How to Stop and Report Harassment Through Text Messages Sent from Spoofed Phone Numbers

Harassing text messages from spoofed phone numbers can feel especially frightening because the sender hides behind a fake or misleading number. In the Philippines, you do not have to identify the real sender before taking action. What matters first is preserving evidence, protecting your safety, reporting the incident to the right offices, and helping law enforcement or regulators trace the source through lawful procedures.

What “spoofed phone number” harassment means

A spoofed number is a phone number or sender ID that appears on your phone but may not be the true source of the message. The message may look like it came from:

  • A normal Philippine mobile number;
  • A company name or bank-style sender ID;
  • A number similar to your own number;
  • A number that cannot receive replies;
  • Different numbers every time, even if the language and threats are clearly from the same person.

Spoofing is common in scams, stalking, blackmail, debt collection abuse, impersonation, and domestic disputes. The visible number may be fake, recycled, hacked, or controlled by a third party. That is why simply texting back, calling the number, or posting the number online often does not solve the problem and may expose you to more risk.

Under the Philippine SIM Registration Act, Republic Act No. 11934, spoofing a registered SIM is punishable when a person causes misleading or inaccurate information about the source of a phone call or text message to be transmitted with intent to defraud, cause harm, or wrongfully obtain anything of value. The penalty is imprisonment of not less than six years, a ₱200,000 fine, or both. (Supreme Court E-Library)

First priority: assess whether this is an emergency

Treat the situation as urgent if the text messages include:

  • Threats to kill, rape, kidnap, stalk, or physically harm you or your family;
  • Threats to go to your home, school, workplace, hotel, or condominium;
  • Blackmail involving private photos, videos, or sexual content;
  • Demands for money, passwords, OTPs, bank details, GCash/Maya access, or cryptocurrency;
  • Messages showing the sender knows your location or daily routine;
  • Repeated messages from different numbers after you block them;
  • Harassment connected to an ex-partner, spouse, dating partner, employer, creditor, or online seller.

For immediate danger, contact local police, barangay officials, building security, or emergency responders right away. Do not wait for the sender to “prove” the threat. In practice, police officers take reports more seriously when the complaint clearly shows the exact words, dates, times, and screenshots of the threats.

Philippine laws that may apply

Text harassment through spoofed numbers may violate several laws at the same time. The correct case depends on the exact content of the messages, the relationship between the sender and victim, and whether money, sexual content, private data, or threats are involved.

Situation Possible legal basis Why it matters
Fake sender ID, misleading number, or spoofed SMS used to harm, defraud, or obtain value RA 11934, SIM Registration Act Penalizes spoofing of a registered SIM when the required intent is present. (Supreme Court E-Library)
Threats, coercion, harassment, defamation, or other crimes committed using ICT RA 10175, Cybercrime Prevention Act of 2012 Crimes under the Revised Penal Code or special laws committed through information and communications technology may be covered by cybercrime rules, with higher penalties in proper cases. (Human Rights Library)
Repeated insulting, tormenting, or disturbing messages Article 287, Revised Penal Code, as amended by RA 10951 May fall under unjust vexation if the acts unjustifiably annoy, irritate, torment, distress, or disturb the victim. The Supreme Court has described unjust vexation as broad enough to cover conduct causing such mental disturbance. (Supreme Court E-Library)
Messages threatening harm to person, honor, property, or family Articles 282–285, Revised Penal Code May amount to grave threats, light threats, or other threats depending on the wording, condition, and seriousness. (Lawphil)
Sexual, misogynistic, homophobic, transphobic, or gender-based online harassment RA 11313, Safe Spaces Act of 2019 Covers gender-based sexual harassment in online spaces, including ICT-enabled acts. (Lawphil)
Harassment by a husband, former husband, live-in partner, ex-boyfriend, dating partner, or person with whom the woman has a child RA 9262, Anti-Violence Against Women and Their Children Act of 2004 Psychological violence includes acts causing or likely to cause mental or emotional suffering. (Lawphil)
Private information was harvested, exposed, sold, or used without authority RA 10173, Data Privacy Act of 2012 Protects personal information and regulates how personal data is collected, used, stored, disclosed, and secured. (National Privacy Commission)
False statements damaging reputation sent by SMS, chat, or online post Libel or cyberlibel, depending on publication and medium Cyberlibel is covered by RA 10175 when libel is committed through a computer system or similar means. (Human Rights Library)

What to do immediately after receiving harassing spoofed texts

1. Do not engage more than necessary

Avoid arguing with the sender, threatening back, or sending insults. A short message like “Stop contacting me” may be useful once, especially in non-emergency harassment, but repeated replies can give the harasser more material and may complicate the evidence.

