If you just discovered that money was sent from your e-wallet or bank account to a scammer, the most important thing is speed. In the Philippines, the first few hours matter because banks, e-wallet providers, and receiving institutions may still be able to flag, hold, recall, or trace the funds. This guide explains where to report an e-wallet or bank transfer scam, what documents to prepare, which Philippine laws apply, and what usually happens after you file a complaint.
First, Identify What Kind of Scam Happened
Not all digital payment problems are treated the same way. Before reporting, classify the incident as clearly as possible because the bank, e-wallet provider, police, NBI, or BSP may ask.
| Situation | Common example | Why it matters |
|---|---|---|
| Unauthorized transaction | Someone hacked your e-wallet, used your card, or transferred money without your approval | This may involve account takeover, phishing, access device fraud, or weak security controls |
| Authorized but scam-induced transfer | You personally sent money after being tricked by a fake seller, fake investment, fake job, romance scam, or impersonator | Recovery is harder, but you should still request a hold/recall and file a criminal complaint |
| Wrong transfer | You typed the wrong mobile number or account number by mistake | This is usually handled as an erroneous transfer, not automatically as fraud |
| Identity misuse | A scammer used your name, ID, SIM, or account to receive scam proceeds | This may expose you to investigation unless you report quickly and preserve evidence |
Under Republic Act No. 12010, the Anti-Financial Account Scamming Act of 2024 (AFASA), a “financial account” includes bank accounts, transaction accounts, credit card accounts, and e-wallets. The law specifically targets money mule activity and social engineering schemes involving financial accounts. (Supreme Court E-Library)
What To Do Immediately After an E-Wallet or Bank Transfer Scam
1. Secure your account first
Do this before arguing with the scammer or posting online:
- Change your app password, email password, and PIN.
- Log out of all devices if the app allows it.
- Disable linked cards or online banking access.
- Turn off biometric access temporarily if your device may be compromised.
- Call your bank or e-wallet provider’s fraud hotline or use the in-app help center.
- Ask the provider to freeze your account if needed and to investigate the transaction.
Do not delete the app, reset your phone, erase messages, or clear your browser history yet. These may contain evidence.
2. Report the transaction to your bank or e-wallet provider
Report to your sending institution first. This is the bank or e-wallet where the money came from.
Give them:
- Transaction reference number
- Date and exact time of transfer
- Amount
- Sender account or wallet number
- Receiving bank, e-wallet, account number, or mobile number
- Name shown on the transaction receipt
- Screenshots of chats, posts, links, receipts, and caller details
- A short explanation that the transfer was fraudulent or unauthorized
Ask for these specific actions:
- “Please create a fraud ticket.”
- “Please request a temporary hold or recall from the receiving institution.”
- “Please coordinate with the receiving bank/e-wallet under AFASA.”
- “Please provide a reference number for my report.”
- “Please confirm in writing what action was taken.”
AFASA allows covered institutions to temporarily hold funds subject to a disputed transaction for a period prescribed by the BSP, not exceeding 30 calendar days, unless extended by a competent court. This does not guarantee recovery, but it is the legal reason why reporting immediately matters. (Supreme Court E-Library)
3. Report to the receiving institution if you know it
If the scammer gave you a bank name, e-wallet number, QR code, or account name, report to that provider too. The receiving institution may not disclose the account owner’s private information to you, but it can flag the receiving account internally, coordinate with law enforcement, and preserve records.
Use careful wording:
I am reporting that Account/Mobile Number ______ received proceeds of a suspected scam transaction on ______ at ______ in the amount of ₱______. Please flag the account, preserve records, and coordinate with my sending institution and law enforcement.
4. Preserve evidence properly
Save evidence in a way that investigators can understand.
Prepare a folder with:
- Transaction receipts and reference numbers
- Screenshots of the scammer’s profile, posts, messages, ads, email, SMS, or website
- Full URLs, not just screenshots of links
- Phone numbers, usernames, QR codes, bank/e-wallet details
- Delivery receipts, order pages, or marketplace chats
- Proof that the scammer blocked you or deleted posts
- Your bank/e-wallet ticket numbers
- Your government ID or passport
- A timeline of events
For screenshots, include the date, time, account name, and URL when possible. If the scam happened on Facebook, Messenger, Viber, Telegram, WhatsApp, TikTok, Instagram, Shopee, Lazada, or a fake website, capture the profile link and page URL before it disappears.
