolved, BSP may evaluate, respond, or refer the complaint to the institution involved through its Consumer Assistance Mechanism.
For DTI Complaints
For online seller disputes, DTI may require details of the seller, platform, transaction, proof of payment, and attempts to resolve the issue. Under RA 11967, an aggrieved party is generally expected to use the platform’s internal redress mechanism first; this is considered exhausted if unresolved after 7 calendar days.
For SEC Complaints
SEC may review whether the website or group is soliciting investments without authority. If warranted, SEC may issue advisories, cease-and-desist orders, or refer matters for enforcement action.
Common Problems Victims Face
“The scam website is already gone.”
Still report it. Provide screenshots, URLs, payment records, and the path you used to reach the site. Investigators may still trace related domains, accounts, phone numbers, ads, payment channels, or repeated scam patterns.
“The bank account name may be fake.”
Still include it. Money mule accounts often use real identities, stolen IDs, or recruited account holders. Under RA 12010, money muling itself may be punishable.
“The scammer is abroad.”
Philippine authorities can still receive the report if the victim, money account, computer system, damage, or part of the transaction is connected to the Philippines. RA 10175 recognizes jurisdiction where elements occur in the Philippines or where damage is caused to a person in the Philippines. Cross-border enforcement is harder, but a local report is still important.
“I am an OFW or foreigner outside the Philippines.”
You can still prepare the same evidence and report through online or remote channels where available. If a notarized affidavit is required from abroad, you may need notarization in your host country and, depending on use, an apostille or authentication. For filings in the Philippines, ask the receiving office what form of notarization or consular acknowledgment it will accept.
“The scammer is threatening to leak my ID or photos.”
Report both the financial scam and the privacy or harassment issue. Preserve the threats. Do not pay hush money. If intimate images or sexual extortion are involved, report urgently to cybercrime authorities because different and more serious laws may apply.
“Someone says they can recover my money for a fee.”
Be careful. Recovery scams are common. A legitimate bank, e-wallet, regulator, or law enforcement office will not guarantee recovery in exchange for a private upfront “processing fee.”
Practical Evidence Checklist
| Evidence | Why It Matters |
|---|---|
| Full scam URL | Identifies the exact website or page |
| Screenshots with date/time | Shows what the site displayed when you used it |
| Chat logs and emails | Shows deception, promises, threats, and instructions |
| Payment receipts | Proves amount, date, reference number, and recipient |
| Bank/e-wallet account details | Helps trace money flow |
| Phone numbers and email addresses | Helps link suspects or mule accounts |
| Social media ads and profiles | Shows how victims were recruited |
| Fake permits or certificates | Useful for SEC, DTI, or impersonation complaints |
| Your written timeline | Helps investigators understand the sequence |
| Bank/e-wallet fraud ticket | Shows you acted promptly to mitigate loss |
Frequently Asked Questions
Can I report a scam website even if I did not lose money?
Yes. If the website is phishing, impersonating a real institution, collecting IDs, or attempting to defraud the public, you can still report it. Attempted cybercrime, phishing infrastructure, fake login pages, and identity theft risks are serious even before money is lost.
Should I report first to the police, NBI, or my bank?
If money was transferred, report to your bank or e-wallet first because time matters for possible holds, blocking, or dispute handling. Then report to CICC, PNP-ACG, or NBI-CCD for cybercrime investigation.
Can I get my money back after reporting a scam website?
Sometimes, but not always. Recovery depends on how quickly you reported, whether the funds are still in the receiving account, whether the bank or e-wallet can hold or trace the transaction, and whether the scammer already withdrew or moved the money. File the fraud report immediately and keep the case number.
Do I need a lawyer to report a scam website?
For the initial report, usually no. Ordinary victims can report directly to CICC, PNP, NBI, DTI, SEC, BSP, NPC, banks, e-wallets, and platforms. A lawyer may become helpful if the amount is large, several victims are coordinating, an affidavit must be carefully drafted, or a criminal/civil case is being prepared.
Is a barangay blotter enough for an online scam?
Usually no. A barangay blotter may help document that you reported an incident, but scam websites and online fraud should be reported to cybercrime authorities, your bank/e-wallet, and the relevant regulator. Barangay conciliation is generally not designed for anonymous, online, cross-border, or technical cybercrime cases.
What if the scam website used a Philippine company name?
Check whether the company is real and whether the website is actually connected to it. Scammers often copy real business names, SEC registrations, DTI certificates, BIR forms, and permits. Report the impersonation to the real company and include it in your cybercrime complaint.
What if the website is still appearing in Google or Facebook ads?
Screenshot the ad, copy the ad link if available, and report it to the platform. Also include the ad in your complaint to cybercrime authorities. Scam ads are useful evidence because they show how victims were directed to the website.
Can foreigners report scam websites in the Philippines?
Yes. A foreigner who was scammed through a website connected to the Philippines, a Philippine bank or e-wallet, a Philippine-based suspect, or a Philippine-hosted operation may report to the appropriate Philippine agency. Foreign victims should keep passport/ID copies, transaction records, and communications, and may also report to their home country’s cybercrime or consumer protection agency.
What if I only have a phone number, not the scammer’s real name?
Report it anyway. Phone numbers, e-wallet numbers, bank accounts, email addresses, domain records, IP logs, and ad accounts can be useful starting points. Do not assume the visible name is the real suspect; many scams use mules, stolen identities, or fake profiles.
How long does a cybercrime complaint take?
Initial intake may be quick, but investigation can take weeks or months depending on evidence, platform cooperation, bank coordination, warrants, subpoenas, and whether the suspects are identifiable. Scam websites involving foreign hosting, crypto wallets, or multiple mule accounts usually take longer.
Key Takeaways
- Report a scam website quickly, but preserve evidence before it disappears.
- If money was sent, contact your bank, e-wallet, or card issuer immediately before filing longer reports.
- Use CICC 1326, PNP-ACG, or NBI-CCD for cybercrime reporting.
- Use DTI for online seller and e-commerce complaints, SEC for investment scams, BSP for unresolved bank/e-wallet complaints, and NPC for misuse of personal data.
- RA 10175, Article 315 of the Revised Penal Code, RA 12010, RA 11967, and RA 10173 may all be relevant depending on the facts.
- A strong report includes the exact URL, screenshots, timeline, payment proof, account details, chats, and any platform links connected to the scam.