How to Report and Block a Stolen Phone in the Philippines (IMEI/NTC and Police Blotter Guide)

How to Report a Cryptocurrency Scam in the Philippines: PNP-ACG, NBI, and SEC Guide

This article gives a practical, Philippine-specific playbook for victims and counsel. It covers where to report (PNP-ACG, NBI, SEC), what laws apply, what evidence to prepare, how the process typically unfolds, and how to improve your odds of freezing or recovering funds. It’s general information, not legal advice.

Quick triage: what to do in the first 24–72 hours

  1. Stop further transfers and cut contact with the scammer.

  2. Secure your accounts

    • Change passwords; enable 2FA (preferably app-based).
    • Revoke malicious API keys, webhooks, and wallet approvals (e.g., token allowances).

  3. Ask your bank/e-wallet/exchange for an urgent “trace/recall/hold.”

    • Provide timestamps, transaction IDs, beneficiary details, screenshots.
    • Push transfers are usually irrevocable, but early action sometimes catches funds before withdrawal.

  4. Preserve evidence (don’t “clean up”).

    • Screenshots of chats, posts, ads, profiles, phone numbers, email headers, websites.
    • Transaction hashes, wallet addresses, block heights, memos/tags, platform tickets.
    • Device artifacts: keep the phone/PC, don’t factory-reset; avoid installing new software; note serial/IMEI.
    • Keep a timeline (who/what/when/how much).

  5. Report quickly (often in parallel) to PNP-ACG or NBI for the criminal aspect and SEC if there’s an investment/solicitation angle.

Which agency does what?

  • PNP Anti-Cybercrime Group (ACG) – front-line police unit for cybercrime complaints. Builds cases, applies for cybercrime warrants, coordinates with ISPs/e-wallets/telecoms, and files with prosecutors.
  • NBI Cybercrime Division – investigative bureau with digital forensics and inter-agency/Interpol coordination; alternative to PNP or a parallel track for complex cases.
  • Securities and Exchange Commission (SEC) – through its enforcement arm, handles investment and securities-law violations (e.g., unregistered investment contracts, Ponzi-type schemes), issues advisories and cease-and-desist orders, and files criminal complaints for Securities Regulation Code (SRC) violations.

In practice: File with PNP-ACG or NBI for the criminal case and with SEC if there was solicitation of investments or “profit guarantees.” You can (and often should) pursue both tracks.

Laws commonly invoked

  • Revised Penal Code (RPC)Estafa (Art. 315), including online misrepresentations; Syndicated/large-scale estafa (PD 1689) in group schemes.
  • Cybercrime Prevention Act of 2012 (RA 10175) – computer-related fraud; special rules on jurisdiction, preservation, disclosure, search and seizure of computer data.
  • Securities Regulation Code (RA 8799) – selling unregistered securities, acting as unregistered brokers/dealers, and anti-fraud provisions.
  • Financial Products and Services Consumer Protection Act (RA 11765) – duties of BSP-supervised institutions (banks/e-wallets/payment players) toward consumers.
  • Anti-Money Laundering Act (RA 9160, as amended) – used for financial‐intelligence tracing and freeze/forfeiture proceedings (usually via AMLC in coordination with law enforcement).
  • Rules on Electronic Evidence and Rules on Cybercrime Warrants (A.M. No. 17-11-03-SC) – how digital proof is admitted and how investigators get WDCD/WICD/WSSECD/WECD warrants.
  • RA 10951 – updated penalty thresholds for estafa based on amount defrauded.

How to report to each agency

A. PNP-ACG (Police route)

When to choose: Any crypto scam with Philippine nexus (victim, device, bank/e-wallet, or offender touching PH). Ideal for urgent field action (e.g., SIM swap, mule accounts).

What to prepare (minimum):

  • Complaint-Affidavit (notarized), with a chronology and specific acts of the suspect(s).
  • Annexes: screenshots of chats/emails, transaction hashes and wallet addresses, receipts, bank/e-wallet references, platform usernames/URLs, and your timeline.
  • ID and proof of authority if representing a company or another person.
  • Devices (if needed for forensics), kept in original state; log simple chain-of-custody notes.

What typically happens next:

  • Blotter/receipt; intake interview; refinement of affidavit/evidence list.
  • Investigators may preserve data and seek cybercrime warrants (to disclose subscriber/traffic data, examine devices, or seize digital evidence).
  • Coordination letters to banks/e-wallets/ISPs/telecoms; requests for KYC, IP logs, CCTV, and beneficiary tracing.
  • Filing with the City/Provincial Prosecutor for inquest/preliminary investigation (criminal case).

