Online Lending Scam and Advance Fee Fraud in the Philippines

Introduction

Online lending has become a common source of quick cash in the Philippines. Borrowers apply through websites, mobile apps, Facebook pages, Messenger accounts, Telegram groups, text messages, online ads, or fake “loan agents.” Some lenders are legitimate, but many scams exploit people who urgently need money.

One of the most common online loan scams is advance fee fraud. In this scheme, a supposed lender promises to approve or release a loan, but first requires the borrower to pay a “processing fee,” “release fee,” “insurance fee,” “notarial fee,” “activation fee,” “collateral fee,” “anti-money laundering clearance fee,” “tax,” “verification fee,” “wallet upgrade fee,” or similar charge. After the borrower pays, the scammer asks for more money, delays release, blocks the borrower, disappears, or threatens the borrower.

In Philippine law, online lending scams may involve estafa, swindling, cybercrime, computer-related fraud, identity theft, data privacy violations, unfair or deceptive financial practices, illegal lending, misrepresentation, and other criminal, civil, administrative, and regulatory issues.

The key warning sign is this: a legitimate lender generally deducts lawful processing charges from loan proceeds or clearly discloses them through proper channels; a scammer usually demands repeated upfront payments before releasing money.

I. What Is an Online Lending Scam?

An online lending scam is a fraudulent scheme where a person, group, fake company, fake app, fake agent, or impersonated lender deceives a borrower into giving money, personal information, documents, or account access by pretending to offer a loan.

The scam may occur through:

  • Facebook pages;
  • Facebook groups;
  • Messenger;
  • Telegram;
  • WhatsApp;
  • Viber;
  • text messages;
  • email;
  • fake websites;
  • fake mobile apps;
  • fake loan contracts;
  • fake certificates;
  • fake government permits;
  • fake SEC registration screenshots;
  • fake bank transfer receipts;
  • fake lending company pages;
  • impersonation of real lending companies;
  • online ads promising “guaranteed approval.”

The scammer often targets people who are financially pressured, blacklisted, unemployed, underemployed, OFWs, small business owners, students, employees waiting for salary, or borrowers already rejected by banks.

II. What Is Advance Fee Fraud?

Advance fee fraud occurs when a scammer promises a benefit, such as a loan, but requires the victim to pay money first before receiving the promised benefit.

In online lending, the promised benefit is usually a loan release. The required upfront payment may be called:

  • processing fee;
  • advance payment;
  • release fee;
  • collateral fee;
  • activation fee;
  • insurance fee;
  • loan guarantee fee;
  • notarial fee;
  • attorney’s fee;
  • documentation fee;
  • tax clearance fee;
  • AMLA clearance fee;
  • bank transfer fee;
  • fund unlocking fee;
  • credit score repair fee;
  • wallet verification fee;
  • system fee;
  • penalty for wrong information;
  • correction fee;
  • account upgrade fee;
  • verification deposit;
  • proof of capacity fee.

The labels change, but the pattern is the same: the borrower pays first, but the loan is never released.

III. Common Modus Operandi

1. “Approved loan, pay processing fee first”

The scammer tells the borrower:

“Congratulations, your ₱50,000 loan is approved. Pay ₱1,500 processing fee first so we can release it.”

After payment, the scammer asks for another fee.

2. “Wrong account number, pay correction fee”

The scammer claims the borrower entered the wrong bank account or e-wallet number. The loan is allegedly “frozen,” and the borrower must pay a correction fee.

This is a common scam because it blames the victim and creates panic.

3. “Anti-money laundering certificate”

The scammer says the money cannot be released because the borrower needs an AMLA certificate, anti-fraud clearance, anti-terrorism clearance, or bank clearance.

These documents are often fake. The scammer demands payment to “clear” the loan.

4. “Insurance fee required”

The scammer claims the borrower must pay insurance before release. In legitimate lending, insurance terms must be properly disclosed. In scams, the insurance fee is usually just a pretext for extracting money.

