A suspicious text can feel harmless until it asks you to click a link, enter an OTP, “verify” your GCash or bank account, pay a fake delivery fee, or reply with personal details. In the Philippines, these messages are usually called smishing—phishing done through SMS or text messages. The right response depends on what happened: a scam text with no loss should be reported to your telco and the National Telecommunications Commission (NTC); a compromised bank or e-wallet account must be reported to the financial institution immediately; and an actual fraud, identity theft, or account takeover may need a formal cybercrime complaint with the PNP Anti-Cybercrime Group, the NBI Cybercrime Division, or the Cybercrime Investigation and Coordinating Center.
What Is Smishing?
Smishing is a text scam designed to make you do something unsafe, such as:
- Click a malicious link
- Enter your OTP, password, MPIN, or bank login
- Send money to a fake account
- Download an app or file
- Reply with personal information
- Call a fake “customer service” number
- Believe that the message came from a bank, e-wallet, courier, government office, or telco
Common examples in the Philippines include:
- “Your parcel is on hold. Pay ₱17.00 here.”
- “Your GCash account will be deactivated. Verify now.”
- “Your bank account has been locked due to suspicious activity.”
- “You won a raffle. Claim your prize today.”
- “Your SIM will expire unless you update your registration.”
- “You have unpaid toll/traffic penalties.”
- “Part-time job offer. Earn ₱3,000 daily.”
- “Government ayuda release. Register here.”
Some scam texts come from ordinary mobile numbers. Others appear under a business name or sender ID, making them look more legitimate. The SIM Registration Act recognizes spoofing as a punishable act when a person or entity transmits misleading or inaccurate caller identification information with intent to defraud, cause harm, or wrongfully obtain anything of value. (Supreme Court E-Library)
Who Should You Report a Text Scam To?
There is no single office for every scam text. The best office depends on whether the scam was merely received, clicked, or caused actual loss.
| Situation | Where to Report | Why |
|---|---|---|
| You received a suspicious text but did not click or lose money | Your telco and NTC | For blocking, monitoring, and regulatory action |
| The text used a suspicious link or fake sender name | Telco, NTC, and CICC 1326 | For scam reporting and cybercrime coordination |
| You clicked the link but did not enter information | Telco, NTC, and your device/account providers | To reduce risk of account compromise |
| You entered an OTP, MPIN, password, or bank details | Bank/e-wallet first, then PNP/NBI/CICC | Account protection and possible investigation |
| Money was transferred or withdrawn | Bank/e-wallet immediately, then PNP Anti-Cybercrime Group or NBI Cybercrime Division | Possible temporary hold, tracing, and formal complaint |
| Your personal data appears to have been leaked or misused | National Privacy Commission, plus the company involved | For possible Data Privacy Act issues |
| You are being threatened, blackmailed, or extorted | PNP/NBI immediately | This may involve criminal threats, extortion, or cybercrime |
| You are abroad but the account, SIM, or victim is in the Philippines | Telco, bank/e-wallet, CICC, PNP/NBI online channels where available | Philippine agencies and institutions may still handle the report |
The CICC’s Inter-Agency Response Center hotline 1326 is intended for reports involving online scams, deceptive text messages, emails, romance scams, impersonation scams, investment fraud, and other cybercrime-related concerns. (Philippine Information Agency)
Legal Basis: What Philippine Laws May Apply?
Republic Act No. 11934, or the SIM Registration Act
Republic Act No. 11934, the SIM Registration Act, requires SIM registration and provides rules for activation, deactivation, reporting lost SIMs, and handling information connected with registered SIMs. For foreign nationals, the law and its implementing rules require identity and stay-related documents, and tourist SIM registration is generally valid for 30 days unless extended under the rules. (Supreme Court E-Library)
The law is important because many scam texts come from mobile numbers. However, SIM registration does not mean an ordinary victim can demand the scammer’s name from the telco or NTC. Subscriber information is protected and may generally be disclosed only through lawful process, such as a subpoena based on a sworn complaint that a specific mobile number was used in an offense. (Supreme Court E-Library)
In practical terms: report the scam text, preserve evidence, and file a formal complaint if there was actual fraud or loss. Do not expect the telco or NTC to simply reveal the registered owner of the number to you.