Where To Report an E-Wallet or Bank Transfer Scam in the Philippines
Quick reporting map
| Office or entity | Best for | What they can do |
|---|---|---|
| Your bank or e-wallet provider | Immediate hold, account lock, transaction investigation | Create fraud ticket, coordinate with receiving institution, investigate unauthorized transaction |
| Receiving bank or e-wallet | Flagging the suspected mule account | Preserve records, coordinate with sending provider and law enforcement |
| PNP Anti-Cybercrime Group (PNP-ACG) | Online scams, hacked accounts, fake sellers, phishing, cyber-enabled fraud | Criminal investigation, evidence referral, cybercrime case build-up |
| NBI Cybercrime Division | Computer crimes, hacking, identity misuse, organized online fraud | Investigation, sworn statements, digital evidence handling |
| CICC / Inter-Agency Response Center | Centralized online scam reporting | Receive and route reports through hotline 1326 and other channels |
| BSP Consumer Assistance Mechanism | Unresolved complaint against a BSP-supervised bank/e-wallet | Facilitate consumer complaint after you first report to the provider |
| SEC | Fake investments, Ponzi schemes, crypto-investment solicitations, online lending abuse | Regulatory action against companies, lending apps, and investment schemes |
| NPC | Data breach, identity theft, misuse of personal data | Data privacy complaint or breach-related action |
The BSP’s own consumer complaint guide tells scam or fraud victims to report criminal activity to law enforcement agencies such as the PNP, NBI, or CICC, while BSP-CAM remains the second-level recourse for complaints against BSP-supervised institutions.
How To File a Report With Your Bank or E-Wallet Provider
For GCash-related scam transactions
GCash’s help materials distinguish scam reports from unauthorized transactions. For scam transactions, GCash instructs users to report the scammer to the authorities, report to GCash immediately with details and screenshots, and block the scammer. For unauthorized transactions, GCash states that investigation may take around 48 hours to 7 days, depending on the case. (GCash Help Center) (GCash Help Center)
Prepare:
- GCash number
- Transaction reference number
- Amount
- Date and time
- Receiver’s GCash number or account details
- Screenshots of messages and receipts
- Police report or complaint reference, if already available
For Maya-related scam or unauthorized transactions
Maya directs fraud victims to submit a fraud complaint form and states that concerns are generally addressed within 10 working days, with additional time if needed. (Maya Support) Maya’s help materials also advise users who were scammed to secure the account and submit a fraud report. (Maya Support)
Prepare:
- Maya-registered mobile number
- Transaction ID
- Amount
- Date and time
- Details of the receiving account
- Screenshots and supporting documents
- Police/NBI/CICC report reference, if available
For banks
Most banks require the same basic information:
- Account name and account number
- Transaction channel: InstaPay, PESONet, QR Ph, internal bank transfer, card transaction, or bills payment
- Reference number
- Receiving bank and account details
- Screenshots and explanation
- Valid ID
- Police report or affidavit, if requested
For InstaPay, transfers are generally real-time and harder to stop once credited. For PESONet, transactions are batch-processed, so timing and cut-off may matter. In either case, report immediately and ask the sending bank to initiate a recall or fraud coordination request.
How To Report to the PNP Anti-Cybercrime Group
Report to the PNP Anti-Cybercrime Group (PNP-ACG) if the scam involved online messages, fake accounts, phishing links, hacking, identity theft, fake stores, marketplace fraud, or social engineering.
You may file through the PNP-ACG’s official channels or go to a PNP cybercrime office or police station. The BSP’s published complaint guide lists PNP-ACG contact details including acg@pnp.gov.ph and PNP contact numbers for scam or fraud referrals.
Bring or prepare:
- Valid government ID or passport
- Printed transaction receipts
- Screenshots of chats, posts, emails, SMS, calls, and URLs
- Bank/e-wallet ticket number
- Written timeline of what happened
- Names, phone numbers, usernames, and account numbers used by the scammer
- Complaint-affidavit or sworn statement, if already prepared
A police blotter is useful, but it is not the same as a full criminal complaint. For serious online fraud, ask how your report can be referred for cybercrime investigation and whether you need to execute a complaint-affidavit.
How To Report to the NBI Cybercrime Division
The NBI Cybercrime Division also handles computer-related crimes and cyber-enabled scams. The NBI Citizen’s Charter states that victims of computer crimes may proceed to the Cybercrime Division, file a complaint, undergo preliminary interview and initial investigation, execute sworn statements, and submit supporting documents. It also lists no filing fee for that investigative assistance process. (National Bureau of Investigation)
NBI is especially useful when:
- Your account was hacked
- Your identity documents were used
- The scam involves multiple victims
- The scammer used fake websites or malware
- You need digital evidence assessed
- You are preparing a prosecutor-level complaint
At the NBI, expect to fill out forms, submit evidence, and answer questions from an investigator. If your documents are incomplete, you may be asked to return with printed screenshots, affidavits, device information, or additional proof from the bank/e-wallet.
