How to Report an Online Lending App Scam to DICT in the Philippines

If an online lending app took your money, promised a loan but never released funds, threatened to shame you online, contacted your phonebook, or demanded “processing fees” before releasing a loan, you can report it to the DICT through the government’s cyber scam reporting channels. In practice, this usually means reporting through the DICT-linked Cyber Hotline 1326 and the Cybercrime Investigation and Coordinating Center (CICC), while also filing the right follow-up complaints with the SEC, NPC, PNP Anti-Cybercrime Group, or NBI Cybercrime Division depending on what happened.

What Counts as an Online Lending App Scam?

An online lending app scam is not limited to a fake app that steals money. In the Philippines, many complaints involve a mix of fraud, harassment, privacy abuse, and illegal lending operations.

Common examples include:

  • The app asks you to pay a processing fee, approval fee, unlocking fee, insurance fee, or tax before releasing the loan, then disappears or asks for more money.
  • The app approves a loan but releases a much smaller amount than promised because of hidden deductions.
  • The app gives a very short repayment period, then adds excessive penalties.
  • Collectors threaten to post your photo, ID, or “wanted” notice online.
  • The app contacts your relatives, employer, co-workers, or phone contacts who are not guarantors.
  • The app uses your contact list, gallery, SMS, or location data in ways unrelated to your loan.
  • The app uses fake SEC registration details or pretends to be connected with a legitimate lender.

The important point: owing money does not give a lender the right to threaten, shame, deceive, or misuse your personal data. A valid debt must still be collected through lawful means.

Why Report to DICT and CICC?

The Department of Information and Communications Technology (DICT) is the government agency responsible for national ICT policy and cybersecurity coordination under Republic Act No. 10844, the DICT Act. Cybercrime response is coordinated through the CICC, which was created under the Cybercrime Prevention Act of 2012, Republic Act No. 10175.

For ordinary complainants, the most practical DICT-related reporting channel is:

Channel Use this for Details
DICT Cyber Hotline 1326 Urgent online scam, harassment, cyber fraud, suspicious lending app activity Available as the government cyber scam reporting hotline
Email: 1326@dict.gov.ph Sending screenshots, documents, links, and written reports Listed in the 2026 DICT-NPC-SEC advisory on online lending platforms
eGovPH app reporting Mobile reporting where available DICT regional advisories have referred the public to eGovPH for scam reporting
CICC / I-ARC mobile numbers Alternative contact if 1326 is unreachable Commonly publicized I-ARC numbers include Smart 0947-714-7105, Globe 0966-976-5971, and DITO 0991-481-4225

DICT/CICC reporting is useful because it helps the government receive, triage, and refer online scam reports. But it is not always the only complaint you need. If you want enforcement against a lender, data privacy action, or criminal investigation, you may need to file with the agency that has direct authority over that part of the case.

Legal Basis: Your Rights Against Abusive Online Lending Apps

Cybercrime laws

Under RA 10175, online lending scams may involve:

  • Computer-related fraud, when digital systems are used with fraudulent intent.
  • Computer-related identity theft, when someone intentionally acquires, uses, misuses, transfers, or possesses identifying information without right.
  • Cyberlibel, if defamatory statements are posted online through a computer system.
  • Revised Penal Code crimes committed through ICT, where the Cybercrime Prevention Act can apply a higher penalty when traditional crimes are committed through information and communications technology.

The DOJ Rules implementing RA 10175 identify the PNP and NBI as law enforcement authorities for cybercrime investigation. That is why a DICT/CICC report may lead to referral, but criminal case build-up is usually handled by the PNP Anti-Cybercrime Group or NBI Cybercrime Division.

Lending and financial consumer protection laws

Online lending companies are generally regulated by the Securities and Exchange Commission (SEC), especially if they operate as lending or financing companies.

Relevant laws and rules include:

Unfair collection practices include threats of violence, threats to take illegal action, profane or abusive language, false representations, contacting borrowers at unreasonable hours, and contacting people in the borrower’s contact list who were not named as guarantors or co-makers.