Republic Act No. 12010, or the Anti-Financial Account Scamming Act
Republic Act No. 12010, the Anti-Financial Account Scamming Act or AFASA, is especially relevant when a smishing text leads to bank, e-wallet, credit card, or other financial account fraud. The law covers electronic communications, including SMS, calls, social media, and email, and defines financial accounts broadly to include bank accounts, credit accounts, and e-wallets. (Supreme Court E-Library)
AFASA punishes acts such as social engineering schemes and money muling. Social engineering generally means using deception or fraud to obtain sensitive identifying information or gain access to a financial account. Money muling involves using or allowing an account to receive, transfer, or move proceeds connected with unlawful activity. (Supreme Court E-Library)
Under BSP rules implementing AFASA, banks and covered financial institutions may temporarily hold disputed funds for up to 30 calendar days, with any further extension requiring court authority. The process may be triggered by a customer complaint through the institution’s 24/7 fraud reporting channel, by the institution’s own fraud management system, or through a request from another financial institution.
This is why speed matters. If you lost money, reporting to your bank or e-wallet within minutes or hours is more useful than posting about the scam days later.
Republic Act No. 10175, or the Cybercrime Prevention Act
Republic Act No. 10175, the Cybercrime Prevention Act of 2012, may apply when the scam involves unauthorized access, identity theft, computer-related fraud, or other cyber-enabled offenses. The law is commonly considered together with other criminal laws when a text scam leads to account takeover, stolen credentials, or fraudulent transactions. (Lawphil)
The Supreme Court reviewed RA 10175 in Disini v. Secretary of Justice, a leading case on the constitutionality of the Cybercrime Prevention Act. For ordinary victims, the practical point is that cybercrime investigations still require proper legal process, evidence preservation, and respect for constitutional rights. (Lawphil)
Revised Penal Code: Estafa
If the scammer deceived you into sending money, the facts may also fall under estafa or swindling under Article 315 of the Revised Penal Code. Estafa generally involves fraud or deceit that causes damage to another person. (Supreme Court E-Library)
For example, if a scammer pretended to be a bank officer, courier, government employee, recruiter, relative, or online seller and convinced you to transfer money, the complaint may involve estafa, cybercrime, AFASA, or a combination of laws depending on the facts.
Access Device and Data Privacy Laws
Republic Act No. 8484, the Access Devices Regulation Act, as amended by Republic Act No. 11449, may be relevant if the scam involved credit cards, debit cards, account numbers, access codes, PINs, or similar financial access devices. (Lawphil)
Republic Act No. 10173, the Data Privacy Act of 2012, may become relevant when the text scam appears connected to a personal data leak, unauthorized processing of personal information, or misuse of customer data by a company, organization, or government-related database. (Lawphil)
Civil Claims for Damages
Aside from criminal reporting, a victim may have civil remedies in the proper case. Article 33 of the Civil Code allows an independent civil action for damages in cases involving fraud, among others. Article 2176 of the Civil Code also recognizes liability for damages caused by fault or negligence, commonly called quasi-delict. (Lawphil) (Supreme Court E-Library)
In real life, recovery is often difficult when the scammer is unknown, using mule accounts, or outside the Philippines. Still, proper documentation helps banks, law enforcement, prosecutors, and courts assess what remedies may be available.
What to Do in the First 10 Minutes
If you just received, clicked, or responded to a scam text, do these immediately.
Do not click again, reply, or call the number. Scammers often use urgency to make you panic. Stop interacting with the message.
Do not delete the text. Take screenshots first. Keep the original message if possible.
Capture complete evidence. Your screenshot should show:
- Sender name or mobile number
- Date and time received
- Full message
- Suspicious link
- Any amount requested
- Any reference number or account number shown
If you clicked a link, do not enter anything further. Close the page. If you downloaded an app or file, disconnect from the internet and avoid using that device for banking until it is checked.
If you entered an OTP, password, MPIN, or bank details, contact the bank or e-wallet immediately. Use the official app, official website, card hotline, or verified customer service channel—not the number or link in the scam text.
Lock or secure affected accounts. Change passwords from a clean device. Log out other sessions. Remove unknown linked devices. Enable multi-factor authentication where available.
If money was transferred, ask for urgent fraud handling. Use clear words such as: “I am reporting an unauthorized transaction caused by a smishing scam. Please freeze my account if needed, investigate the receiving account, and provide a ticket number.”
Save all reference numbers. Keep the bank ticket, e-wallet ticket, telco report number, police blotter, NBI complaint reference, emails, and screenshots in one folder.