B. NBI Cybercrime Division (Bureau route)

When to choose: Complex/multijurisdictional cases, need for digital forensics, or if you prefer a bureau-led investigation. You can report either PNP or NBI—both have national jurisdiction.

Requirements & flow: Basically the same pack as PNP-ACG: Complaint-Affidavit + annexes, device custody, interview. NBI may run blockchain tracing, issue subpoenas (via prosecutors), and liaise with foreign platforms/exchanges or Interpol partners.

C. SEC (investment/solicitation violations)

When to choose: If you were promised passive returns, “profit guarantees,” referral bonuses, or “account managers” asking you to deposit into trading platforms/pools—that’s typically securities.

What to file:

  • Complaint or tip to the SEC’s enforcement arm (include identity of promoters, pages, domains, wallets, bank accounts, marketing materials, and your proof of deposits).
  • Affidavit with annexes (same evidence pack).

What SEC can do:

  • Issue Investor Advisories and Cease-and-Desist Orders (often ex parte) against the entity and its officers/agents.
  • Coordinate with PNP/NBI and file criminal complaints for SRC breaches (unregistered securities, unlicensed selling, and fraud).
  • Refer consumer issues to BSP if BSP-supervised institutions are involved.

Tip: Even if you prefer to pursue only the criminal route, SEC records (advisories/CDOs) become powerful corroborative proof that the scheme is illegal.

Parallel actions that help

  • BSP-supervised entities (banks, e-wallets, remittance, payment operators): File a consumer complaint and request a trace/recall/hold. Cite RA 11765 duties and attach your police/NBI intake reference when available.
  • Cryptocurrency exchanges: Open a compliance ticket with the transaction hash, timestamps, wallet addresses, and police/NBI case reference. Ask for an internal freeze if funds are still on-platform.
  • Telco/SIM issues (SIM-swap, phishing via SMS): Report to your telco; your case officer may coordinate with the telco and the NTC for records.
  • Data privacy misuse (leaked IDs/photos): Consider a complaint to the National Privacy Commission (NPC) in parallel.
  • Civil recovery: Send a demand letter; assess civil action (sum of money, damages). Small Claims may be available for lower amounts (check current thresholds), but fraud-related claims can be fact-intensive—get counsel.

Evidence checklist (crypto-specific)

  • On-chain:

    • All transaction hashes, wallet addresses (sender/receiver), block height/time, memos/tags, network (e.g., BTC, ETH, BSC).
    • CSV exports from block explorers or platforms (if available), and screenshots showing confirmations.

  • Off-chain:

    • Chat logs, emails (with full headers), call recordings, social media profiles/ads, web pages (capture URL + timestamp), KYC selfies you sent.
    • Bank/e-wallet receipts; beneficiary names/account numbers; machine IDs/terminal IDs for cash-ins; remittance slips.

  • Attribution breadcrumbs:

    • Phone numbers, IMEIs, device fingerprints, IP logs (if any), exchange ticket IDs, courier receipts, CCTV references.

  • Your narrative:

    • A clear timeline: first contact → pitch → deposit(s) → blockers (“tax/fee to withdraw”) → refusal.
    • Loss computation (PHP and equivalent crypto at transfer times).

Keep originals; label annexes clearly; use consistent wallet nicknames (e.g., “My Metamask 0x…A1” vs “Scammer 0x…B2”).

How cases move (typical flow)

  1. Intake at PNP-ACG or NBI; docketing; affidavit finalization.
  2. Preservation & requests to banks/e-wallets/telcos/exchanges; possible freeze if funds remain.
  3. Cybercrime warrants (disclosure/examination/search) to obtain KYC, logs, device data.
  4. Filing with Prosecutor (criminal) or SEC enforcement (administrative/criminal for SRC).
  5. Preliminary investigationInformation in court (often a Special Cybercrime Court RTC).
  6. Trial (criminal) and separate civil action or civil liability within the criminal case.
  7. Asset recovery/forfeiture may proceed if funds or substitutes are identified.

Expectations: Speed matters, but recovery is uncertain—especially if funds moved across chains/mixers or offshore. Success rates are higher when victims act within hours/days, provide complete evidence, and hit all venues (law enforcement + SEC + financial institutions + platform).

Jurisdiction, venue, and special courts

  • Jurisdiction: Philippine courts have jurisdiction if any element of the offense occurs in the Philippines, a Filipino is involved, or local systems/data are affected (per RA 10175).
  • Venue: Where any essential element occurred (e.g., where the victim was induced or funds were sent) or as allowed by the cybercrime rules.
  • Courts: Designated Special Cybercrime Courts (RTCs) handle cybercrime cases; SEC cases may lead to criminal filings in regular or designated courts depending on charges.