Data privacy laws

Online lending app abuse often involves personal data. Under RA 10173, the Data Privacy Act of 2012, personal information must be processed lawfully, fairly, and for a legitimate purpose.

The DICT-NPC-SEC Public Advisory on Online Lending Platforms dated 18 March 2026 specifically warns that:

  • unnecessary app permissions are prohibited;
  • excessive or disproportionate processing of personal data is prohibited;
  • contact lists cannot be used for harassment;
  • lenders may contact only guarantors for debt collection purposes, not random people in your phonebook;
  • violations may lead to fines, suspension, revocation of authority, and other legal consequences.

Revised Penal Code and Civil Code remedies

Depending on the facts, the conduct may also involve:

  • Estafa under Article 315 of the Revised Penal Code, if deceit was used to defraud you of money.
  • Grave threats under Article 282, if someone threatens to harm you, your family, your reputation, or property with a wrongful act amounting to a crime.
  • Coercions under Article 286, if someone unlawfully compels you to do something against your will.
  • Unjust vexation under Article 287, for conduct that unjustly annoys, irritates, or disturbs another person, depending on the facts.

Civil liability may also arise under the Civil Code. Articles 19, 20, and 21 are often relevant when a person exercises a right in bad faith, violates the law, or causes damage contrary to morals, good customs, or public policy. Article 26 also protects a person’s dignity, privacy, and peace of mind against meddling or similar acts.

Step-by-Step Guide: How to Report an Online Lending App Scam to DICT

1. Secure yourself first

Before sending a report, protect your accounts and evidence.

Do these immediately:

  1. Do not pay additional “release,” “verification,” or “unlocking” fees if the app keeps asking for money before releasing funds.
  2. Revoke unnecessary app permissions such as contacts, gallery, location, SMS, microphone, and call logs.
  3. Change passwords for email, e-wallets, banking apps, and social media accounts.
  4. Turn on two-factor authentication for accounts connected to your phone number or email.
  5. Do not delete the app yet if it contains loan records, messages, or transaction history you still need to document.
  6. Warn close contacts calmly that they may receive scam or harassment messages and ask them to screenshot anything they receive.

If there are threats of physical harm, extortion, or publication of private images, treat it as urgent and report to law enforcement as well.

2. Save evidence before it disappears

Good evidence is often the difference between a vague report and an actionable complaint.

Prepare a folder with:

  • screenshots of the app profile, loan offer, repayment page, and collection messages;
  • app name exactly as shown in the app store;
  • app download link, website, Facebook page, Telegram account, or Viber number;
  • name of the lending company, if shown;
  • SEC registration number, if claimed;
  • mobile numbers, email addresses, sender names, and collector aliases;
  • GCash, Maya, bank, or remittance transaction receipts;
  • proof of fees paid;
  • screenshots from contacts who received harassment messages;
  • screen recordings showing the app interface, if safe to record;
  • a written timeline of what happened.

For screenshots, show the date, time, sender, phone number or account name, and full message when possible. Under RA 8792, the Electronic Commerce Act, electronic documents may have legal effect, and the Rules on Electronic Evidence provide rules for presenting electronic documents. In practical terms, preserve originals, avoid editing screenshots, and keep the phone where the messages were received.

3. Write a short incident summary

DICT/CICC intake is easier when your report is organized. Use a simple format:

I am reporting an online lending app scam/harassment incident. App name: Company name, if shown: Website or app store link: Date first contacted: Date money was paid or loan was released: Amount involved: Payment channel used: What happened: Threats or harassment received: People contacted by the app: Evidence attached: Other agencies already reported to:

Keep it factual. Avoid long emotional statements in the main report. Put the clearest evidence first.

4. Report to DICT Cyber Hotline 1326

Call 1326 and explain that you are reporting an online lending app scam, online debt harassment, or cyber fraud. Ask for the next steps and whether you should send documents by email.

When speaking with the hotline, be ready to answer:

  • your full name and contact details;
  • the app name and company name;
  • when the incident happened;
  • whether money was paid;
  • whether threats were made;
  • whether your contacts were messaged;
  • whether your personal data, ID, or photos were exposed;
  • whether you already filed with SEC, NPC, PNP, NBI, or your bank/e-wallet.

