NBI Cybercrime Evidence for Online Lending Harassment

I. Introduction

Online lending has grown rapidly in the Philippines because of the convenience of mobile applications, fast approval, and minimal documentary requirements. However, the same technology that allows borrowers to obtain quick access to credit has also enabled abusive collection practices. A common complaint involves online lending applications or collectors who harass borrowers through threats, public shaming, repeated calls, unauthorized access to contacts, defamatory messages, coercive demands, and the circulation of private information.

In the Philippine context, these acts may give rise to criminal, civil, administrative, and regulatory liability. The National Bureau of Investigation, through its Cybercrime Division or cybercrime-related units, is one of the principal agencies that may receive complaints, evaluate digital evidence, conduct cybercrime investigation, and assist in preserving or examining electronic evidence connected with online lending harassment.

This article discusses what victims should know about NBI cybercrime evidence, what kinds of evidence may be relevant, how such evidence should be preserved, what laws may apply, and how online lending harassment may be documented for possible complaint or prosecution.

II. What Is Online Lending Harassment?

Online lending harassment refers to abusive, threatening, coercive, deceptive, defamatory, or privacy-invasive collection practices committed by lending companies, financing companies, collection agents, or persons acting on their behalf through digital or electronic means.

Common forms include:

  1. Sending threatening text messages or chat messages to the borrower.
  2. Calling repeatedly at unreasonable hours.
  3. Contacting the borrower’s relatives, friends, employer, co-workers, or phone contacts.
  4. Publicly shaming the borrower on social media.
  5. Falsely accusing the borrower of fraud, theft, estafa, or other crimes.
  6. Threatening arrest, imprisonment, barangay action, employer reporting, or public exposure.
  7. Accessing and using the borrower’s contact list without valid consent.
  8. Sending edited photos, malicious graphics, or defamatory posts.
  9. Using abusive, obscene, insulting, or degrading language.
  10. Disclosing the borrower’s personal data, debt information, identification documents, or private communications.

Not every debt collection effort is illegal. A creditor may lawfully demand payment. However, the law does not permit harassment, threats, humiliation, unauthorized disclosure of personal data, cyber-libel, identity misuse, or abusive collection methods.

III. Why Evidence Matters in NBI Cybercrime Complaints

In cybercrime cases, evidence is often digital. Messages can be deleted, accounts can be renamed, numbers can be blocked, and online posts can disappear. Because of this, early preservation of evidence is critical.

The NBI may evaluate whether the complaint involves cybercrime, data privacy violations, threats, unjust vexation, libelous statements, identity misuse, illegal access, or other offenses. The strength of a complaint often depends on the clarity, authenticity, and completeness of the submitted evidence.

A complainant should be able to show:

  1. What happened.
  2. When it happened.
  3. Who sent or published the communication, if known.
  4. What platform was used.
  5. What exact words, images, recordings, or posts were involved.
  6. How the complainant was harmed.
  7. Whether other persons received the messages.
  8. Whether personal data was accessed, used, or disclosed without authority.
  9. Whether the acts were connected to an online lending application or collection activity.

IV. Legal Framework in the Philippines

Online lending harassment may involve several laws and legal concepts. The exact charge depends on the facts.

A. Cybercrime Prevention Act

The Cybercrime Prevention Act may apply when the unlawful act is committed through a computer system, mobile device, social media platform, messaging application, email, or other information and communications technology.

Potentially relevant cybercrime-related issues include cyber-libel, computer-related identity misuse, unlawful access, data interference, system misuse, and other offenses depending on the conduct involved.

If a collector posts defamatory statements online, sends malicious accusations through digital channels, or uses electronic means to shame the borrower, the cybercrime law may become relevant.

B. Revised Penal Code Offenses

Some acts may also fall under traditional criminal offenses, even if committed online. Depending on the facts, these may include:

  1. Grave threats.
  2. Light threats.
  3. Unjust vexation.
  4. Slander or oral defamation.
  5. Libel.
  6. Intriguing against honor.
  7. Coercion.
  8. Alarms and scandals.
  9. Other offenses involving intimidation or reputational harm.