How To Report Through CICC / Hotline 1326
The Cybercrime Investigation and Coordinating Center (CICC) and Inter-Agency Response Center receive online scam reports through Hotline 1326 and related reporting channels. The BSP complaint guide lists CICC contact details, including report@cicc.gov.ph, Hotline 1326, and mobile numbers for I-ARC scam reporting.
CICC reporting is useful when you need a fast central reporting channel, but it should not replace your report to the bank/e-wallet or your formal law enforcement complaint if money was actually lost.
How To Escalate to the BSP if the Bank or E-Wallet Does Not Act Properly
The Bangko Sentral ng Pilipinas (BSP) does not arrest scammers and does not act as your private investigator. Its role is different: it handles consumer complaints involving BSP-supervised institutions such as banks, e-money issuers, and other covered financial institutions.
Under Republic Act No. 11765, the Financial Products and Services Consumer Protection Act of 2022, financial consumers have rights including protection of consumer assets against fraud and misuse, data privacy and protection, and timely handling and redress of complaints. The law applies to financial products and services including payments, remittances, and digital financial services. (Supreme Court E-Library)
The BSP process is usually:
- File first with the bank or e-wallet’s customer service or Financial Consumer Protection Assistance Mechanism (FCPAM).
- Wait for the provider’s response or action.
- If unresolved or unsatisfactory, escalate to BSP-CAM through the BSP Online Buddy (BOB), email, mail, phone, or walk-in channels.
- Attach proof that you already reported to the provider.
The BSP states that its Consumer Assistance Mechanism is a second-level recourse and that financial consumers should first report to the institution’s own FCPAM or customer service channel. If using email or mail, BSP asks consumers to include a clear complaint summary, desired resolution, contact details, the complaint filed with the institution, the institution’s reply if any, and supporting documents. (Bureau of the Treasury)
Do not send your PIN, password, OTP, full card details, or other sensitive credentials to anyone. BSP specifically warns consumers not to share PINs, passwords, account numbers, card numbers, passport details, or similar sensitive information for BSP-CAM processing.
Legal Basis: What Laws Apply to E-Wallet and Bank Transfer Scams?
Anti-Financial Account Scamming Act — RA 12010 of 2024
AFASA is now one of the most important laws for e-wallet and bank transfer scams. It covers financial accounts, including e-wallets, and penalizes:
- Money muling — using, lending, selling, renting, or recruiting others to use financial accounts to receive scam proceeds
- Social engineering schemes — deceiving someone into giving sensitive information that results in unauthorized access or control over a financial account
- Economic sabotage — certain large-scale or organized forms of these acts
AFASA also gives institutions authority to temporarily hold disputed funds, requires coordinated verification of disputed transactions, and provides possible restitution where institutions fail to use adequate risk management systems or the required degree of diligence. (Supreme Court E-Library)
Cybercrime Prevention Act — RA 10175 of 2012
The Cybercrime Prevention Act applies when the scam was committed through a computer system, mobile phone, internet platform, fake website, phishing link, or online account.
It penalizes computer-related fraud, computer-related forgery, illegal access, identity theft, and other cybercrime offenses. It also requires the PNP and NBI to maintain cybercrime units and provides procedures for preservation, disclosure, search, seizure, and examination of computer data. Service providers may be required to preserve traffic data and subscriber information for at least six months, while disclosure generally requires proper legal process. (Supreme Court E-Library)
This is why victims should report quickly. Social media logs, IP data, subscriber details, device identifiers, and platform records may be time-sensitive.
Revised Penal Code — Estafa under Article 315
Many scam cases are still charged as estafa under Article 315 of the Revised Penal Code, especially where the victim was deceived into sending money.
The Supreme Court has described estafa as centered on fraud or deceit causing damage or prejudice to another. In Spouses Dulay v. People, the Court discussed estafa by false pretenses under Article 315(2)(a), where fraudulent representations induced the complainants to part with money. (Supreme Court E-Library)
For online scams, estafa may be charged together with cybercrime-related provisions if the fraud was committed through ICT.