Do not click links, download files, scan QR codes, or provide OTPs. If the message claims to be from a bank, telco, delivery company, government office, or e-wallet, verify only through the official app, website you type yourself, or customer service channel.

2. Preserve the evidence before blocking

Before deleting or blocking, collect evidence in a way that investigators can understand.

Save:

  • Full screenshots showing the sender ID or number, date, time, and full message;
  • Screen recording scrolling through the conversation;
  • The phone’s call log, if there were calls;
  • Any links, QR codes, wallet numbers, bank accounts, usernames, or email addresses mentioned;
  • Proof that the messages were received on your number;
  • Notes on what happened before and after each message;
  • Names of witnesses who saw the messages when they arrived.

Do not edit the screenshots except to create a separate redacted copy for public sharing. Keep the original files. If possible, export or back up the message thread to cloud storage, email, or another device.

3. Make a simple incident log

A clean timeline helps police, NBI, prosecutors, and telcos understand the pattern.

Use this format:

Date and time Sender shown Exact message summary Your action Evidence file
20 June 2026, 8:14 PM +63 9XX XXX XXXX Threatened to go to my house Screenshot taken, did not reply IMG_001
20 June 2026, 8:22 PM “BANK-ALERT” Sent link asking for OTP Did not click, reported to telco IMG_002
21 June 2026, 12:03 AM Unknown number Sexual insult and threat Blocked after screenshot IMG_003

This may look basic, but it is very helpful. Many complaints fail because the evidence is scattered, incomplete, or cannot show when the messages were received.

4. Secure your phone, SIM, accounts, and privacy

If the texts mention your bank, GCash, Maya, social media, email, or work accounts:

  • Change passwords immediately using a trusted device;
  • Turn on two-factor authentication;
  • Remove unknown logged-in devices;
  • Call your bank or e-wallet provider if money, OTPs, or account access is involved;
  • Check whether your SIM was swapped, lost signal unexpectedly, or stopped receiving OTPs;
  • Tell family members not to respond to suspicious messages pretending to be you.

If the harassment involves intimate images, blackmail, or threats to expose private information, do not pay immediately out of panic. Payment often leads to more demands. Preserve the demand messages and report quickly.

Where to report harassing spoofed text messages in the Philippines

National Telecommunications Commission

The National Telecommunications Commission (NTC) is the regulator for telcos. It receives reports on text scams, spam, illegal messages, and threatening messages. NTC has directed the public to use its text spam/spam report page for complaints involving text scam, text spam, illegal messages, and threatening messages. (www.foi.gov.ph)

Report to NTC when:

  • The harassment is through SMS or calls;
  • The sender uses multiple numbers;
  • The message appears spoofed;
  • You want the number or sender pattern investigated or blocked at telco level;
  • The message involves scam links, fake sender IDs, or fraudulent SIM use.

Useful details to include:

  • Your full name and contact number;
  • The number or sender ID displayed;
  • Date and time of messages;
  • Screenshots;
  • Message content copied exactly;
  • Whether there was a link, QR code, bank account, wallet number, or demand;
  • Your telco network;
  • Whether you already reported to Globe, Smart, DITO, PNP, NBI, or CICC.

NTC-related FOI responses also refer complainants to hotline 1682 for SIM registration concerns and to DICT’s 1326 complaint center hotline for related matters. (www.foi.gov.ph)

Your telco: Globe, Smart, DITO, or other provider

Report to your own telco even if you also report to NTC. Telcos can block, filter, deactivate, or investigate suspicious traffic faster within their own network systems.

Telco Reporting option
Globe / TM Globe’s #StopSPAM page or GlobeOne app. Globe states that reports may be filed through its Stop Spam page or the GlobeOne app. (Globe Telecom)
Smart / TNT / Sun Smart has encouraged reporting suspicious SMS or calls through official Smart channels and has referred users to its HuliScam portal and cybersecurity reporting channels. (www.foi.gov.ph)
DITO DITO’s help center lists DITO app chat, 185 from a DITO number, and official social media channels for customer care. (DITO)

When reporting to a telco, do not just say “Please block this number.” Say that the messages are harassing, threatening, spoofed, or fraudulent, and attach screenshots. Ask for a reference number if available.