5. “Notarial fee or attorney’s fee”

The scammer sends a fake loan agreement and requires payment for notarization or legal processing. The documents may look formal but have no real legal effect.

6. “Collateral fee for unsecured loan”

The scammer says no physical collateral is needed, but the borrower must pay a cash collateral or guarantee deposit. Once paid, another fee follows.

7. “Loan release through GCash or Maya, pay activation fee”

The scammer claims the borrower’s e-wallet must be activated, upgraded, or verified for the large loan transfer. The borrower is asked to send money to a personal wallet.

8. “Fake lending app approval”

The victim downloads an app or fills out a form. The app shows an approved loan balance, but withdrawal is blocked unless the borrower pays fees.

9. “Impersonation of a legitimate lender”

The scammer uses the name, logo, address, or registration number of a real lending company. Victims believe they are dealing with the real company, but payments go to personal accounts.

10. “No CI, no collateral, guaranteed approval”

Scammers advertise guaranteed loans with no credit investigation, no collateral, no employment verification, no bank requirements, and instant approval. These promises are designed to attract desperate borrowers.

IV. Red Flags of an Online Lending Scam

A borrower should be suspicious when:

  1. the lender requires upfront payment before loan release;
  2. payment must be sent to a personal GCash, Maya, bank, or remittance account;
  3. the lender uses only Messenger, Telegram, or text;
  4. there is no verifiable office address;
  5. the company name cannot be confirmed;
  6. the loan is “guaranteed approved” regardless of credit history;
  7. the lender pressures the borrower to pay immediately;
  8. the lender threatens cancellation unless payment is made within minutes;
  9. the lender sends fake certificates or permits;
  10. the lender refuses video call, office visit, or official email;
  11. the interest rate and charges are unclear;
  12. the loan contract has grammatical errors, inconsistent names, or suspicious seals;
  13. the lender asks for OTPs, passwords, PINs, or remote access;
  14. the lender asks for front and back photos of IDs before credibility is established;
  15. the lender requests a selfie with ID through unofficial chat;
  16. the lender demands additional fees after every payment;
  17. the lender claims the loan is already transferred but frozen;
  18. the lender uses fear, shame, or legal threats;
  19. the lender’s page was recently created;
  20. reviews and comments appear fake or disabled.

One red flag does not always prove fraud, but multiple red flags strongly indicate a scam.

V. Difference Between a Legitimate Online Lender and a Scam

Legitimate online lenders usually:

  • disclose the registered company name;
  • provide terms and conditions;
  • issue loan agreements;
  • disclose interest, penalties, fees, and due dates;
  • use official payment channels;
  • do not demand repeated upfront personal payments;
  • provide receipts;
  • follow customer identification and privacy rules;
  • have a traceable office, website, or regulatory record;
  • communicate through official channels;
  • comply with lending and financing regulations.

Scammers usually:

  • operate through personal accounts;
  • pressure borrowers to pay first;
  • invent new fees after payment;
  • use fake documents;
  • refuse to release the loan;
  • threaten the borrower;
  • block the borrower after receiving money;
  • impersonate real companies;
  • ask for OTPs or passwords;
  • collect IDs and selfies for misuse;
  • use newly created pages or anonymous profiles.

VI. Is Advance Fee Lending Fraud a Crime?

Yes, it may be a crime depending on the facts. In the Philippines, advance fee loan scams may fall under several legal categories.

The most common is estafa or swindling under the Revised Penal Code, particularly where the scammer deceives the victim into paying money through false pretenses.

If the fraud is committed online or through a computer system, the Cybercrime Prevention Act may also apply, especially for computer-related fraud, identity theft, or crimes committed through information and communications technology.

VII. Estafa in Online Lending Scams

Estafa generally involves defrauding another person through abuse of confidence, deceit, false pretenses, fraudulent acts, or similar means causing damage.