For example, if a collector threatens to harm the borrower or the borrower’s family, this may be treated differently from a mere demand for payment. If the collector falsely tells the borrower’s employer that the borrower is a criminal, that may raise defamation concerns.

C. Data Privacy Act

The Data Privacy Act is especially important in online lending harassment cases. Many complaints involve alleged unauthorized access to the borrower’s phone contacts, unauthorized use of names and numbers, and disclosure of personal information.

Possible data privacy issues include:

  1. Collection of excessive personal information.
  2. Lack of valid consent.
  3. Unauthorized access to contacts.
  4. Unauthorized disclosure of debt information.
  5. Use of personal data for harassment.
  6. Sharing of personal data with third-party collectors without proper basis.
  7. Failure to protect borrower information.

The National Privacy Commission may have jurisdiction over data privacy complaints, while the NBI may become involved when the conduct also amounts to a cybercrime or criminal offense.

D. Lending Company and Financing Company Regulations

Online lending platforms may also be subject to regulation by government agencies such as the Securities and Exchange Commission when they operate as lending or financing companies. Abusive debt collection practices may result in administrative sanctions, suspension, revocation, penalties, or other regulatory action.

A borrower may consider filing complaints not only with law enforcement but also with the appropriate regulator when the lending company is registered or claims to be registered.

E. Civil Liability

Apart from criminal or administrative remedies, victims may also consider civil claims for damages when harassment causes reputational injury, mental anguish, loss of employment opportunity, business harm, or other measurable damage. Civil liability may arise from abuse of rights, defamation, invasion of privacy, or other wrongful acts.

V. Types of Evidence Useful for NBI Cybercrime Complaints

The following evidence may be useful in documenting online lending harassment.

A. Screenshots of Messages

Screenshots are among the most common forms of evidence. They may include:

  1. SMS messages.
  2. Viber messages.
  3. Messenger chats.
  4. WhatsApp messages.
  5. Telegram chats.
  6. Email messages.
  7. In-app notifications.
  8. Social media comments or posts.

A good screenshot should show the sender, date, time, message content, and platform. Where possible, it should include the full conversation thread, not only isolated messages.

B. Screen Recordings

Screen recordings can be stronger than screenshots because they show the user navigating within the actual application or conversation. A screen recording may help show that the messages are not edited images.

A useful screen recording may show:

  1. The phone’s date and time.
  2. Opening of the messaging application.
  3. The sender’s profile, number, or account name.
  4. The conversation thread.
  5. The threatening or defamatory message.
  6. The link between the account and the lending app, if visible.

C. Call Logs

Call logs may prove repeated calls, especially if harassment involves dozens of calls per day or calls at unusual hours. The complainant should preserve logs showing:

  1. Caller number.
  2. Date.
  3. Time.
  4. Duration.
  5. Frequency.
  6. Missed calls and answered calls.

D. Voice Recordings

If calls contain threats, insults, or admissions, recordings may be relevant. The complainant should be cautious and seek legal advice regarding the admissibility and legality of recordings, especially where privacy or anti-wiretapping issues may arise.

Even when recordings are available, it is useful to prepare a written summary or transcript identifying the date, time, caller, number used, and exact statements made.

E. Social Media Posts

If collectors post defamatory or humiliating content online, preserve:

  1. Screenshots of the post.
  2. URL or profile link.
  3. Account name.
  4. Date and time visible on the post.
  5. Comments and reactions.
  6. Names of persons who saw or received the post.
  7. Screenshots showing that the post was public or shared with others.

If the post is deleted later, early screenshots and screen recordings may become crucial.

F. Messages Sent to Third Parties

Online lending harassment often involves contacting the borrower’s relatives, employer, friends, or phone contacts. Evidence from third parties may include:

  1. Screenshots received by relatives or co-workers.
  2. Affidavits from recipients.
  3. Call logs of third parties.
  4. Messages showing disclosure of the borrower’s debt.
  5. Messages falsely accusing the borrower of crimes.
  6. Messages threatening embarrassment unless payment is made.