Access Devices Regulation Act — RA 8484 of 1998, as amended by RA 11449 of 2019
RA 8484, as amended by RA 11449, applies to fraudulent acts involving access devices, including cards, account numbers, codes, PINs, and other means of account access used to obtain money or initiate fund transfers. (Supreme Court E-Library) RA 11449 strengthened RA 8484 by adding prohibitions and increasing penalties for access device fraud. (Supreme Court E-Library)
This may apply where scammers used stolen card details, OTPs, account credentials, SIM-linked access, or unauthorized payment instruments.
Financial Products and Services Consumer Protection Act — RA 11765 of 2022
RA 11765 matters when the issue involves how a bank, e-wallet, payment provider, or other financial service provider handled your complaint, protected your account, disclosed risks, or responded to fraud.
It gives financial consumers the right to fair treatment, transparency, protection of assets against fraud and misuse, data privacy, and timely complaint handling. (Supreme Court E-Library)
Civil Code remedies
Separate from criminal prosecution, civil liability may arise. Civil Code Articles 19, 20, and 21 require people to act with justice, honesty, and good faith and provide liability for willful or negligent acts that cause damage. (Supreme Court E-Library) Civil Code Article 2176 also recognizes liability for damage caused by fault or negligence, known as quasi-delict. (Supreme Court E-Library)
In practical terms, these provisions may matter if you later pursue damages against a scammer, negligent intermediary, or another party whose fault caused loss.
Documents You Should Prepare
| Document | Why it helps |
|---|---|
| Valid ID or passport | Proves identity of complainant |
| Transaction receipt | Shows amount, date, time, reference number, and receiving account |
| Bank/e-wallet report ticket | Shows you reported promptly |
| Screenshots of chats and posts | Shows deception, identity used, and inducement |
| URLs and profile links | Helps investigators trace accounts |
| Call logs and SMS headers | Helps trace phone-based scams |
| Complaint-affidavit | Formal sworn statement for criminal complaint |
| Timeline of events | Helps police, NBI, bank, BSP, or prosecutor understand the case |
| Proof of ownership of account | Shows the account or wallet belongs to you |
| Authorization or SPA | Needed if someone else will file or follow up for you |
A complaint-affidavit should be factual. Include who contacted you, what was promised, what you relied on, when you transferred money, where the funds went, and what happened after.
If You Are Abroad or a Foreigner
You can still report a scam involving a Philippine bank, e-wallet, SIM, account, or victim.
Practical points:
- Use your passport or foreign government ID if you do not have a Philippine ID.
- If you are an OFW or foreigner abroad, you may need to execute a complaint-affidavit before a Philippine embassy or consulate, or use a notarized and apostilled document depending on the country and receiving office’s requirement.
- If a relative or representative in the Philippines will file or follow up, prepare a Special Power of Attorney (SPA).
- Keep screenshots showing your foreign number, email, or account used in the transaction.
- If the scammer used a Philippine account or the victim’s financial account is maintained with a Philippine institution, AFASA may still provide Philippine jurisdiction where the legal elements connect to the Philippines. (Supreme Court E-Library)
The DFA maintains an official apostille information portal for authentication-related concerns. (Apostille Philippines)
Common Mistakes That Hurt Scam Reports
Waiting too long before reporting
Many victims wait days because they hope the scammer will refund the money. This gives scammers time to withdraw, transfer, convert, or split the funds through mule accounts.
Only posting on Facebook instead of filing formal reports
Public warnings may help others, but they do not automatically freeze funds, preserve records, or start a criminal investigation.
Sending more money to “recover” the first amount
Recovery scams are common. A second scammer may pretend to be a hacker, police officer, bank insider, or lawyer who can retrieve your money for a “processing fee.”
Giving OTPs or passwords during the complaint process
No legitimate bank, e-wallet, BSP officer, police investigator, NBI agent, or CICC staff should ask for your OTP or password.
Assuming a police blotter is enough
A blotter records an incident. It does not automatically become a prosecutor’s complaint or court case. For criminal prosecution, you may need a complaint-affidavit, supporting documents, and investigator endorsement.
Filing only with BSP for a criminal scam
BSP can help with provider-related consumer complaints. It cannot arrest scammers. For criminal investigation, report to PNP, NBI, or CICC.
What Happens After You Report?
With the bank or e-wallet
The provider will usually:
- Create a ticket.
- Review the transaction.
- Ask for screenshots or IDs.
- Coordinate with the receiving institution if possible.
- Decide whether the transaction is unauthorized, scam-induced, erroneous, or outside recovery.
- Issue a response or request more documents.
Possible outcomes include account locking, transaction investigation, failed recall, partial recovery, denial, or escalation.
With PNP or NBI
Investigators may:
- Take your sworn statement.
