How to Report a Scammer and Pursue Criminal Charges in the Philippines

1) What “scam” usually means under Philippine law

A “scam” is not always a single named crime. Prosecutors and investigators typically map the conduct to one or more offenses depending on the facts, the medium used (online/offline), and how money or property was taken.

Common criminal laws used against scammers

A. Revised Penal Code (RPC)

  • Estafa (Swindling) – Article 315 The workhorse charge for many scams: taking money/property through deceit, abuse of confidence, false pretenses, misrepresentation, or fraudulent acts. This covers many “buy-and-sell,” fake service, fake investment, and “reservation fee” schemes.
  • Other deceit-related offenses Depending on the act, prosecutors may also consider related provisions (e.g., falsification if documents/IDs were forged).

B. Special laws often paired with or used instead of RPC

  • Cybercrime Prevention Act of 2012 (RA 10175) If the scam was committed through a computer system, phone, internet, social media, messaging apps, email, websites, or digital platforms, charges may include:

    • Computer-related fraud (online deception to obtain money/property)
    • Computer-related identity theft (using another person’s identity/data)
    • Offenses committed via ICT as a qualifying circumstance for certain crimes (which can affect penalties and procedure)

  • E-Commerce Act (RA 8792) Often invoked for legal recognition and admissibility of electronic documents and transactions, and sometimes used in tandem with other charges.

  • Access Devices Regulation Act (RA 8484) Relevant for credit card fraud, skimming, misuse of access devices, and certain payment-instrument schemes.

  • Anti-Money Laundering Act (RA 9160, as amended) Can become relevant if the scam proceeds are laundered through financial channels; this is typically handled through financial-intelligence and law-enforcement coordination, not by a simple walk-in complaint alone.

  • Data Privacy Act (RA 10173) Relevant where the scam involves unlawful processing or misuse of personal information (doxxing, stolen identities, unauthorized data handling), usually alongside the main fraud case.

  • Batas Pambansa Blg. 22 (BP 22) Relevant if the scam involves bouncing checks (with specific elements and technical requirements).

Key point: A single scam incident can support multiple charges (e.g., Estafa + RA 10175 computer-related fraud + identity theft), but the final set depends on evidence and how the acts are proven.

2) First priority: stop the bleeding and preserve evidence (do this immediately)

A. Try to prevent further loss

  1. Stop all further payments.

  2. Notify your bank / e-wallet / remittance provider immediately and request:

    • transaction tracing,
    • account tagging/temporary hold if possible,
    • retrieval/chargeback options (availability depends on the rail used).

  3. Report the receiving account to the platform (marketplace, social media, e-wallet). Platforms may freeze or restrict accounts if policy violations are clear.

  4. If you shared sensitive data (OTP, passwords, card details), secure accounts:

    • change passwords,
    • revoke sessions,
    • enable MFA,
    • lock cards,
    • file SIM-related incident if SIM swap is suspected.

B. Preserve evidence the right way (so it holds up)

Scam cases often fail because victims have incomplete records or can’t authenticate digital evidence later. Aim for completeness + traceability.

Collect and store:

  • Full conversation logs (not just screenshots): export chats if the app allows.

  • Screenshots with visible:

    • the scammer’s handle/ID/number,
    • timestamps,
    • payment instructions,
    • promises/representations,
    • your payment confirmations and their acknowledgments.

  • Screen recordings scrolling through key messages (helps show continuity).

  • Payment artifacts:

    • bank transfer confirmations,
    • e-wallet transaction IDs,
    • remittance reference numbers,
    • receipts/invoices (even if fake),
    • QR codes used,
    • recipient account details.

  • Links/URLs, email headers (for phishing), website/domain details, ad screenshots.

  • Any identity documents they sent (often fake) and the context of how they were used to induce payment.

  • Names/phone numbers/accounts used, including alternate accounts.

Practical preservation tips:

  • Keep originals: don’t edit images; store raw files.
  • Back up to two locations (external drive + cloud).
  • Write a short incident timeline while fresh: dates, times, amounts, what was promised, and how you were induced to pay.

