How to Report an Online Scam in the Philippines – A 2025 Legal Guide
1. What counts as an “online scam”?
Philippine law treats any fraudulent scheme executed “through or with the use of information and communications technologies” as cyber-fraud, estafa, or swindling under the Revised Penal Code, as amended by the Cybercrime Prevention Act of 2012 (RA 10175) . Common patterns include non-delivery of goods bought online, phishing that siphons e-wallet or bank balances, romance or investment swindles, SIM-based text scams, and money-mule activities now punished under the Anti-Financial Account Scamming Act of 2024 (RA 12010) (Republic Act No. 12010 - LawPhil).
2. Core statutory and regulatory framework
| Law / Issuance | Key role |
|---|---|
| RA 10175 (Cybercrime Prevention Act) | Defines cyber-offences; gives courts power to issue preservation & takedown warrants. |
| RA 8792 (E-Commerce Act) | Recognises electronic evidence & contracts. |
| RA 11765 (Financial Products & Services Consumer Protection Act, 2022) | Lets Bangko Sentral ng Pilipinas (BSP) compel supervised FIs to reverse or repay fraudulent online transactions (Republic Act No. 11765 - LawPhil). |
| RA 12010 (Anti-Financial Account Scamming Act, 2024) | Criminalises money-muling, social-engineering, large-scale e-fraud (Republic Act No. 12010 - LawPhil). |
| RA 7394 (Consumer Act) & DTI DAO No. 21-02 | Basis for refund / replacement claims against online sellers. |
| Rules on Cybercrime Warrants (A.M. No. 17-11-03-SC, 2018) | Authorises law-enforcement to search, seize or freeze digital evidence. |
| RA 9160 (AMLA) & IRRs | Allows the AMLC or courts to freeze scam proceeds upon a verified request. |
Sector-specific circulars (e.g., BSP Consumer Assistance Mechanism/CAMS, SEC Advisories, NTC domain-blocking) reinforce the above.
3. Which agency do you call?
| Scenario | Primary venue to report | How to lodge the complaint |
|---|---|---|
| Any cyber-crime (phishing, online fraud, doxxing) | PNP Anti-Cybercrime Group (ACG) or NBI Cybercrime Division (CCD) | 24/7 “National Anti-Scam Hotline 1326” (DICT/CICC) ; walk-in or email via [email protected]/[email protected] |
| Banking / e-wallet loss | Your bank/e-wallet fraud desk within 24 h plus BSP CAMS via the BSP Online Buddy (BOB) chatbot or CIR e-mail to [email protected] | |
| Fake e-commerce seller / non-delivery | DTI – file at PODRS (https://podrs.dti.gov.ph) or call 1-DTI (1384) | |
| Investment scam / Ponzi | SEC-EIPD Investor Complaint Form (download & e-mail) – SEC can seek AMLC freeze and NTC/DICT takedown | |
| Privacy / data-breach-based phishing | National Privacy Commission (NPC) – online CID form at privacy.gov.ph; hotline (+632) 8234-2228 | |
| SIM-based spam or unknown caller | eGov PH Super App → eReport (upload screenshot) or text “SIM CHECK |
|
| Cross-border or large-scale syndicate | DOJ-Office of Cybercrime for Mutual Legal Assistance & cyber-warrants, tel. (+632) 8523-8481 |
4. Step-by-step reporting workflow
Secure evidence immediately
Take dated screenshots, transaction IDs, chat logs, social-media profile URLs, and courier receipts. Preserve the item listing in PDF.
This digital trail is admissible under the Rules on Electronic Evidence and RA 10175.Freeze the money (if applicable)
Within 24 hours, call your bank or e-wallet’s fraud desk and demand a “temporary hold” citing BSP Memorandum M-2022-015 on cyber-fraud. If funds already left, request a chargeback (card) or wallet reversal. Banks must respond within ten banking days under BSP CAMS .File the criminal complaint
Choose jurisdiction: nearest PNP-ACG regional cybercrime unit or NBI-CCD satellite. Bring printed evidence and a notarised affidavit-complaint. Officers will prepare a cybercrime incident report and, where needed, apply for Preservation/Warrant to Disclose Computer Data (WBCD) under A.M. No. 17-11-03-SC.Parallel regulatory complaint (optional but strategic)
– BSP CAMS for banks/e-wallets (forces mediation/refund).