PNP Anti-Cybercrime Group

For threats, extortion, stalking, identity theft, cyber harassment, cyberlibel, sextortion, or hacking-related messages, report to the Philippine National Police Anti-Cybercrime Group (PNP-ACG) or the nearest police station, which may refer the matter to the cybercrime unit.

PNP-ACG is the specialized police unit for cybercrime matters. FOI responses from the PNP have referred cybercrime complainants to the PNP-ACG eComplaint link and the email address acg@pnp.gov.ph. (www.foi.gov.ph)

Bring or prepare:

  • Government-issued ID;
  • Printed screenshots and digital copies;
  • Incident log;
  • Your phone with the original messages;
  • Any suspect information, even if incomplete;
  • Proof of relationship if the harasser is an ex-partner, spouse, co-worker, creditor, or business contact;
  • Prior barangay blotter or police blotter, if any.

NBI Cybercrime Division

The National Bureau of Investigation Cybercrime Division handles computer-related and cybercrime complaints. Its Citizen’s Charter states that the general public may avail of investigative assistance for victims of computer crimes, with complainants proceeding to the Cybercrime Division, undergoing preliminary interview, filling out a sworn complaint sheet, executing sworn statements or submitting affidavits, and submitting supporting documents. The listed total processing time for the initial assistance process is about one hour and ten minutes, with no fees indicated. (National Bureau of Investigation)

NBI is often useful when:

  • The harassment is organized, technical, or cross-platform;
  • There are fake accounts, phishing links, hacked accounts, or online blackmail;
  • You need digital forensics;
  • The sender is unknown but may be traceable through records;
  • The matter may require subpoenas, warrants, or coordination with service providers.

Bring both printed and digital evidence. If your phone is needed for examination, ask how it will be handled and whether you can keep a backup.

CICC and the 1326 hotline

The Cybercrime Investigation and Coordinating Center (CICC) helps coordinate cybercrime and scam reports. The government has promoted hotline 1326 for scam and cyber fraud reports. The Philippine News Agency reported that cyber fraud victims may call 1326, while those who receive text scams may report numbers through the eGov app’s eReport feature, with data sent to NTC for blocking action. (Philippine News Agency)

Use CICC/1326 especially when:

  • There is an ongoing scam or fraud attempt;
  • Money was transferred or is about to be transferred;
  • The text involves phishing links, fake government messages, or fake bank messages;
  • You need quick guidance on where to report next.

Barangay and local police blotter

A barangay blotter or police blotter does not automatically file a criminal case, but it creates an official record. It is useful when:

  • You need immediate community-level assistance;
  • The sender is someone nearby;
  • There are threats to visit your home, school, or workplace;
  • You need documentation for a protection order, workplace report, school report, condo security, or later prosecutor complaint.

If the incident involves violence against women and children, the barangay may be able to assist with a Barangay Protection Order (BPO) under RA 9262. For serious threats or cybercrime, go to the police or NBI as well.

How law enforcement can trace spoofed SMS

Ordinary users usually cannot identify the real sender of spoofed messages. Telcos and online service providers do not normally release subscriber, traffic, or technical records to private individuals just because someone asks.

In cybercrime investigations, law enforcement may use lawful tools such as preservation, disclosure, search, seizure, and examination of computer data. The Supreme Court’s Rule on Cybercrime Warrants, A.M. No. 17-11-03-SC, provides procedures for cybercrime warrants involving preservation, disclosure, interception, search, seizure, examination, custody, and destruction of computer data. (Office of the Court Administrator)

This is why fast reporting matters. Some technical records are time-sensitive. If you wait too long, logs may become harder to retrieve, accounts may be deleted, SIMs may be discarded, and spoofing infrastructure may move.

Step-by-step reporting plan

Step 1: Save evidence

Take screenshots and screen recordings before blocking. Save the original messages if possible.

Step 2: Make a short written summary

Write one page containing:

  • Who you are;
  • Your phone number that received the messages;
  • When the harassment started;
  • What the sender said or demanded;
  • Why you believe it is spoofed;
  • Whether you know who may be behind it;
  • What you have already done.