Third-party evidence is important because it may show public disclosure, reputational damage, unauthorized use of contacts, and malicious collection tactics.

G. App Permissions and Privacy Settings

The complainant should document the online lending application’s permissions, such as access to contacts, camera, storage, microphone, location, or SMS. Evidence may include screenshots of:

  1. App permission settings.
  2. App privacy policy.
  3. Consent screen during registration.
  4. Terms and conditions.
  5. Collection policy.
  6. Data-sharing provisions.

This may help establish whether the application accessed more personal data than necessary or used data beyond the purpose disclosed to the borrower.

H. Loan Documents and Transaction Records

The complainant should preserve records showing the relationship with the lending platform, including:

  1. Loan application screenshots.
  2. Loan approval notice.
  3. Loan amount.
  4. Disbursement record.
  5. Repayment schedule.
  6. Interest, penalties, and fees.
  7. Payment receipts.
  8. Bank or e-wallet transaction history.
  9. Account number or e-wallet number used for payment.
  10. Name of the lending application or company.

These records help show that the harassment is connected to a specific loan transaction.

I. Identification of the Lending App or Company

Where available, the complainant should collect:

  1. Name of the app.
  2. App store listing.
  3. Developer name.
  4. Website.
  5. Business address.
  6. Contact email.
  7. Registered company name.
  8. SEC registration details, if available.
  9. Customer service number.
  10. Collector’s number or account.

Some abusive online lending operations use multiple app names or collectors. It is useful to document all aliases, numbers, and platforms involved.

J. Witness Statements

Witnesses may include relatives, friends, co-workers, employers, or other persons who received messages or saw posts. Their statements may support claims of harassment, public shaming, defamation, or unauthorized disclosure.

A witness statement should describe:

  1. The witness’s relationship to the complainant.
  2. What message or call was received.
  3. When it was received.
  4. Who sent it.
  5. What was said.
  6. Whether the witness saved screenshots, call logs, or recordings.
  7. How the message affected the complainant.

VI. How to Preserve Digital Evidence

Digital evidence should be preserved carefully. Poor preservation can weaken a complaint.

A. Do Not Delete Messages

The victim should avoid deleting chats, call logs, posts, or emails. Even if screenshots are taken, the original messages should remain available on the device whenever possible.

B. Take Clear Screenshots

Screenshots should show the full context. Avoid cropping out dates, sender names, numbers, or platform details. If the conversation is long, take sequential screenshots.

C. Make Screen Recordings

A screen recording showing the actual conversation in the app can help authenticate screenshots. It is useful to start from the phone’s home screen, open the relevant app, and navigate to the messages.

D. Export Chats Where Possible

Some messaging applications allow export of conversations. Exported chats may provide timestamps and metadata that screenshots alone may not show.

E. Save URLs and Profile Links

For social media posts, save the link, profile URL, page name, username, and date accessed. If the post is later deleted, this information may help investigators.

F. Keep the Original Device

If possible, keep the phone used to receive the harassment. Avoid factory reset. Avoid uninstalling the app until the relevant evidence has been preserved.

G. Back Up Evidence

Store copies in more than one location, such as cloud storage, external drive, or email. Keep the original files intact. Avoid editing images or recordings.

H. Create a Timeline

A timeline helps investigators understand the pattern. It should list dates, times, senders, platforms, and descriptions of each incident.

Example:

Date Time Platform Sender Incident Evidence
March 1 9:10 AM SMS 09xx xxx xxxx Threatened to message employer Screenshot 1
March 1 10:42 AM Messenger Account Name Sent defamatory message to sibling Screenshot 2; witness statement
March 2 7:30 AM Phone call 09xx xxx xxxx Repeated abusive call Call log; recording if available

VII. Authentication and Admissibility of Electronic Evidence

In Philippine proceedings, electronic evidence may need to be authenticated. A screenshot is not automatically conclusive merely because it is printed. The person presenting it may need to explain how it was obtained, from what device, when it was captured, and whether it accurately represents the original communication.