3) Where to report scams in the Philippines (criminal + administrative options)

You can report to law enforcement for criminal investigation and also file administrative/consumer complaints to help freeze accounts, generate paper trails, or support recovery.

A. Criminal reporting channels

1) Philippine National Police – Anti-Cybercrime Group (PNP-ACG) Best for scams executed online (social media, messaging apps, e-commerce, phishing). They can:

  • take statements,
  • conduct cyber investigation,
  • coordinate preservation and warrants through prosecutors/courts.

2) National Bureau of Investigation – Cybercrime Division (NBI) Also appropriate for online fraud and cases involving organized groups or larger losses. NBI complaints often proceed with a more centralized investigative approach.

3) Local police station / Women and Children Protection Desk (WCPC) where applicable If the scam involves threats, harassment, sextortion, or exploitation, the nearest station can also start a blotter entry and refer to proper units.

4) Office of the City/Provincial Prosecutor (Fiscal’s Office) Ultimately, to pursue criminal charges, most cases require filing a criminal complaint with the prosecutor for inquest (if there’s an arrest) or preliminary investigation (most scam cases).

B. Financial/consumer/regulatory channels (often crucial for tracing funds)

Depending on how you paid and what the scam involved:

  • BSP consumer/financial complaints (banks, e-money issuers, payment service providers) Useful to pressure compliance on transaction tracing, account review, and internal investigation.
  • SEC (investment scams, “guaranteed returns,” unregistered securities, fake brokers) Especially important where the scheme resembles solicitation of investments from the public.
  • DTI (certain online selling/trading complaints, if the seller purports to be a business) Usually more effective when there’s a traceable registered business or platform seller.
  • NPC (National Privacy Commission) if personal data misuse is central.
  • Platform reporting (Facebook/Meta, Instagram, TikTok, Telegram, Viber, Shopee/Lazada/Carousell, etc.) Not a substitute for criminal action but can prevent further victims and preserve logs if acted on quickly.

Reality check: Regulatory/consumer routes help with account actions and documentation, but criminal prosecution still runs through investigators + prosecutors.

4) Choosing the right legal path: criminal case, civil case, or both

A. Criminal case (punishment + possible restitution)

A criminal complaint aims to:

  • identify and arrest the offender (if possible),
  • file charges in court,
  • impose penalties (imprisonment/fines),
  • potentially award civil liability (return of money/damages) within the criminal case.

B. Civil case (recovery-focused)

You may also file a separate civil action to recover money/damages, especially if:

  • the accused is identifiable and has assets,
  • you want remedies not easily reached in criminal proceedings.

C. Practical strategy

Many victims pursue:

  1. Criminal complaint (for subpoena power, warrants, stronger leverage), and
  2. Parallel recovery steps (bank/e-wallet dispute, platform reports, regulatory complaints).

5) The step-by-step process to pursue criminal charges

Step 1: Make a formal incident record

  • Police blotter entry is helpful (not mandatory for the prosecutor, but useful as contemporaneous record).
  • Prepare a chronological timeline and compile evidence.

Step 2: Identify the proper venue (where to file)

Venue rules can be technical, but common practice:

  • File where you were located when you were deceived or where you sent/handed the money, or
  • where the suspect resides, or
  • where any essential element of the offense occurred. For cybercrime, law enforcement/prosecutors often accept filing where the victim accessed the internet or suffered the damage, but practices vary.

If unsure, a cybercrime unit (PNP-ACG/NBI) or the prosecutor’s office can help determine proper venue based on your facts.

Step 3: Draft a Complaint-Affidavit (this is the backbone)

A complaint is usually initiated by a Complaint-Affidavit (sworn statement), with attachments.

What it should contain:

  1. Your identity and contact details

  2. Respondent details (name if known; otherwise aliases/handles, phone numbers, account details)

  3. Narrative of facts in chronological order:

    • how you met/contacted the person,
    • what representations they made,
    • how you relied on them,
    • what you paid/sent and when,
    • what you received (or didn’t),
    • what happened after payment (ghosting, excuses, additional demands, threats).