Step 3: Report to your telco and NTC

This is important for blocking, filtering, and regulatory action. Attach screenshots and ask for a reference number.

Step 4: Report to PNP-ACG or NBI if there are threats, extortion, stalking, sexual content, identity theft, or repeated harassment

Bring your phone, ID, evidence files, and incident log. Be ready to execute a complaint-affidavit or sworn statement.

Step 5: File with the prosecutor if a criminal complaint is being pursued

For many criminal cases, the complaint eventually goes through the Office of the City or Provincial Prosecutor for preliminary investigation. You may need:

  • Complaint-affidavit;
  • Affidavits of witnesses;
  • Screenshots and printed copies;
  • Certification or records from police/NBI when available;
  • Proof of identity;
  • Other supporting documents.

The prosecutor determines whether there is probable cause to file an Information in court.

Step 6: Consider protection remedies if the sender is known and there is continuing danger

Depending on the facts, this may include:

  • Barangay Protection Order, Temporary Protection Order, or Permanent Protection Order under RA 9262;
  • School or workplace protective measures;
  • Condo or subdivision security notice;
  • Police assistance;
  • Court relief in appropriate cases.

Evidence checklist

Evidence Why it helps
Screenshots with date and time Shows what was sent and when
Screen recording Shows continuity of the thread and reduces claims of editing
Original phone and SIM Helps investigators verify receipt
Incident log Shows pattern and escalation
Links and QR codes May help trace phishing infrastructure
Wallet, bank, or crypto addresses Useful for fraud or extortion investigation
Witness affidavits Supports the impact and authenticity of the incident
Medical or psychological records, if any May support emotional distress in serious cases
Prior complaints or blotters Shows history and repeated conduct
Proof of relationship Important for RA 9262, workplace, school, or domestic harassment cases

Common mistakes to avoid

Deleting the messages too early

Many victims delete messages because they feel scared or disgusted. Screenshot and back them up first. Deleted messages may still sometimes be recoverable, but recovery is not guaranteed.

Posting the number publicly

Publicly posting the displayed number can backfire if the number was spoofed, recycled, or belongs to an innocent person. It can also expose you to defamation or privacy issues. Report the number to telcos, NTC, PNP, NBI, or CICC instead.

Assuming the visible number is the real culprit

Spoofing means the displayed number may be misleading. Tell investigators why you suspect a particular person, but separate facts from assumptions. For example: “The wording is similar to my ex-partner’s prior messages” is more useful than “This number is definitely my ex.”

Paying blackmailers

If the sender threatens to leak photos, videos, or private information, paying often does not stop the abuse. Preserve the demand, report quickly, and secure your accounts.

Relying only on blocking

Blocking helps your peace of mind, but it may not stop a determined harasser using spoofed or rotating numbers. Block after preserving evidence, then report.

Waiting until the harassment becomes worse

Early reports help establish pattern. Even if the first report does not immediately lead to arrest, it creates a record that can support later action.

Special situations

If the harassment comes from an ex-partner or spouse

If you are a woman and the sender is your husband, former husband, live-in partner, former live-in partner, boyfriend, ex-boyfriend, dating partner, or a person with whom you have a child, RA 9262 may apply. Psychological violence under RA 9262 includes acts causing or likely to cause mental or emotional suffering. (Lawphil)

In practice, bring proof of the relationship, such as:

  • Marriage certificate;
  • Child’s birth certificate;
  • Photos together;
  • Messages showing the relationship;
  • Barangay records;
  • Witness statements.

A barangay, police Women and Children Protection Desk, prosecutor, or court may be involved depending on the remedy sought.

If the messages are sexual or gender-based

If the text messages contain sexual comments, threats, homophobic or transphobic insults, misogynistic attacks, cyberstalking, or repeated sexual demands, RA 11313 or the Safe Spaces Act may be relevant. The law covers gender-based sexual harassment in online spaces, workplaces, schools, public spaces, and other settings. (Lawphil)

Preserve the exact wording. In gender-based harassment, the actual language used often matters.

If the sender is a debt collector

Debt collection does not justify threats, public shaming, sexual insults, repeated abusive messages, or contacting your relatives with false or humiliating statements. Save the messages and identify the lending app, company, collector name, number, account, and loan reference if any.

Depending on the facts, remedies may involve the SEC, NPC, police, prosecutor, or civil action.