How to Report Smishing to the NTC
The NTC accepts reports involving text scams, spam, illegal messages, and threatening messages. The NTC has stated that it does not itself have the capability to identify, track, or ascertain all details of scammers; its role is generally to receive reports and coordinate with telecommunications companies for blocking or appropriate action. (www.foi.gov.ph)
What to Prepare
Before filing your NTC report, prepare:
- Your full name
- Address
- Email address
- Contact number
- The complained mobile number or sender ID
- Screenshot of the scam text showing the full message, sender, date, and time
- Suspicious link, if any
- Valid government-issued ID
NTC public guidance has directed complainants to submit text scam reports through the NTC reporting portal or by email at kontratextscam@ntc.gov.ph, with the sender number, screenshot, and complainant details. (PIA)
Practical Tips When Reporting to NTC
When writing your report, be specific. A useful report usually looks like this:
I am reporting a suspected smishing/text scam. On [date] at [time], I received a message from [number/sender ID] stating “[short description].” The message contained the link [link]. I did not authorize this message and believe it is attempting to obtain personal or financial information. Attached are screenshots showing the sender, date, time, and full message.
After filing, keep the original SMS and report confirmation. The number may be blocked, but blocking does not automatically recover money or identify the scammer. If you lost money, you must also report to your bank/e-wallet and law enforcement.
How to Report to Globe, Smart, DITO, and Other Telcos
Reporting to your telco helps the network identify scam numbers, suspicious sender IDs, and malicious traffic patterns.
Globe, TM, and GOMO
Globe advises users to report scam and spam messages through its Stop Spam reporting channels, including the GlobeOne app. Globe also states that it does not send text messages containing links and asks users to upload screenshots showing the sender or caller ID, timestamp, and full message. (Globe Telecom)
Useful evidence for a Globe-related report includes:
- Screenshot of the full text
- Sender number or sender ID
- Date and time
- Link shown in the message
- Any loss or account compromise, if applicable
Smart, TNT, and Sun
Smart warns that official Smart/TNT/Sun customer care channels will never ask for your OTP, bank account details, or other sensitive information. Smart identifies common smishing red flags such as urgent messages, fake raffle prizes, suspicious links, requests for OTPs or bank details, and payment demands. (Smart Help)
For Smart-related reports, use official Smart channels, such as verified customer service accounts or official hotlines. Avoid sending your OTP, password, or complete card details in the report itself.
DITO
DITO’s advisory on smishing tells users not to click suspicious links, not to provide personal or financial information, and to verify messages through legitimate official channels. (DITO)
For any telco, do not rely only on blocking the number on your phone. Blocking protects you from that sender, but it does not create a regulatory or investigative record.
If You Lost Money or Shared an OTP
If the scam involved money, your first report should usually be to the bank, credit card issuer, or e-wallet—not to social media, and not only to the telco.
Step 1: Contact the Bank or E-Wallet Immediately
Report through the official fraud hotline, in-app help center, official website, or verified support channel.
Give the following details:
- Your full name and account identifier
- Date and time of transaction
- Amount lost
- Transaction reference number
- Receiving account, mobile number, merchant, or wallet if visible
- Screenshot of the scam text
- Screenshot of transaction history
- Whether you entered an OTP, MPIN, password, or clicked a link
- Whether your account is still accessible
Ask for:
- Account freeze or temporary restriction if needed
- Dispute or fraud ticket number
- Investigation of the receiving account
- Written confirmation of your report
- Instructions on affidavits or police/NBI documents, if required
BSP consumer guidance says financial consumers should first report complaints to the financial institution’s own Financial Consumer Protection Assistance Mechanism or customer service channel. If unresolved or unsatisfactorily handled, the complaint may be escalated to the BSP Consumer Assistance Mechanism through BSP Online Buddy or other BSP channels. (Bureau of the Treasury) (Bureau of the Treasury)
Step 2: Ask About a Temporary Hold Under AFASA Procedures
If the money was transferred to another bank or wallet, ask whether the transaction can be subject to coordinated verification or a temporary hold under the financial institution’s fraud process. BSP rules implementing AFASA allow a temporary hold of disputed funds for up to 30 calendar days, with longer periods requiring court authority.
This does not guarantee recovery. It simply means speed and complete details can improve the chance that the funds are still traceable or still within a receiving account.
Step 3: File a Formal Cybercrime Report
After reporting to the financial institution, prepare a complaint with the PNP Anti-Cybercrime Group, the NBI Cybercrime Division, or CICC channels when the facts involve cyber-enabled fraud.
