Smishing is a text-message scam that tries to make you click a link, send personal information, reveal an OTP, transfer money, or call a fake “bank,” “telco,” “delivery rider,” “government office,” or “job recruiter.” In the Philippines, the fastest way to deal with it depends on what happened: report the sender to the National Telecommunications Commission (NTC) if you received a scam or spam text, contact your bank or e-wallet immediately if money or account access is involved, and report to the Cybercrime Investigation and Coordinating Center (CICC), PNP Anti-Cybercrime Group, or NBI Cybercrime Division if there is fraud, identity theft, threats, or an actual loss.
What counts as smishing or a text scam?
Smishing means SMS phishing. It is a type of social engineering: the scammer uses fear, urgency, curiosity, or fake authority to make you act before you can think.
Common examples in the Philippines include:
- “Your bank account will be locked. Verify here.”
- “Your GCash/Maya account has suspicious activity.”
- “You have a package. Pay customs/delivery fee.”
- “You won a raffle. Claim your prize.”
- “Your SIM will be deactivated unless you register again.”
- “Part-time job: like videos and earn daily.”
- “Traffic violation / court notice / government aid claim.”
- “Your friend used you as a reference for an online loan.”
- Messages using your name, nickname, or other personal details to look more believable.
A smishing message may come from:
- An ordinary mobile number;
- An alphanumeric sender ID that looks like a company name;
- A spoofed number or sender name;
- A messaging app linked from SMS;
- A compromised account of someone you know.
Under the SIM Registration Act, spoofing means transmitting misleading or inaccurate information about the source of a call or text with intent to defraud, cause harm, or wrongfully obtain anything of value. The law requires end-users to register SIMs before activation and recognizes spoofing as a regulated concern in the mobile ecosystem. (Supreme Court E-Library)
What to do immediately after receiving a suspicious text
If you have not clicked the link or sent money, your goal is to preserve evidence and prevent the number or link from reaching more people.
- Do not click the link. Even opening a link can expose your device to credential theft, fake login pages, or malware.
- Do not reply. Replying can confirm that your number is active.
- Do not call the number in the text. Use the official hotline or app of your bank, e-wallet, telco, courier, or government agency.
- Take screenshots. Capture the sender’s number or sender ID, the full message, date, time, and link.
- Copy the link carefully only if needed for reporting. Do not open it.
- Report the text to NTC and/or CICC.
- Block the sender after preserving evidence.
If you already clicked, gave information, or lost money, treat it as urgent. Change passwords, revoke sessions, lock cards, contact your bank or e-wallet, and report to law enforcement.
Where to report smishing and text scams in the Philippines
Different offices handle different parts of the problem. Reporting only to one office may not be enough if you lost money or your identity was used.
| Situation | Best office or institution to contact first | Why |
|---|---|---|
| You received a scam or spam text but did not lose money | NTC | For telecom-related complaint handling, endorsement to telcos, and possible blocking/action |
| The scam involves online fraud, phishing, identity theft, or cybercrime | CICC Hotline 1326, PNP Anti-Cybercrime Group, or NBI Cybercrime Division | For cybercrime triage, investigation, and referral |
| Your bank, card, or e-wallet was accessed or charged | Your bank/e-wallet immediately, then BSP if unresolved | To freeze, dispute, hold funds, reverse if justified, and escalate consumer complaints |
| Your personal data may have leaked or been misused by an organization | National Privacy Commission (NPC) | For privacy complaints against personal information controllers or processors |
| You need a criminal complaint for prosecution | PNP-ACG or NBI Cybercrime Division, then prosecutor’s office when appropriate | For sworn statements, evidence collection, and case build-up |
How to report a text scam to the NTC
For ordinary text scams, spam messages, illegal texts, or threatening text messages, the NTC is usually the most direct administrative reporting channel.
Based on NTC guidance posted through the official FOI portal, reports may be filed through the NTC text spam/scam report page. The NTC states that its role is generally to receive the complaint and requirements, then endorse the matter to the relevant public telecommunications entities or concerned agencies for blocking or appropriate action. (www.foi.gov.ph)
NTC online report steps
Go to the NTC Text Spam/Scam Report page.