- Review digital evidence.
- Identify accounts, numbers, profiles, or websites involved.
- Request preservation or disclosure through proper legal channels.
- Coordinate with banks, e-wallets, telcos, or platforms.
- Refer the case for preliminary investigation before the prosecutor.
For cybercrime cases, evidence is often technical. Investigators may need time to obtain lawful access to subscriber data, logs, and financial records.
With the prosecutor and court
If the evidence supports a criminal case, the matter may proceed to preliminary investigation. The prosecutor determines whether there is probable cause to file charges in court. AFASA and cybercrime cases generally fall within Regional Trial Court jurisdiction under their respective laws. (Supreme Court E-Library) (Supreme Court E-Library)
Criminal cases can take months or years, especially when suspects use fake IDs, mule accounts, prepaid SIMs, foreign platforms, or multiple layers of transfers.
Frequently Asked Questions
Can I still recover my money after sending it to a scammer?
Possibly, but it depends on speed and whether the funds are still in the receiving account. Report immediately to your bank or e-wallet and request a hold or recall. AFASA allows temporary holding of disputed funds under specified conditions, but if the money has already been withdrawn or moved through several accounts, recovery becomes harder. (Supreme Court E-Library)
Should I report first to the police, bank, or BSP?
Report first to your bank or e-wallet provider because they are the only ones who can quickly flag your account and coordinate on the transaction. Then report to PNP, NBI, or CICC for criminal investigation. Escalate to BSP if the provider does not respond properly or the complaint remains unresolved.
Is a GCash or Maya scam a cybercrime?
It can be. If the scam involved online deception, phishing, hacking, fake accounts, fake websites, or unauthorized access through a computer system or mobile phone, RA 10175 may apply. If it involved a financial account or e-wallet, AFASA may also apply.
Do I need a notarized affidavit?
For initial bank or e-wallet reporting, usually not always. For a formal criminal complaint, a sworn statement or complaint-affidavit is commonly required. If you are abroad, Philippine authorities may require consular notarization, apostille, or a properly authenticated SPA depending on how the document will be used.
Can BSP force my bank or e-wallet to refund me?
BSP can facilitate consumer complaints, require supervised institutions to respond, and act under its regulatory powers. But refund depends on the facts, the provider’s obligations, evidence of unauthorized transaction or institutional fault, and applicable law. AFASA provides possible restitution where institutions fail to use adequate risk management systems or the required degree of diligence, but each case still depends on proof. (Supreme Court E-Library)
What if the scammer used a fake name?
Still report. Investigators do not rely only on the displayed name. They may look at account registration data, transaction trails, device data, SIM information, IP logs, linked accounts, withdrawal points, and other records obtainable through lawful process.
What if I willingly gave my OTP?
Report anyway. Giving an OTP may make recovery harder because providers often treat OTP-authorized transactions differently, but it does not automatically mean no crime occurred. Social engineering schemes are specifically recognized under AFASA when deception is used to obtain sensitive identifying information and gain access or control over a financial account. (Supreme Court E-Library)
Should I message the scammer after reporting?
Avoid threats, harassment, or negotiation that may destroy evidence or alert the scammer. Take screenshots, preserve the account link, and let the provider or investigator know if the scammer contacts you again.
Can I file a case if the amount is small?
Yes. Small losses can still be part of a larger scam operation. File a report, especially if the same account, mobile number, or profile has victimized others. Multiple complaints help establish pattern, intent, and possible economic sabotage or organized fraud.
Is barangay reporting required?
Usually, no. Cyber-enabled scams, estafa, AFASA violations, and access device fraud are not ordinary barangay disputes. A barangay blotter may help document what happened, but it does not replace reporting to the bank/e-wallet, PNP, NBI, CICC, or BSP.
Key Takeaways
- Report to your bank or e-wallet provider immediately and request a fraud ticket, temporary hold, recall, and coordination with the receiving institution.
- Preserve screenshots, transaction receipts, URLs, account numbers, mobile numbers, and the full timeline.
- Report criminal scams to PNP-ACG, NBI Cybercrime Division, or CICC Hotline 1326.
- Escalate to BSP-CAM only after first reporting to the bank or e-wallet’s own complaint channel.
- AFASA, RA 10175, Article 315 on estafa, RA 8484 as amended, RA 11765, and Civil Code damages provisions may all be relevant depending on the facts.
- A police blotter is helpful, but a complete complaint usually needs a sworn statement, evidence, and provider records.
- Fast reporting is the best chance of stopping further loss and preserving the money trail.