The PNP Anti-Cybercrime Group has identified its eComplaint system and official email as channels for reporting cybercrime concerns. (www.foi.gov.ph)
The NBI Cybercrime Division’s Citizen’s Charter describes an investigative assistance process where a complainant may proceed to the Cybercrime Division, accomplish a complaint sheet, undergo a preliminary interview, execute sworn statements, submit affidavits, and have relevant devices examined. The listed initial process has no government fee and a stated processing time of about one hour and ten minutes, although the full investigation may take longer depending on the case. (National Bureau of Investigation)
Evidence Checklist for Smishing and Text Scam Reports
Good evidence makes your report easier to evaluate. It also helps avoid delays when investigators, banks, or regulators ask for details.
| Evidence | Why It Matters |
|---|---|
| Screenshot of the SMS | Shows the sender, date, time, and exact wording |
| Original SMS still saved on phone | Helps preserve context and metadata |
| Suspicious link | Helps identify phishing pages or malicious domains |
| Transaction receipt | Shows amount, date, recipient, and reference number |
| Bank/e-wallet ticket number | Proves you reported promptly |
| Call logs | Useful if the scam involved a follow-up call |
| Chat messages or emails | Shows the full scam conversation |
| Device used | May be needed if malware or account takeover is suspected |
| Valid ID or passport | Required for formal complaints |
| Written chronology | Helps investigators understand what happened in order |
Electronic evidence is legally significant in the Philippines. The E-Commerce Act recognizes the legal effect and admissibility of electronic documents and electronic data messages, subject to rules on authentication, reliability, and evidentiary weight. (Supreme Court E-Library)
For practical purposes:
- Do not crop screenshots too tightly.
- Do not edit or annotate the original screenshots.
- Keep the phone where the original message was received.
- Export or back up evidence, but keep original files.
- Write a simple timeline while details are fresh.
- If a formal complaint requires an affidavit, make sure the facts match your screenshots and records.
When to Report to the National Privacy Commission
Not every scam text is a Data Privacy Act case. Random scam texts are often reported to the telco, NTC, CICC, PNP, or NBI first.
However, reporting to the National Privacy Commission may be relevant if:
- The scam text contains your full name, address, order details, loan details, workplace, or other specific personal data
- You suspect a company, school, employer, clinic, online seller, lending app, or government-related database leaked your information
- A personal information controller failed to respond to your data privacy concern
- Your data is being used for harassment, fraud, or unauthorized profiling
The NPC provides a formal complaint process and forms for privacy-related complaints. (National Privacy Commission)
A practical first step is to document why you believe a specific organization mishandled your data. A bare statement that “I received spam” may not be enough. Better evidence includes repeated messages using unique data you gave only to one organization, screenshots showing your personal details, or correspondence with the organization’s Data Protection Officer.
Reporting If You Are a Foreigner or Overseas Filipino
Foreigners, tourists, and overseas Filipinos can still be affected by Philippine text scams, especially if they use a Philippine SIM, Philippine bank account, Philippine e-wallet, or local delivery services.
Practical points:
- If you are in the Philippines, you may report through the same telco, NTC, bank, e-wallet, CICC, PNP, or NBI channels.
- If you are abroad, use official online reporting channels of your bank, e-wallet, telco, or law enforcement office where available.
- If a Philippine affidavit is required and you are abroad, the document may need to be notarized locally and apostilled, or executed before a Philippine embassy or consulate, depending on where and how it will be used.
- If your Philippine SIM was registered as a foreign national, keep copies of your passport, proof of address in the Philippines, return ticket, and visa or immigration documents if applicable.
- If the scam involves a foreign bank or overseas transfer platform, report to that institution immediately as well.
For tourists, remember that a Philippine SIM registered under tourist documentation may have limited validity under the SIM Registration Act rules unless properly extended. (Supreme Court E-Library)
Common Mistakes That Make Smishing Reports Harder to Act On
Waiting Too Long Before Calling the Bank or E-Wallet
If money was transferred, minutes matter. Funds can move through several accounts quickly. Report first, then organize your documents.
Deleting the Text After Taking One Screenshot
Keep the original message if possible. Investigators may later need the full sender information, timestamp, message thread, or device context.
Reporting Only on Facebook or X
Public posts may warn others, but they are not a substitute for a telco report, NTC report, bank fraud ticket, or formal cybercrime complaint.
Expecting NTC to Reveal the Scammer’s Identity
NTC and telcos cannot simply give you the registered owner’s personal information on request. Subscriber details are protected and generally require lawful process.
Giving Your OTP to Someone Claiming to Be an Investigator
No legitimate investigator, bank officer, telco employee, or government worker should ask for your OTP, MPIN, or password. Treat that as another scam attempt.
Resetting the Phone Before Preserving Evidence
Factory reset may remove useful evidence. If you suspect malware, stop using the device for sensitive accounts, but preserve evidence before wiping it.
Filing a Barangay Blotter Only
A barangay blotter can document that you reported an incident, but barangays do not have the cybercrime investigation powers of the PNP Anti-Cybercrime Group or NBI Cybercrime Division. For unknown scammers, online fraud, or cross-city/cross-border transactions, proceed to the proper cybercrime or financial fraud channels.