Useful authentication details include:

  1. Identity of the person who took the screenshot.
  2. Device used.
  3. Date and time of capture.
  4. Application or platform involved.
  5. Whether the original message still exists.
  6. Whether the screenshot was edited.
  7. Whether a screen recording is available.
  8. Whether another person received the same message.

For stronger preservation, the complainant may submit the device for examination, provide original files, or ask investigators about proper forensic handling.

VIII. What the NBI May Look For

The NBI may examine whether the evidence shows a criminal or cybercrime component. They may consider:

  1. Whether the communication was sent through electronic means.
  2. Whether the sender can be identified.
  3. Whether the statements contain threats, defamatory accusations, extortion-like demands, or coercion.
  4. Whether personal data was unlawfully accessed or disclosed.
  5. Whether the conduct was part of a repeated pattern.
  6. Whether the lending platform or collector can be traced.
  7. Whether other victims exist.
  8. Whether preservation or forensic examination is necessary.

The NBI may also ask for additional documents, such as valid identification, affidavits, printed screenshots, digital copies, phone numbers, URLs, and the complainant’s written narration.

IX. Preparing a Complaint

A complainant should prepare an organized complaint package. This may include:

  1. Complaint-affidavit.
  2. Chronology of events.
  3. Screenshots and printed copies.
  4. Digital copies stored in USB or other accepted medium.
  5. Call logs.
  6. Screen recordings.
  7. Witness statements.
  8. Loan documents.
  9. App details.
  10. Payment receipts.
  11. Identification documents.
  12. Contact information of witnesses.
  13. Summary of harm suffered.

The complaint-affidavit should be factual. It should avoid exaggeration and clearly state what happened. Each allegation should be supported by evidence whenever possible.

X. Sample Structure of a Complaint-Affidavit

A complaint-affidavit may be organized as follows:

  1. Personal circumstances of the complainant.
  2. Identification of the lending app or collector, if known.
  3. Description of the loan transaction.
  4. Description of the harassment.
  5. Specific dates and times of messages or calls.
  6. Description of threats, defamatory statements, or data disclosures.
  7. Identification of affected third parties.
  8. Explanation of evidence attached.
  9. Statement of harm suffered.
  10. Request for investigation and appropriate action.

The affidavit should be signed and sworn before an authorized officer or notary, depending on the requirements of the receiving agency.

XI. Common Mistakes to Avoid

Victims should avoid the following:

  1. Deleting original messages after taking screenshots.
  2. Submitting cropped screenshots with no sender or timestamp.
  3. Editing screenshots or recordings.
  4. Mixing unrelated incidents without a timeline.
  5. Failing to identify the lending app involved.
  6. Failing to preserve third-party messages.
  7. Relying only on verbal claims without documentary proof.
  8. Posting counter-accusations online that may create separate liability.
  9. Threatening collectors in return.
  10. Ignoring data privacy and regulatory remedies.

XII. Remedies and Possible Forums

Depending on the facts, a victim may consider the following:

A. NBI Cybercrime Complaint

Appropriate where there are cybercrime elements, threats, online defamation, digital harassment, account misuse, unauthorized access, or other electronic evidence requiring investigation.

B. Philippine National Police Anti-Cybercrime Group

The PNP may also receive cybercrime complaints and assist in cybercrime investigations.

C. National Privacy Commission

Appropriate where the issue involves unauthorized collection, use, disclosure, or processing of personal data.

D. Securities and Exchange Commission

Appropriate where the lending company or financing company engages in abusive collection practices, unauthorized operations, misleading conduct, or regulatory violations.

E. Prosecutor’s Office

A criminal complaint may ultimately be evaluated for preliminary investigation where the law requires it.

F. Civil Action

A victim may consult counsel regarding damages for reputational harm, emotional distress, privacy invasion, or other injury.