Prepare and upload:
- A copy of a valid government-issued ID;
- For students, a school ID may be used;
- If no ID is available, the NTC guidance allows a birth certificate or NBI Clearance;
- A screenshot or image of the text spam or scam showing the cellphone number or sender details.
Fill out the required fields.
Submit the report.
Keep a copy of your submission, screenshots, and any reference number.
NTC guidance also mentions that concerns may be sent by email or brought to the nearest NTC regional office, and that SIM registration concerns may be raised through NTC’s 24/7 consumer hotline 1682 or DICT/CICC’s complaint center hotline 1326. (www.foi.gov.ph)
What information should you include in an NTC report?
Prepare these before filing:
| Information | Why it matters |
|---|---|
| Your full name and contact details | NTC or the telco may need to verify or clarify your report |
| Sender’s mobile number or sender ID | Needed for blocking, tracing, or telco endorsement |
| Screenshot of the full message | Shows the scam content, date, time, number, and link |
| Date and time received | Helps match records with telco logs |
| Link or account mentioned in the text | Useful for identifying phishing pages or mule accounts |
| Your valid ID | Usually required for complaint processing |
Do not edit the screenshot except to make it readable. If the message shows a link, account number, QR code, or mobile wallet number, capture that clearly.
How to report to CICC Hotline 1326
The CICC is under the DICT and is a central government cybercrime coordination body. For online scams, the Inter-Agency Response Center hotline 1326 is used as a reporting channel for scams, including phishing, text scams, email scams, caller ID spoofing, romance scams, investment scams, and other online scams. Government information materials describe 1326 as a 24/7 hotline for reporting scams. (Philippine News Agency)
Use CICC when:
- You clicked a phishing link;
- You entered bank, e-wallet, email, or social media credentials;
- You gave an OTP, PIN, password, CVV, or account details;
- Money was transferred;
- The scammer is still communicating with you;
- The message is part of a larger online scam, fake investment, fake job, online selling scam, or identity theft.
ScamWatch Pilipinas, an anti-scam reporting initiative associated with the government’s I-ARC effort, lists 1326 and alternative mobile numbers for reporting online scams, and describes I-ARC as a joint project involving DICT, CICC, NPC, and NTC to centralize scam reporting. (ScamWatch Pilipinas)
How to report to PNP Anti-Cybercrime Group or NBI Cybercrime Division
If there is an actual loss, account takeover, identity theft, threats, extortion, or organized fraud, you may need a formal cybercrime complaint.
The NBI Cybercrime Division Citizen’s Charter states that the service is available to the general public and involves proceeding to the Cybercrime Division, filing a complaint or request for investigation, undergoing a preliminary interview, executing sworn statements or submitting affidavits, and submitting supporting documents. The listed frontline processing time for initial steps is around 1 hour and 10 minutes, although full investigation and case build-up can take much longer depending on complexity, cooperation from platforms, and availability of records. (National Bureau of Investigation)
For cybercrime complaints, prepare:
- Government-issued ID;
- Printed screenshots of the text scam;
- The sender’s number or sender ID;
- The phishing URL;
- Chat logs, call logs, emails, or app messages connected to the scam;
- Proof of payment or transfer, if any;
- Bank or e-wallet transaction history;
- Account numbers, wallet numbers, QR codes, or merchant names used by the scammer;
- A written timeline of events;
- Device used, mobile number used, and email address involved;
- Affidavit or sworn statement, if required.
In practice, law enforcement may ask you to execute a complaint-affidavit, which is a sworn written statement narrating what happened and identifying the evidence. If you are abroad, ask the receiving office what form of notarization, consular acknowledgment, or apostille they will accept before sending documents.
Legal basis: what laws may apply to smishing in the Philippines?
Smishing can violate several Philippine laws depending on what the scammer did.
Republic Act No. 10175: Cybercrime Prevention Act of 2012
The Cybercrime Prevention Act covers computer-related fraud and computer-related identity theft. The law defines computer-related identity theft as the intentional acquisition, use, misuse, transfer, possession, alteration, or deletion of identifying information belonging to another person without right. (Lawphil)
This matters because a text scam is often not just “spam.” It may be part of a cybercrime if the scammer uses the message to:
- Obtain login credentials;
- Take over an e-wallet, bank account, email, or social media account;
- Impersonate another person;
- Use stolen personal data;
- Cause unauthorized transactions;
- Use a computer system, mobile device, phishing website, or online platform to commit fraud.