  4. Specific misrepresentations/deceit (important for Estafa)

  5. Amounts and transactions (itemize every payment)

  6. Demand/refusal (if you demanded return and they refused/ignored—include messages)

  7. List of evidence as annexes

  8. Prayer: request filing of appropriate charges (Estafa and/or cybercrime offenses), issuance of subpoenas, and other lawful relief

Annexes typically include:

  • screenshots/exports of chats,
  • payment confirmations and transaction histories,
  • IDs or documents sent by scammer,
  • delivery non-receipt evidence (if buy-and-sell),
  • your demand messages and their responses,
  • any witness affidavits (if someone observed or participated in the transaction).

Witnesses: If someone else witnessed the transaction or communications, get a separate affidavit.

Step 4: Notarize affidavits properly

  • Your Complaint-Affidavit and witness affidavits must be sworn (notarized).
  • Keep valid IDs and sign consistently.

Step 5: File with the Prosecutor (Preliminary Investigation)

You file the complaint with the Office of the City/Provincial Prosecutor with:

  • notarized affidavits,
  • copies of annexes,
  • respondent’s known addresses (even partial),
  • sometimes multiple sets of copies (for respondent/service).

What happens next:

  1. Evaluation and issuance of subpoena to respondent (if address/service is possible)
  2. Respondent files a Counter-Affidavit
  3. You may file a Reply-Affidavit
  4. Prosecutor resolves whether there is probable cause
  5. If probable cause is found, an Information is filed in court and the case proceeds.

If respondent is unknown/unlocatable: Investigators may need to identify the person behind accounts using lawful process (data preservation, subpoenas, warrants). This can slow the case, but you can still initiate the complaint with what you have.

Step 6: Investigation tools unique to cybercrime cases (why reporting early matters)

When scams involve online accounts and devices, investigators and prosecutors may seek:

  • Data preservation (to prevent deletion of logs)
  • Court-issued cybercrime warrants to obtain traffic data/subscriber info and seize/examine devices
  • Coordination with service providers

This is why fast reporting and complete data (transaction IDs, URLs, account handles) materially increase the odds of identification.

Step 7: Court proceedings and arrest/bail realities

  • If the case is filed in court, the court may issue a warrant of arrest depending on the offense and judicial determination.
  • Many fraud-related offenses are bailable depending on the penalty and circumstances.
  • Criminal cases can take time; persistence and organized evidence help.

6) Understanding Estafa (the most common charge)

While exact categories vary, prosecutors often look for:

  • Deceit or fraudulent means (false promises, fake identity, misrepresentation of goods/services/investments)
  • Reliance by the victim
  • Damage/prejudice (you lost money/property)
  • Causal link between deceit and payment

Examples commonly charged as Estafa:

  • Fake sellers: paid but no delivery
  • “Reservation fee” / “processing fee” scams
  • Fake job placement with fees
  • Fake rentals/condo viewings
  • Investment solicitations with false claims of licensing/returns
  • Love scams requesting money for emergencies/fees

Common defenses scammers raise:

  • “It was just a business failure”
  • “No intent to defraud”
  • “The complainant understood the risk”
  • “It’s a civil matter”

Your affidavit and evidence should directly address intent and deceit: show the false representations and the pattern of conduct (e.g., repeated excuses, multiple victims, fake proofs, sudden disappearance).

7) If the scam is an “investment” or “trading” scheme

If money was solicited with promises of returns, “profit sharing,” “signals,” “guaranteed payouts,” or recruitment commissions, consider:

  • Whether the scheme resembles sale of securities or investment contracts.
  • SEC registration/licensing issues (unregistered entities, fake brokers, Ponzi-like structures).

What to include in evidence:

  • marketing posts, webinars, group chat announcements,
  • payout promises, return schedules,
  • referral structures and incentives,
  • proof of remittances and instructions,
  • identity of organizers/admins.

These cases often involve multiple complainants; coordinated filing can strengthen the case.

8) Special scenario playbook

A. Buy-and-sell / online marketplace scams

  • Document the listing, seller profile, and any edits.
  • Capture “proofs” they sent (often reused across victims).
  • Keep courier-related claims (tracking screenshots) and verify if fabricated.