XIII. Special Issues in Online Lending Harassment

A. Access to Contact Lists

Many borrowers complain that lending apps contact people from their phonebook. This may raise serious privacy issues, especially if contacts were accessed without valid consent or used for purposes unrelated to legitimate credit assessment.

Even where the borrower clicked “allow” on app permissions, the validity and scope of consent may still be questioned if the data processing was excessive, unclear, deceptive, or used for harassment.

B. Public Shaming

Public shaming may be legally significant because it can show malice, reputational harm, and disclosure to third parties. Posts calling a person a scammer, thief, criminal, or fraudster may create possible defamation issues if false and malicious.

C. Threats of Arrest or Imprisonment

Debt alone generally does not automatically make a borrower a criminal. Collectors who threaten immediate arrest, imprisonment, police pickup, or criminal prosecution merely to force payment may be engaging in abusive or deceptive collection conduct. The legal character of the threat depends on the exact wording and circumstances.

D. Use of Fake Legal Documents

Some collectors send fake subpoenas, fake warrants, fake barangay notices, or fake court documents. These should be preserved carefully. The use of simulated legal documents may create additional legal issues.

E. Harassment of Employers

Contacting an employer to shame or pressure the borrower may cause reputational and employment harm. Evidence from the employer or co-workers may be important.

F. Multiple Numbers and Anonymous Accounts

Collectors may use several numbers or dummy accounts. Victims should document each number or account separately. Even if the sender is anonymous, investigators may have methods to trace accounts or numbers through proper legal processes.

XIV. Best Practices for Victims

Victims should:

  1. Preserve all messages, calls, and posts.
  2. Make a chronological incident log.
  3. Save the original device.
  4. Avoid engaging in abusive exchanges.
  5. Inform family and workplace contacts not to delete messages.
  6. Ask third parties to send screenshots and written statements.
  7. Keep loan and payment records.
  8. Record the app name, developer, website, and contact details.
  9. File complaints promptly.
  10. Consult a lawyer for case-specific advice.

XV. Best Practices for Evidence Packaging

A well-organized evidence package may include folders such as:

  1. 01 - Loan Documents
  2. 02 - SMS Harassment
  3. 03 - Chat Messages
  4. 04 - Call Logs
  5. 05 - Social Media Posts
  6. 06 - Third Party Messages
  7. 07 - App Permissions and Privacy Policy
  8. 08 - Payment Records
  9. 09 - Witness Statements
  10. 10 - Timeline and Summary

Each file should be named clearly, for example:

2026-03-01_SMS_CollectorNumber_ThreatToEmployer.png

This helps investigators understand the evidence quickly.

XVI. Rights and Responsibilities of Borrowers

Borrowers have the right to be treated lawfully and with dignity. They also have the responsibility to deal with legitimate obligations in good faith. A valid debt may be collected through lawful means, but a creditor or collector cannot use harassment, threats, privacy violations, or defamatory tactics.

A borrower should not ignore legitimate notices, but should also not be forced into payment through unlawful intimidation.

XVII. Conclusion

Online lending harassment is not merely a private dispute between borrower and lender when the conduct involves threats, online shaming, unauthorized use of personal data, defamatory statements, or abusive digital collection practices. In the Philippines, such conduct may involve cybercrime, data privacy, criminal, civil, and regulatory issues.

For NBI cybercrime purposes, evidence is the foundation of the complaint. Victims should preserve screenshots, screen recordings, call logs, messages to third parties, social media posts, app permissions, loan documents, payment records, and witness statements. The evidence should be organized, authentic, complete, and supported by a clear timeline.

The stronger the documentation, the easier it becomes for investigators to evaluate whether the acts constitute cybercrime or related offenses. Victims should act promptly, preserve original evidence, avoid altering digital files, and seek appropriate legal or regulatory remedies based on the specific facts of the case.

Disclaimer

This article is for general legal information in the Philippine context and is not a substitute for legal advice. Laws, procedures, and agency requirements may change, and the proper remedy depends on the specific facts of each case. Affected persons should consult a qualified lawyer or the appropriate government agency for advice on their particular situation.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login