In advance fee lending fraud, estafa may exist where:

  1. the scammer falsely represents that a loan is approved or will be released;
  2. the scammer demands fees as a condition for release;
  3. the victim relies on the misrepresentation;
  4. the victim sends money;
  5. the loan is never released;
  6. the victim suffers damage.

Examples:

  • fake lender collects ₱2,000 processing fee and disappears;
  • fake agent collects multiple fees for a nonexistent loan;
  • scammer impersonates a registered company to induce payment;
  • scammer sends fake approval and fake transfer receipt;
  • scammer demands correction fee for a nonexistent “frozen loan.”

The strongest cases show that the scammer never intended to release a loan and used false claims to obtain money.

VIII. Cybercrime Issues

The Cybercrime Prevention Act may apply when the scam is committed through:

  • websites;
  • online forms;
  • mobile apps;
  • social media;
  • Messenger;
  • Telegram;
  • email;
  • e-wallets;
  • fake digital documents;
  • computer systems;
  • digital payment channels.

Possible cybercrime-related issues include:

1. Computer-related fraud

If the offender uses computer data, systems, or online deception to obtain money or benefit, computer-related fraud may be considered.

2. Computer-related identity theft

If the scammer uses another person’s name, company name, logo, ID, business permit, or personal information without authority, identity theft issues may arise.

3. Cyber libel or threats

If the scammer later threatens or defames the victim online, separate offenses may apply.

4. Illegal access or account takeover

If the scammer obtains OTPs, passwords, or credentials and accesses the victim’s accounts, hacking-related offenses may apply.

5. Phishing

If the scam involves fake login pages, OTP harvesting, or credential theft, phishing-related cybercrime issues may arise.

IX. Identity Theft and Impersonation

Online lending scammers often impersonate:

  • legitimate lending companies;
  • banks;
  • financing companies;
  • government agencies;
  • lawyers;
  • court staff;
  • police officers;
  • SEC officers;
  • NBI personnel;
  • bank managers;
  • loan processors;
  • real employees of lending companies.

They may use:

  • stolen logos;
  • copied business permits;
  • fake IDs;
  • fake authorization letters;
  • fake certificates;
  • real company names with different payment channels;
  • photos of real people;
  • fake Facebook pages.

Victims should preserve all documents and profile links because impersonation may support complaints for fraud, identity theft, falsification, or cybercrime.

X. Fake Documents Commonly Used

Scammers may send documents that look official, such as:

  • loan approval certificate;
  • loan agreement;
  • manager’s check image;
  • bank transfer slip;
  • anti-money laundering certificate;
  • tax clearance;
  • insurance certificate;
  • notarized document;
  • SEC registration screenshot;
  • certificate of authority;
  • business permit;
  • official receipt;
  • demand letter;
  • subpoena;
  • warrant;
  • court order;
  • police complaint;
  • NBI clearance notice.

Fake documents often have:

  • wrong logos;
  • poor grammar;
  • inconsistent names;
  • unusual fonts;
  • missing contact details;
  • blurry seals;
  • fake signatures;
  • suspicious payment instructions;
  • threats mixed with payment demands;
  • unrealistic deadlines.

Using fake documents may create additional legal liability for the scammer.

XI. Data Privacy Risks

Online lending scams are not only about money. Victims often submit personal data before discovering the fraud.

Scammers may collect:

  • full name;
  • address;
  • birthdate;
  • phone number;
  • email;
  • valid ID;
  • selfie with ID;
  • signature;
  • bank account details;
  • e-wallet number;
  • employment details;
  • emergency contacts;
  • social media profile;
  • contact list;
  • proof of billing;
  • payslip;
  • company ID;
  • family details.

This information may be used for:

  • identity theft;
  • fake loan applications;
  • SIM registration fraud;
  • e-wallet verification;
  • blackmail;
  • harassment;
  • selling data;
  • phishing;
  • opening fake accounts;
  • impersonation;
  • targeting relatives or coworkers.