Building a strong Complaint-Affidavit

Structure:

  1. Introduction & competence (name, capacity, how you identify the respondent if known).
  2. Statement of facts in chronological order (attach a timeline table as Annex “A”).
  3. Elements matched to evidence (e.g., estafa: deceit + damage; cyber-fraud: use of a computer system).
  4. Annexes (A-1, A-2 …) with short descriptions; include a hash or checksum if submitting digital media.
  5. Prayer (what you want charged; requests for preservation/coordination).
  6. Verification & notarization.

Tone: Factual, concise, specific (dates, amounts, TXIDs). Avoid speculation; say “unknown person using profile ‘X’.”

Sample one-page timeline table (use as Annex “A”)

Date/Time (PH) Event Platform/Address Amount (PHP/crypto) Proof (Annex)
2025-07-02 14:11 First contact via Messenger ad Page: “Alpha Mining” B-1
2025-07-03 10:32 Deposit 0xAB…21 → 0xCD…34 (BSC) ₱85,000 (1.5 BNB) C-3
2025-07-05 09:20 “Tax” demand to withdraw App chat D-2
2025-07-06 11:05 Bank transfer to mule acct BDO → “Juan D.” ₱120,000 E-1
2025-07-06 12:00 Reported to bank (trace/recall) Ticket #12345 F-1

Asset tracing & freezes: realistic options

  • Banks/e-wallets: Internal trace/recall works only if funds remain; otherwise they’ll provide KYC/flow to law enforcement upon lawful request.
  • Exchanges: Many can quarantine assets if the suspect account is identified before withdrawal and you provide a police/NBI reference.
  • AMLC route: Law enforcement may coordinate for financial intelligence and freeze/forfeiture proceedings when legal thresholds are met.
  • Civil remedies: Preliminary attachment may be possible in a separate civil case if you can identify attachable property.

Red flags & common pitfalls

  • Pay a release fee/tax” after you try to withdraw = classic scam escalation.
  • Recovery-agent scams promising guaranteed refunds for a fee.
  • Deleting chats or resetting your phone “to be safe” (you’re destroying evidence).
  • Relying on screenshots without keeping raw files or original device.
  • Waiting weeks before notifying your bank/e-wallet/exchange.

Minimal templates (fill in and adapt)

A. Bank/e-Wallet Urgent Trace/Recall Note (email/in-app)

Subject: URGENT TRACE/RECALL – Crypto Scam Proceeds I am reporting an unauthorized/induced transfer related to a cryptocurrency investment scam. Please urgently trace/recall/hold if funds remain. Date/Time: ____ (PH) My Acct/Wallet Ref: ____ Beneficiary Acct/Wallet: ____ Amount: ____ Proof attached: receipts, TXIDs, screenshots. I will provide a police/NBI reference once issued. Please confirm case/ticket no. and actions taken.

B. Complaint-Affidavit Heading (first lines)

COMPLAINT-AFFIDAVIT I, ____ (Filipino, of legal age, ___), state:

  1. On ____, respondent(s) induced me to invest by promising ____.
  2. I sent funds as follows: [table/TXIDs].
  3. Respondents refused withdrawal and demanded additional “fees.”
  4. I suffered damage amounting to ₱____.
  5. Annexes “A” to “__” support the foregoing. PRAYER: That respondents be prosecuted for Estafa (RPC), Computer-Related Fraud (RA 10175), and violations of the Securities Regulation Code, and that preservation/coordination letters be issued to concerned entities.

FAQs

Can I report anonymously? Law enforcement and SEC can accept tips, but case build-up usually requires a sworn affidavit to move forward.

PNP-ACG or NBI—which is better? Both are competent. Choose based on accessibility and responsiveness; you may file with one and later coordinate with the other for specialized tasks.

Can I still file if the platform is offshore? Yes. If any victim/element is in the Philippines, local agencies can investigate. Cross-border cooperation takes longer but happens, especially where KYC’d off-ramps exist.

Will I get my money back? Not guaranteed. Speed + complete evidence + multi-venue reporting give you the best shot.

Smart reporting strategy (summary)

  1. Same day: Bank/e-wallet/exchange trace/recall; secure accounts; start a clean, labeled evidence folder.
  2. Within 24–48h: File with PNP-ACG or NBI; get a docket/reference; hand over your structured annexes.
  3. Parallel: File with SEC if there was investment solicitation; include marketing materials and promoter identities.
  4. Next 1–2 weeks: Follow up on platform freezes/records, submit supplemental evidence, and consider civil remedies.

If you want, I can turn your timeline and evidence into a ready-to-file Complaint-Affidavit + annex index next.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login