If the hotline gives you a reference number, ticket number, or instructions, save it immediately.

5. Email your evidence to the DICT cyber reporting address

For written reports and attachments, use 1326@dict.gov.ph, which is listed in the 2026 DICT-NPC-SEC advisory as the DICT Cyber Hotline email for harassment, threats, frauds, and scams involving online lending platforms.

A practical subject line is:

Report: Online Lending App Scam / Harassment – [App Name] – [Your Name]

Attach your evidence in organized files. If there are many screenshots, combine them into a PDF and label them:

  • Annex A – App profile and loan offer
  • Annex B – Proof of payment
  • Annex C – Harassment messages to borrower
  • Annex D – Messages sent to contacts
  • Annex E – IDs or documents misused by app

Do not send unnecessary sensitive information if it is not relevant. For example, if only the last four digits of an account number are needed, mask the rest unless the agency specifically asks for the full details.

6. Ask where the report will be referred

DICT/CICC may coordinate or refer the matter to the proper agency. Ask clearly:

  • Should I also file with the SEC for unfair collection practices?
  • Should I file with the NPC for contact-list abuse or privacy violation?
  • Should I file with the PNP Anti-Cybercrime Group or NBI Cybercrime Division for criminal investigation?
  • Should I report to my bank, e-wallet, or remittance provider?

This matters because DICT/CICC reporting helps alert the government, but SEC, NPC, PNP, and NBI each handle different legal consequences.

Where Else to File After Reporting to DICT

Problem Best agency to file with Practical reason
Online lending app harassment, threats, fake shame posts, scam, extortion DICT/CICC, PNP-ACG, NBI Cybercrime Division Cybercrime and online scam response
Unfair debt collection by a lending or financing company SEC Financing and Lending Companies Department through SEC iMessage SEC regulates lending and financing companies
Contact list abuse, unauthorized use of photos/ID, public shaming, data privacy violation National Privacy Commission through its formal complaint process NPC handles Data Privacy Act complaints
E-wallet, bank, or payment fraud Bank/e-wallet provider and, where applicable, BSP consumer channels Needed for account freezing, reversal review, or fraud investigation
Physical threats or imminent danger Nearest police station, PNP-ACG, or NBI Immediate safety and criminal investigation

For NPC complaints, the NPC generally requires a specific complaint-affidavit format, notarization, and submission through accepted channels. For criminal investigation, the PNP-ACG or NBI may require a sworn complaint, original device inspection, or further affidavit.

Evidence Checklist

Evidence Why it matters
Government ID or passport Proves complainant identity
Written timeline Helps agencies understand the incident quickly
Screenshots of messages Shows threats, harassment, false claims, or fraud
App name and download link Helps identify the platform
Corporate name and SEC details, if any Helps determine if it is registered or fake
Payment receipts Proves financial loss or advance-fee scam
Loan agreement or disclosure page Shows hidden fees, deductions, repayment terms
Screenshots from relatives or contacts Proves contact-list abuse or public shaming
Device used May be needed for forensic verification
Notarized affidavit Often needed for formal complaints or case build-up

Common Mistakes That Weaken a Complaint

Deleting the app too soon

Many victims delete the app out of fear. This may remove loan records, chat history, transaction pages, and permission logs. Save evidence first.

Sending only one screenshot

One screenshot rarely tells the whole story. Agencies need context: what app, what date, who sent the message, what number was used, what was demanded, and how much was paid.

Reporting only to the wrong agency

DICT/CICC can help receive and coordinate cyber scam reports, but SEC handles lending company regulation, NPC handles privacy violations, and PNP/NBI handle criminal investigation. File in the correct place based on the conduct.

Paying more money to “settle” a scam

Scammers often continue asking for fees once they see the victim is afraid. If the “loan” was never released and the app keeps asking for advance payments, stop and report.

Ignoring messages sent to contacts

If your relatives, employer, or friends receive threats, ask them to save screenshots. Their evidence can prove that the app went beyond lawful collection.