Victims should treat the incident as both a financial scam and a personal data compromise.

XII. What to Do Immediately After Realizing It Is a Scam

Step 1: Stop sending money

Do not pay additional fees. Scammers often create urgency and fear to extract more payments.

Step 2: Preserve all evidence

Take screenshots and screen recordings before the scammer deletes messages or blocks you.

Step 3: Save payment proof

Preserve transaction receipts, reference numbers, account names, wallet numbers, bank accounts, and remittance details.

Step 4: Report to the payment platform

If payment was made through GCash, Maya, bank transfer, remittance, or online banking, report the transaction immediately and request account review or freezing if possible.

Step 5: Report to law enforcement or cybercrime authorities

If money was lost, identity documents were submitted, or threats were made, consider filing a complaint.

Step 6: Report fake pages and profiles

Report the Facebook page, Telegram account, website, app, or profile used in the scam.

Step 7: Protect your identity

Change passwords, monitor accounts, report compromised IDs, and watch for unauthorized transactions.

XIII. Evidence to Preserve

Evidence is the foundation of a complaint. Preserve:

  1. screenshots of ads, posts, and messages;
  2. profile URLs and page links;
  3. website links;
  4. app screenshots;
  5. loan approval messages;
  6. fake contracts;
  7. fake certificates;
  8. payment instructions;
  9. payment receipts;
  10. account names and numbers;
  11. GCash or Maya transaction reference numbers;
  12. bank transfer receipts;
  13. remittance receipts;
  14. email headers, if email was used;
  15. phone numbers used by the scammer;
  16. names used by the scammer;
  17. photos or IDs sent by scammer;
  18. voice messages;
  19. call logs;
  20. proof of personal data submitted;
  21. threats or follow-up demands;
  22. evidence that the loan was never released.

Do not edit or crop the only copy of evidence. Keep originals when possible.

XIV. How to Take Strong Screenshots and Screen Recordings

A useful screenshot should show:

  • sender’s name or number;
  • full message;
  • date and time;
  • platform used;
  • profile photo or account name;
  • payment instructions;
  • amount demanded;
  • reason for fee;
  • confirmation of payment;
  • follow-up demand;
  • refusal to release loan.

A screen recording is even better if it shows:

  • opening the chat;
  • viewing the profile;
  • scrolling through the conversation;
  • opening the payment instructions;
  • showing the page URL;
  • showing the account name;
  • showing the fake documents.

This helps prove authenticity and context.

XV. Where to Report an Online Lending Scam

Victims may report to several offices depending on the facts.

1. Police or cybercrime units

Report if there is fraud, threats, identity theft, fake accounts, hacking, or online extortion.

2. National Bureau of Investigation cybercrime office

The NBI may assist with online scams, digital evidence, tracing, fake accounts, and cybercrime complaints.

3. Prosecutor’s office

A criminal complaint for estafa, cybercrime, identity theft, falsification, threats, or related offenses may be filed with the prosecutor.

4. Securities and Exchange Commission

If the scammer claims to be a lending company, financing company, or online lending app, a report may be made to the SEC, especially if the entity is unregistered, impersonating a registered company, or engaging in abusive lending activities.

5. National Privacy Commission

If personal data, IDs, selfies, contacts, or sensitive information were collected or misused, a privacy complaint or report may be considered.

6. Bank, e-wallet, or payment provider

Report immediately to the platform used for payment. Provide transaction reference numbers and ask whether the receiving account can be reviewed, restricted, or investigated.

7. Social media platforms

Report fake pages, fake ads, fake profiles, and scam messages.

8. App stores

If the scam involved a mobile app, report the app to the app store.

XVI. Reporting to Banks, E-Wallets, and Payment Providers

Many victims pay through:

  • GCash;
  • Maya;
  • bank transfer;
  • online banking;
  • remittance centers;
  • pawnshop remittance;
  • payment centers;
  • QR code;
  • cryptocurrency;
  • prepaid load or vouchers.