B. Phishing / OTP / account takeover

  • Preserve phishing email headers or SMS content.
  • Record the sequence of OTP prompts and any call impersonations.
  • Report immediately to bank/e-wallet; time is critical.

C. Sextortion / threats

  • Preserve threats verbatim with timestamps.
  • Do not pay further; paying often escalates demands.
  • Report urgently; threats may support additional offenses beyond fraud.

D. Overseas scammer or cross-border elements

  • Still file locally with your evidence.
  • Expect identification challenges; investigators may need international cooperation through formal channels.
  • Your strongest early advantage is accurate transaction and account data.

9) Evidence and admissibility: making electronic proof court-ready

Philippine courts can admit electronic evidence, but it must be authenticated and shown to be what you claim it is.

Practical ways to strengthen authentication:

  • Keep originals (device-stored files, exported chat files).
  • Use screen recordings showing navigation from profile → chat → messages → payment proof.
  • Maintain a simple evidence index: Annex “A” (Chat screenshots), Annex “B” (Bank transfer), etc.
  • If possible, obtain certifications from platforms/providers when available (transaction history printouts, account statements).
  • Avoid “stitched” screenshots or edited images.

10) What you can realistically expect (and what improves outcomes)

What helps most

  • Acting fast (before logs/accounts disappear)
  • Complete transaction identifiers and recipient account details
  • Clear proof of false representations and reliance
  • Multiple victims/witnesses (pattern evidence)
  • Filing with cybercrime-capable units (PNP-ACG/NBI) when online

Common obstacles

  • Dummy accounts and SIM registrations under other names
  • Cash-out layers through multiple accounts
  • Victim only has partial screenshots, no transaction IDs
  • No serviceable address for respondent at the start

Even with obstacles, initiating the complaint creates an official record and may connect your case to other reports against the same accounts.

11) A practical checklist you can follow

Evidence checklist (minimum viable set)

  • Timeline (dates, amounts, promises)
  • Scammer identifiers (handles, numbers, emails, URLs)
  • Full chat logs or comprehensive screenshots with timestamps
  • Payment proofs + transaction IDs + recipient account details
  • Listing/ads/marketing posts (screenshots and links)
  • Demand for refund and response/ghosting proof
  • Witness affidavits (if applicable)

Reporting checklist

  • Notify bank/e-wallet and request tracing/hold
  • Report to the platform (marketplace/social media)
  • File with PNP-ACG or NBI Cybercrime (for online scams)
  • Prepare and notarize Complaint-Affidavit + annexes
  • File with the Prosecutor for preliminary investigation
  • Track subpoena/notice updates and comply with deadlines

12) Outline template for a Complaint-Affidavit (structure)

I. Personal circumstances Name, age, address, IDs, contact details.

II. Respondent details Name/aliases; social media handles; phone numbers; email; bank/e-wallet accounts; last known address (if any).

III. Facts of the case (chronological)

  • How contact started
  • What was offered/promised
  • Specific misrepresentations
  • Payments made (table form inside affidavit can help)
  • What happened after payments
  • Demands/refusal/ghosting
  • Total damage

IV. Evidence List annexes with short descriptions (Annex A, B, C…).

V. Legal allegations (non-technical but clear) State that respondent employed deceit, induced payment, and caused damage; if online, state use of computer system/platforms.

VI. Prayer Request that charges be filed and that respondent be held liable.

Verification and signature Notarization block.

13) Important cautions

  • Avoid posting accusations publicly while the case is developing; it can create defamation complications and may alert the suspect to delete evidence.
  • Do not fabricate or “enhance” evidence. Authenticity matters more than polish.
  • Watch deadlines from the prosecutor’s office; non-compliance can delay or weaken the case.
  • Prescription (time limits) depends on the offense and penalty; file promptly.

14) Bottom line

To report a scam and pursue criminal charges in the Philippines, the strongest approach is: act immediately to trace funds and preserve evidence, report to PNP-ACG/NBI for cyber-enabled cases, then file a notarized Complaint-Affidavit with annexes at the Prosecutor’s Office to trigger preliminary investigation and, if probable cause is found, court proceedings.

This article is for general information and not legal advice.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login