Posting accusations without preserving evidence

Publicly naming people or companies without careful documentation can create a separate risk of defamation disputes. Preserve evidence and report through official channels first.

Special Notes for OFWs and Foreigners

Filipinos abroad and foreigners can still report an online lending app scam if the app, lender, phone number, victim, payment channel, or harmful conduct is connected to the Philippines.

Practical points:

  • If you cannot call 1326 from abroad, use email and attach evidence.
  • Use Philippine time and indicate your current country.
  • If a sworn affidavit is required, you may need to execute it before a Philippine embassy or consulate, or before a local notary with apostille/authentication depending on where the document is signed and where it will be used.
  • If the scam used a Philippine e-wallet, bank account, SIM number, or registered business name, include those details.
  • If you are a foreigner in the Philippines, include your passport, visa page, ACR I-Card if applicable, local address, and Philippine contact number.

Frequently Asked Questions

Can I report an online lending app scam directly to DICT?

Yes. You can report through the DICT-linked Cyber Hotline 1326 and send written evidence to 1326@dict.gov.ph. In practice, your report may be assessed or referred to the proper agency such as CICC, SEC, NPC, PNP-ACG, or NBI.

Is DICT the same as CICC?

No. DICT is the department responsible for ICT and cybersecurity policy. CICC is the cybercrime coordinating body created under RA 10175 and now connected with DICT’s cybersecurity functions. For ordinary victims, the practical reporting channel is the Cyber Hotline 1326 / I-ARC system.

What if the online lending app is SEC-registered?

Even a registered lender cannot harass you, shame you, threaten illegal action, or misuse your contact list. File with DICT/CICC if there is cyber harassment or scam activity, and file with the SEC through SEC iMessage for unfair debt collection or lending violations.

What if the app is not SEC-registered?

That is a serious red flag. Under RA 9474, lending companies need SEC authority to operate. Report the app to DICT/CICC for scam or cybercrime concerns and to the SEC for unauthorized lending activity.

Can an online lending app contact my phone contacts?

Generally, an online lending platform should not contact people in your phonebook for collection unless they are actual guarantors who separately consented to that role. The 2026 DICT-NPC-SEC advisory states that contacting persons in the borrower’s contact list other than named guarantors is prohibited for debt collection.

Can I file a complaint even if I really owe money?

Yes. A valid loan does not legalize threats, public shaming, false accusations, or misuse of personal data. Your complaint should focus on the unlawful conduct, not simply the existence of the debt.

Do I need a notarized affidavit to report to DICT?

For initial reporting to DICT/CICC, a hotline or email report may be enough to start intake. For a formal NPC complaint, SEC complaint, or criminal case build-up with PNP/NBI, a notarized affidavit may be required.

Will DICT recover my money?

DICT/CICC reporting may help route the case and alert authorities, but money recovery usually depends on the payment channel, the speed of reporting, account tracing, law enforcement action, and whether funds can still be frozen or traced. Report immediately to your bank, e-wallet, or remittance provider as well.

What if the lender threatens to post my ID or photo?

Take screenshots immediately, report to DICT/CICC, and consider filing with the NPC for data privacy violations and with PNP-ACG or NBI for criminal investigation. If the post is actually published, save the link, screenshot, date, account name, and comments before it is deleted.

Can I block the collectors?

Yes, but save evidence first. If blocking prevents you from receiving further threats, it may protect your peace of mind. Ask trusted contacts to save any messages they receive, because collectors often shift harassment to relatives or co-workers.

Key Takeaways

  • Report online lending app scams to DICT/CICC through Cyber Hotline 1326 and 1326@dict.gov.ph.
  • Save screenshots, payment receipts, app links, phone numbers, and messages before deleting anything.
  • File with the SEC for unfair debt collection or unregistered lending activity.
  • File with the NPC for contact-list abuse, unauthorized data processing, or public shaming.
  • File with PNP-ACG or NBI Cybercrime Division when the conduct involves fraud, threats, extortion, identity theft, or other cybercrime.
  • A real debt does not give any lender the right to threaten, shame, deceive, or misuse your personal information.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.