Report immediately and provide:

  • sender name;
  • receiver name;
  • receiver number or account;
  • amount;
  • date and time;
  • transaction reference number;
  • screenshots of scam messages;
  • police report or complaint, if available;
  • request for investigation or account hold.

Recovery is not guaranteed, especially if money was withdrawn quickly. But fast reporting improves the chance of action.

XVII. Reporting to the SEC

A report to the SEC may be relevant if:

  • the scammer claims to be a lending company;
  • the scammer uses a company name or SEC registration;
  • the app appears to operate as an online lending platform;
  • the entity is unregistered;
  • the entity misuses a legitimate company’s name;
  • there are abusive collection threats after the scam;
  • the app or lender operates publicly without proper authority.

The complaint should include:

  • name of the alleged lending company;
  • app name;
  • website or Facebook page;
  • screenshots of loan offer;
  • fake permits or registration documents;
  • payment demands;
  • payment proof;
  • names and accounts used;
  • explanation of how the scam occurred.

XVIII. Reporting to the National Privacy Commission

A privacy report or complaint may be appropriate when:

  • the scammer collected valid IDs;
  • the scammer collected selfies with ID;
  • the scammer accessed contacts;
  • the scammer threatened to post personal data;
  • personal information was shared with third parties;
  • the victim’s ID was used for impersonation;
  • the scam app harvested phone data;
  • the victim’s data was sold or reused.

The report should include:

  • what personal data was submitted;
  • where it was submitted;
  • screenshots of forms or chats;
  • privacy policy, if any;
  • threats involving personal data;
  • evidence of unauthorized disclosure;
  • harm suffered.

XIX. Filing a Criminal Complaint

A victim may file a complaint-affidavit describing the scam.

A. What the complaint should contain

A complaint should state:

  1. victim’s full name and contact information;
  2. how the scammer contacted the victim;
  3. platform used;
  4. account names and links;
  5. loan amount promised;
  6. fees demanded;
  7. payment details;
  8. false representations made;
  9. dates and times;
  10. proof of payment;
  11. failure to release loan;
  12. further demands;
  13. threats, if any;
  14. personal data submitted;
  15. identities or aliases of scammers;
  16. evidence attached;
  17. requested charges.

B. Possible charges

Depending on the facts, possible complaints may include:

  • estafa;
  • computer-related fraud;
  • identity theft;
  • falsification;
  • threats;
  • unjust vexation;
  • cyber libel, if defamatory posts were made;
  • data privacy violations;
  • illegal lending or regulatory violations;
  • other offenses.

XX. Sample Complaint-Affidavit Structure

A complaint-affidavit may follow this structure:

  1. Personal circumstances of complainant Name, age, address, contact details.

  2. How complainant found the lender Facebook ad, Messenger, Telegram, app, website, referral.

  3. Loan offer Amount, promised approval, terms represented.

  4. False representations Statements that loan was approved, money was ready, fee was required.

  5. Payments made Dates, amounts, receiving accounts, transaction references.

  6. Failure to release loan Details showing no loan was received.

  7. Additional demands New fees, correction fees, insurance, AMLA clearance, penalties.

  8. Threats or harassment Any messages threatening exposure, arrest, legal action, or public shame.

  9. Personal data submitted IDs, selfies, bank details, contacts, employment information.

  10. Evidence Screenshots, receipts, links, documents, witness statements.

  11. Prayer or request Request for investigation and filing of appropriate charges.

XXI. Sample Narrative for a Complaint

A victim may write:

On or about [date], I saw an online loan advertisement on [platform] under the name [page/profile/app]. I contacted the account because it offered a loan of ₱[amount] with fast approval. The person using the name [name/alias] told me that my loan was approved and that I only needed to pay a processing fee of ₱[amount] before release. Relying on this representation, I sent payment to [GCash/bank/remittance account] with account name [name] and number [number] on [date/time]. After payment, the person demanded another fee for [reason]. Despite my payment, no loan was released. I later realized that the transaction was fraudulent. Attached are screenshots of the messages, payment receipts, account details, and documents sent to me.