The Supreme Court in Disini v. Secretary of Justice, G.R. No. 203335, February 18, 2014, upheld important parts of RA 10175, including the criminalization of computer-related identity theft. (Philippine Law Firm)
Revised Penal Code: estafa or swindling
If the scam caused you to send money or property because of deceit, it may also fall under estafa under Article 315 of the Revised Penal Code. Estafa generally involves fraud or deceit that causes damage to another person. The Supreme Court has repeatedly applied Article 315 to fraud schemes involving false pretenses and damage. (Lawphil)
Examples:
- You paid a fake delivery fee after receiving a text;
- You transferred money to a fake bank representative;
- You sent a “processing fee” for a fake job;
- You paid an “unlocking fee” to recover an account.
Republic Act No. 12010: Anti-Financial Account Scamming Act
Republic Act No. 12010, the Anti-Financial Account Scamming Act (AFASA), was enacted in 2024 to address financial account scams, money muling, and social engineering schemes involving banks, e-wallets, and other financial accounts. The law expressly covers electronic communications such as SMS, phone calls, emails, instant messages, and social media messages. (Supreme Court E-Library)
AFASA defines social engineering schemes as obtaining another person’s sensitive identifying information through deception or fraud, resulting in unauthorized access and control over that person’s financial account. It includes using electronic communications to obtain sensitive identifying information. (Supreme Court E-Library)
This is highly relevant to smishing because many text scams are designed to steal:
- Usernames;
- Passwords;
- OTPs;
- Bank details;
- Credit card details;
- E-wallet credentials;
- Other confidential personal or financial information.
AFASA also allows institutions to temporarily hold funds involved in a disputed transaction for a period prescribed by the BSP, not exceeding 30 calendar days unless extended by a court. This is one reason victims should report suspicious transfers immediately to the bank or e-wallet: delay can make recovery much harder. (Supreme Court E-Library)
Republic Act No. 11934: SIM Registration Act
The SIM Registration Act requires SIM registration before activation and was intended to help address fraud, scams, and crimes using SIMs. It also recognizes spoofing as misleading or inaccurate information about the source of a call or text sent with intent to defraud, cause harm, or wrongfully obtain anything of value. (Lawphil)
However, SIM registration does not mean every scammer is easy to identify immediately. In real cases, scammers may use:
- Fraudulently registered SIMs;
- SIMs registered under stolen or fake identities;
- Mule accounts;
- Spoofed sender IDs;
- Overseas infrastructure;
- Compromised devices or accounts.
This is why preserving evidence and reporting quickly still matters.
Republic Act No. 10173: Data Privacy Act of 2012
The Data Privacy Act protects personal information in government and private-sector information systems. The National Privacy Commission is the country’s privacy regulator and handles formal privacy complaints. (Lawphil)
Report to the NPC when the issue is not merely that you received a scam text, but that a company, organization, lender, school, employer, app, or other personal information controller may have improperly used, exposed, sold, or failed to secure your personal data.
The NPC requires formal complaints to follow a specific format. Its complaint page instructs complainants to download the form, print and fill it out, have it notarized, and submit it in person, by courier, or by scanned email to the NPC. (National Privacy Commission)
If you clicked a smishing link or gave an OTP
Act fast. The first hour is often critical.
- Disconnect from the link or page. Close the browser tab.
- Do not enter more information.
- Change passwords from a different trusted device.
- Log out all sessions for email, banking, e-wallet, social media, and shopping apps.
- Enable multi-factor authentication where available, but do not use an already-compromised number or email if you can avoid it.
- Call your bank or e-wallet immediately.
- Request account locking, card blocking, transaction dispute, or temporary hold if applicable.
- Report to CICC 1326, PNP-ACG, or NBI if there is fraud or account takeover.
- Report the text to NTC.
- Monitor your accounts for the next several weeks.