– DTI PODRS for consumer disputes under the E-Commerce Protection Guidelines.
– SEC-EIPD for investment solicitations; SEC may issue a cease and desist and request account freezing .
– NPC if personal data was harvested; NPC can fine up to ₱5 million and compel breach notification .Follow up
Ask for the agency’s control or case reference number. Under the Ease of Doing Business Act (RA 11032) agencies must update you every 15 days until disposition.
5. Digital one-stop channels
- eGov PH Super App – “eReport”: lets you attach screenshots, geo-tag the incident, and route it to PNP, DTI, or LGU in one tap .
- National Anti-Scam Hotline 1326 (voice/SMS/WebChat): triages calls to CICC agents who liaise with telcos to block numbers and with PNP for case build-up .
- ScamWatch Pilipinas (NGO) at scamwatchpilipinas.com also mirrors reports to 1326 and provides victim coaching .
6. Asset recovery & civil remedies
- AMLA freeze & civil forfeiture – the AMLC or SEC can obtain a 30-day freeze on suspected scam accounts (RA 9160 §10; SEC-AMLC MOU).
- Pre-trial garnishment / attachment – under Rules of Court, if you sue for damages.
- Small-claims refund – up to ₱400 000 through the Revised Rules on Small Claims (A.M. 08-8-7-SC as amended 2022) for straightforward non-delivery cases.
- Restitution in the criminal case – courts may award restitution upon conviction (Articles 104-107, Revised Penal Code).
7. Cross-border & special cases
- Budapest Convention: The Philippines’ 24/7 Point of Contact (DoJ-OOC) may request data preservation abroad within 24 hours .
- NTC/DICT domain blocking: DICT Memo C. 02-2023 empowers the Cybercrime Investigation and Coordinating Center to request ISPs to block scam URLs within 48 h; victims may attach the police blotter to expedite.
- Money-mule prosecution: RA 12010 imposes up to ₱2 million fine and 12 years’ imprisonment for knowingly letting your account be used in an online scam (Republic Act No. 12010 - LawPhil).
8. Practical tips to strengthen your complaint
- Mirror drives – save chats on both cloud and external media; hash files (SHA-256) for integrity.
- Maintain silence – avoid threatening the scammer online; it may alert them and trigger evidence destruction.
- Coordinate with other victims – class-type complaints carry more weight and speed up AMLC freezes.
- Ask for status letters – regulators are legally obliged to send written updates; these help if you escalate to the Ombudsman or file mandamus.
9. Pending developments to watch (2025)
- BSP Digital Fraud Regulation (draft Feb 2025): would compel e-wallets to auto-refund within five days upon presentation of a police cyber-fraud blotter .
- Online Scams Prevention Act (HB 9835 / SB 2201): in bicam; proposes ₱10 million fines for ISPs that ignore takedown orders .
- CICC Task-Force vs. Messaging-App Scams launched April 2025 to coordinate takedowns on WhatsApp/Telegram .
Conclusion
Reporting an online scam in the Philippines is no longer a guessing game: a clear legal toolkit (RA 10175, RA 11765, RA 12010) and an ecosystem of hotlines (1326), apps (eGov), and specialised regulators (BSP, SEC, NPC, DTI) now converge to freeze stolen funds, block malicious domains, and prosecute offenders. Victims who (1) collect solid electronic evidence early, (2) alert their bank/e-wallet within 24 hours, and (3) file simultaneous criminal and regulatory complaints have the highest chance of restitution and conviction of the perpetrators. Stay vigilant, use the channels above, and insist on your rights under Philippine cyber-law.