If you are a foreigner in the Philippines

Foreigners may report harassment to Philippine authorities if the messages were received in the Philippines, the offender is in the Philippines, the service provider or SIM is Philippine-based, or part of the offense occurred here.

Bring:

  • Passport and visa or immigration status document;
  • Philippine address or hotel/condo details;
  • Local phone number used;
  • Screenshots and incident log;
  • Any police report from your home country if the harassment crosses borders.

If documents from abroad are needed for Philippine proceedings, authorities may ask for authentication or apostille depending on the document and country of origin.

If you are a Filipino abroad receiving harassment from the Philippines

You can still preserve evidence and report to the Philippine telco, NTC, CICC, PNP-ACG, or NBI. If you need to execute an affidavit abroad, it may have to be acknowledged before the Philippine Embassy or Consulate, or notarized locally and apostilled, depending on how it will be used.

Frequently Asked Questions

Can I report harassment if the number is spoofed and I do not know the real sender?

Yes. You can report based on the messages you received. Identifying the real sender is part of investigation. Provide screenshots, timestamps, message content, and any clues about who may be behind it.

Should I report to NTC, PNP, or NBI first?

For spam, scam, spoofed sender IDs, and blocking concerns, report to your telco and NTC. For threats, extortion, stalking, identity theft, sexual harassment, hacking, or repeated targeted harassment, report to PNP-ACG or NBI as well. These reports can be done in parallel.

Can the police trace a spoofed number?

Possibly, but not always from the visible number alone. Investigators may need telco records, traffic data, device information, account records, IP logs, warrants, preservation requests, or coordination with platforms and service providers. Fast reporting improves the chances.

Is repeated texting a crime in the Philippines?

It can be, depending on the content, frequency, intent, and effect. Repeated texts may support unjust vexation, threats, cybercrime-related offenses, gender-based online sexual harassment, RA 9262 psychological violence, or other offenses.

What if the text says they will post my private photos?

Treat it as urgent. Save the messages, do not send more photos or money, secure your accounts, and report to PNP-ACG or NBI. If intimate images are involved, other laws may apply depending on how the images were obtained, shared, or threatened to be shared.

Can I ask NTC or the telco for the registered owner of the SIM?

Usually, no. SIM registration data and subscriber information are protected. They are generally released through proper legal process, not private request. Report the incident so authorized agencies can request records when legally justified.

Is a barangay blotter enough?

A barangay blotter is useful documentation, but it is usually not enough for serious cyber harassment, spoofing, threats, extortion, or stalking. Use it as supporting evidence, then report to the police, PNP-ACG, NBI, NTC, or prosecutor as appropriate.

Should I change my number?

Changing your number may help if the harassment is overwhelming, but preserve evidence and report first. Also update account recovery settings, bank records, government accounts, and two-factor authentication before abandoning the old number.

What if the messages come from a company sender ID like a bank name?

Do not trust it automatically. Sender IDs can be abused or spoofed. Do not click links or give OTPs. Report the message to the bank or company through official channels, your telco, NTC, and CICC if it appears to be phishing or fraud.

How long does a cyber harassment complaint take?

Initial intake may be quick, sometimes the same day. NBI’s Citizen’s Charter for computer crime investigative assistance lists an initial process of about one hour and ten minutes with no fee for that frontline assistance. Actual investigation, telco coordination, forensic work, prosecutor review, and court proceedings can take weeks to months or longer depending on complexity, evidence, and agency workload. (National Bureau of Investigation)

Key Takeaways

  • Spoofed numbers make the sender harder to identify, but they do not prevent you from reporting.
  • Save screenshots, screen recordings, message logs, and the original phone evidence before blocking.
  • Report spoofed or abusive texts to your telco and NTC for blocking and regulatory action.
  • Report threats, extortion, stalking, sexual harassment, identity theft, hacking, or repeated targeted abuse to PNP-ACG or NBI.
  • RA 11934 penalizes spoofing of registered SIMs when done with intent to defraud, cause harm, or wrongfully obtain value.
  • RA 10175, the Revised Penal Code, RA 11313, RA 9262, and the Data Privacy Act may also apply depending on the message content and relationship of the parties.
  • Do not rely on the displayed number as proof of identity; let investigators trace the real source through lawful channels.
  • Early reporting is important because digital records, SIM activity, links, and technical logs can disappear over time.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login