Do not delete the message. Do not factory-reset the phone before preserving screenshots, transaction records, and suspicious app details, unless your bank or law enforcement instructs you to isolate the device for security reasons.
If money was transferred from your bank or e-wallet
Report first to the financial institution involved. Do this immediately, even before completing government complaint forms.
Ask the bank, e-wallet, or payment provider to:
- Block or freeze your account;
- Block the card or linked payment method;
- Reverse or dispute the transaction if still possible;
- Trace the recipient account or wallet;
- Preserve transaction logs;
- Issue a reference number;
- Provide written confirmation of your complaint;
- Tell you what documents they need for investigation.
Under AFASA, financial institutions must maintain risk management systems and controls such as multi-factor authentication and fraud management systems. The law also provides that conviction is not a prerequisite for restitution where the institution is liable due to failure to employ adequate controls or failure to exercise the required diligence. (Supreme Court E-Library)
If the bank or e-wallet does not resolve the issue, you may escalate to the Bangko Sentral ng Pilipinas (BSP). BSP’s consumer assistance materials instruct consumers to first report the concern to the BSP-supervised institution’s Financial Consumer Protection Assistance Mechanism before filing a new complaint with BSP. (Bureau of the Treasury)
Evidence checklist for a strong report
A good report is specific, chronological, and supported by screenshots. Government offices and financial institutions handle many scam reports, so organized evidence helps your case move faster.
| Evidence | Practical tip |
|---|---|
| Screenshot of scam text | Show sender, full message, date, time, and link |
| Screenshot of opened phishing page | Capture URL bar if you accidentally opened it |
| Call logs | Include number, date, time, and duration |
| Chat logs | Export or screenshot messages from SMS, Messenger, Viber, WhatsApp, Telegram, or other apps |
| Transaction receipts | Include reference number, amount, date, time, sender, and recipient |
| Bank/e-wallet statements | Highlight suspicious transactions |
| Email alerts or OTP messages | Show unauthorized access attempts |
| Device details | Note phone model, SIM number, mobile number, and affected apps |
| Written timeline | List events in order, with dates and times |
| Report reference numbers | Keep NTC, bank, CICC, PNP, NBI, or BSP references together |
If you print screenshots for a sworn complaint, keep the digital originals. Investigators may later need metadata, original files, or access to the device.
Common mistakes that make text scam reports weaker
Deleting the message too soon
Many victims delete the message out of fear or embarrassment. Take screenshots first. If possible, keep the original message until the complaint is filed.
Reporting only to NTC after losing money
NTC reporting helps with telecom-side action, but it is not a substitute for reporting unauthorized transactions to your bank/e-wallet or filing a cybercrime complaint when money was lost.
Waiting several days before calling the bank
If funds were moved through mule accounts, speed matters. Banks and e-wallets may have limited time to flag, freeze, hold, or trace funds.
Sending screenshots with cropped sender details
A cropped screenshot that hides the number, sender ID, date, or link may be less useful. Capture the entire message thread header when possible.
Assuming SIM registration guarantees recovery
SIM registration can help enforcement, but scammers still use fake identities, stolen IDs, spoofing, and mule accounts. A registered SIM does not automatically mean quick identification or refund.
Giving more information to “verify” the report
Scammers sometimes call again pretending to be the bank, NTC, police, or “cybercrime office.” Government offices and banks should not ask for your OTP, PIN, full password, CVV, or remote access to your phone.
Special situations
OFWs and Filipinos abroad
If you are abroad but your Philippine SIM, bank, or e-wallet was targeted:
- Report to your bank or e-wallet through official international channels;
- Keep screenshots showing Philippine time if possible;
- Use email reporting if you cannot call local hotlines;
- Ask PNP-ACG, NBI, or CICC what format they require for affidavits executed abroad;
- Philippine embassies or consulates may assist with notarization or acknowledgment depending on the document and location.
If the affidavit will be used in a Philippine proceeding, confirm whether it must be consularized or apostilled, especially if notarized before a foreign notary.
Foreigners in the Philippines
Foreigners may report smishing and cyber fraud if the incident occurred in the Philippines, used Philippine telecom or financial infrastructure, or affected a Philippine bank/e-wallet account. Bring your passport, ACR I-Card if applicable, local contact details, screenshots, and transaction records.