Posting Complete Personal Details Online
Avoid posting your full name, account numbers, reference numbers, IDs, addresses, or unredacted screenshots publicly. You may accidentally expose more personal data or create complications if the information is incomplete or inaccurate.
Sample Report Template for a Smishing Complaint
You may use this format when reporting to a telco, NTC, bank, e-wallet, or cybercrime office. Adjust it based on what happened.
I am reporting a suspected smishing/text scam.
Date and time received:
Sender number or sender ID:
Full message:
Suspicious link:
What I did after receiving the message:
Information entered, if any:
Amount lost, if any:
Bank/e-wallet/account involved:
Transaction reference number, if any:
Steps already taken:
Attachments:
- Screenshot of text message
- Screenshot of transaction
- Bank/e-wallet ticket number
- Valid ID, if requiredIf money was lost, add a short chronology:
At around [time], I received a text message from [sender]. The message stated that [summary]. I clicked the link and entered [information, if any]. At around [time], I noticed an unauthorized transaction amounting to ₱[amount]. I immediately reported the incident to [bank/e-wallet] and received ticket number [ticket number]. I am requesting investigation and assistance.Frequently Asked Questions
How do I report a scam text to NTC?
Prepare a screenshot showing the sender, date, time, and full message. Include your name, address, email, contact number, complained number or sender ID, and valid government ID. NTC guidance has identified its text scam reporting portal and kontratextscam@ntc.gov.ph as reporting channels. (PIA)
Can NTC tell me who owns the scam number?
Usually, no. SIM subscriber information is protected. Under the SIM Registration Act framework, disclosure of information connected with a registered SIM generally requires lawful process, such as a subpoena based on a sworn complaint. (Supreme Court E-Library)
I clicked the link but did not enter anything. What should I do?
Close the page, do not enter any information, take screenshots, report the message, and monitor your accounts. If the page downloaded an app or file, stop using that device for banking until it is checked. Change important passwords from another device if you are unsure.
I gave my OTP. Can I still recover my money?
Possibly, but it depends on how quickly you report, whether the funds are still traceable, and the bank or e-wallet’s investigation. Report immediately through the official fraud channel and ask for dispute handling, account restriction, and possible temporary hold or coordinated verification.
Should I report to PNP or NBI?
For serious cases involving loss of money, account takeover, identity theft, extortion, or repeated cyber harassment, either the PNP Anti-Cybercrime Group or the NBI Cybercrime Division may be appropriate. The important thing is to bring complete evidence, transaction records, IDs, and your bank or e-wallet report reference.
Is a screenshot enough evidence?
A screenshot helps, but it is better to keep the original SMS, transaction records, call logs, emails, chat history, and the device used. Electronic evidence may be admissible if properly authenticated and shown to be reliable. (Supreme Court E-Library)
What if the scam text uses my real name?
That may suggest your personal data came from a leaked, scraped, or previously submitted source. Report the scam text to the telco and NTC. If you have reason to believe a specific company, agency, app, employer, school, or seller mishandled your data, consider a privacy complaint with the National Privacy Commission.
What if the message came from a bank or e-wallet sender name?
Do not trust the sender name alone. Sender IDs can be abused or spoofed. Go directly to the official app, official website, or official hotline. Do not click the link in the text.
Is there a fee to report smishing?
Reports to your telco, NTC, bank, e-wallet, CICC, PNP, or NBI are generally not supposed to require a private “processing fee.” The NBI Cybercrime Division Citizen’s Charter lists no fee for its initial investigative assistance process. (National Bureau of Investigation) You may still spend on printing, notarization, transportation, or authentication if formal documents are later required.
Can foreigners report smishing in the Philippines?
Yes. Foreigners can report to the same relevant institutions if the scam involves a Philippine SIM, Philippine account, Philippine e-wallet, local transaction, or Philippine victim. Bring or prepare your passport and immigration-related documents if filing in person or if the account was registered using foreign national documents.
Key Takeaways
- Do not click, reply, or share OTPs, MPINs, passwords, or bank details.
- Report suspicious texts to your telco and NTC.
- If money or account access is involved, report to your bank or e-wallet immediately before anything else.
- For serious fraud, identity theft, or account takeover, file with the PNP Anti-Cybercrime Group, NBI Cybercrime Division, or CICC 1326.
- Preserve screenshots, original messages, transaction records, ticket numbers, and the device used.
- NTC and telcos cannot simply reveal the scammer’s identity without proper legal process.
- Speed, complete evidence, and reporting to the correct office are the most important factors in a smishing case.