Scam texts using your real name
A message that uses your real name does not automatically prove a data breach by a specific company. Your details may have come from leaked databases, online forms, public posts, delivery records, raffles, old contact tracing forms, lending apps, or previous breaches. Report to NPC when there is a concrete reason to believe a specific organization mishandled your personal data.
Threatening text messages
If the text contains threats of harm, extortion, blackmail, doxxing, or coercion, report to law enforcement, not just NTC. Preserve all messages and do not negotiate with the sender.
Frequently Asked Questions
How do I report smishing in the Philippines?
For ordinary scam or spam texts, report to the NTC through its text spam/scam reporting page and submit your ID plus screenshots of the message. If the scam involves fraud, money, identity theft, or account takeover, also report to CICC Hotline 1326, PNP Anti-Cybercrime Group, or NBI Cybercrime Division.
Can NTC block a scam text number?
NTC receives complaints and may endorse them to the relevant telco or concerned agencies for blocking or appropriate action. You should provide a clear screenshot showing the sender’s number or sender ID, full message, date, time, and link. (www.foi.gov.ph)
What if I clicked the link but did not enter information?
Close the page, clear the browser tab, do not download anything, and monitor your accounts. If you downloaded a file or app, disconnect the device from sensitive accounts, scan for malware, and change passwords from another trusted device.
What if I gave my OTP to a scammer?
Call your bank or e-wallet immediately. Ask for account locking, card blocking, transaction dispute, and preservation of logs. Then report to CICC 1326 and consider filing a cybercrime complaint with PNP-ACG or NBI.
Can I get my money back after a text scam?
It depends on how fast you reported, where the funds went, whether the recipient account can be frozen, and whether the financial institution complied with required safeguards. AFASA recognizes temporary holding of disputed funds and possible restitution in proper cases, but recovery is not automatic. (Supreme Court E-Library)
Is a smishing text a cybercrime?
It can be. A mere unsolicited text may be handled administratively as spam or scam reporting. But if it is used to steal credentials, access accounts, obtain identifying information, or commit fraud, it may involve cybercrime under RA 10175, estafa under the Revised Penal Code, and financial account scamming under RA 12010.
Should I report to the police or NBI even if the amount is small?
Yes, especially if there is identity theft, account takeover, repeated messages, threats, or a pattern affecting others. Small amounts are often part of larger organized scam operations.
Can I find out who owns the scammer’s SIM?
You generally cannot obtain subscriber identity directly just by asking. Subscriber information is protected and usually requires proper legal process or authorized investigation. Report through NTC, CICC, PNP-ACG, or NBI so the proper agency can request or preserve records through lawful channels.
Do I need a notarized affidavit?
For initial reporting to NTC, you usually submit the required online information and attachments. For formal complaints before NBI, PNP, NPC, or prosecutor-related proceedings, a sworn statement or notarized complaint-affidavit may be required. The NPC specifically requires its formal complaint form to be notarized. (National Privacy Commission)
Is it safe to post the scammer’s number online?
Be careful. Public posting may warn others, but it can also expose your own information, affect an investigation, or lead to disputes if the number was spoofed or recycled. It is better to report through official channels and share warnings without revealing your personal details.
Key Takeaways
- Do not click, reply, or call numbers inside suspicious texts.
- Take screenshots showing the sender, message, link, date, and time.
- Report ordinary text scams to NTC with your ID and screenshot.
- Call CICC Hotline 1326 for online scams, phishing, and cyber fraud.
- If money or account access is involved, contact your bank or e-wallet immediately before anything else.
- For serious fraud, identity theft, threats, or losses, file with PNP Anti-Cybercrime Group or NBI Cybercrime Division.
- Report possible personal data misuse by organizations to the National Privacy Commission.
- Philippine laws that may apply include RA 10175, RA 11934, RA 12010, the Data Privacy Act, and Article 315 on estafa under the Revised Penal Code.
- Fast reporting, complete screenshots, and organized transaction records give you the best chance of blocking the scammer, preserving evidence, and recovering funds.