This should be adjusted to the actual facts.

XXII. Civil Remedies

Apart from criminal complaints, the victim may consider civil remedies.

Possible civil claims include:

  • recovery of money paid;
  • damages for fraud;
  • moral damages for anxiety, humiliation, or distress;
  • actual damages for financial loss;
  • exemplary damages in proper cases;
  • attorney’s fees;
  • injunction if personal data is being misused.

Civil action may be difficult if the scammer is anonymous or untraceable, but it may be useful if the scammer is identified.

XXIII. If the Scammer Threatens the Victim After Payment

Some scammers threaten victims who stop paying.

Threats may include:

  • “We will post your ID.”
  • “We will call your employer.”
  • “We will file a case against you.”
  • “We will report you as a scammer.”
  • “We will send police to your house.”
  • “We will send your photos to your contacts.”
  • “We will block your bank account.”
  • “We will mark you as blacklisted.”

Preserve threats. These may support separate complaints for threats, coercion, cybercrime, harassment, data privacy violations, or cyber libel if defamatory statements are published.

Do not pay more because of threats. Scammers often use fear to continue extracting money.

XXIV. If the Victim Sent Valid IDs or Selfie With ID

This is a serious identity theft risk.

Immediate steps:

  1. save proof of what was sent;
  2. report the scam;
  3. monitor e-wallets, bank accounts, and SIM registrations;
  4. change passwords;
  5. enable two-factor authentication;
  6. notify banks if account details were shared;
  7. consider replacing compromised IDs if necessary;
  8. watch for unauthorized loans or accounts;
  9. report fake accounts using the victim’s identity;
  10. consider a data privacy complaint if personal data is misused.

If the ID is later used for fraud, preserve evidence and report immediately.

XXV. If the Victim Gave OTP, Password, or PIN

If the victim gave OTP, password, PIN, or account access:

  1. change passwords immediately;
  2. contact the bank or e-wallet;
  3. freeze or secure the account;
  4. check transaction history;
  5. report unauthorized transactions;
  6. revoke linked devices;
  7. enable stronger authentication;
  8. report to law enforcement if money was taken;
  9. preserve all scam messages.

A legitimate lender should not ask for OTPs, passwords, or PINs.

XXVI. If the Victim Installed a Suspicious App

Some fake loan apps may request excessive permissions.

Steps:

  1. screenshot app name and permissions;
  2. revoke permissions;
  3. uninstall the app after preserving evidence;
  4. scan device for malware;
  5. change passwords;
  6. monitor accounts;
  7. check if contacts received messages;
  8. report the app to the app store;
  9. include app details in complaints.

Dangerous permissions include access to contacts, SMS, storage, camera, microphone, location, notifications, and accessibility services.

XXVII. If the Scammer Used a Real Company Name

Scammers often use the name of a legitimate company to gain trust.

Victims should:

  1. preserve the scammer’s page or messages;
  2. compare official payment channels;
  3. contact the legitimate company through official channels;
  4. ask whether the agent is authorized;
  5. report impersonation to the real company;
  6. include impersonation in police or cybercrime complaint;
  7. avoid paying accounts not officially confirmed.

The real company may also want to report the impersonation.

XXVIII. If the Scammer Claims to Be SEC-Registered

Scammers may show a certificate of registration. A certificate alone does not prove authority to lend through that specific page, app, or person.

A victim should check:

  • exact company name;
  • registration number;
  • certificate of authority, if applicable;
  • official website;
  • official contact details;
  • whether the payment account belongs to the company;
  • whether the agent is authorized;
  • whether the app name matches the company;
  • whether documents are edited or stolen.

A real registration document can be copied and misused by scammers.

XXIX. If the Scammer Sends a Fake Loan Contract

A fake loan contract may contain:

  • the victim’s personal information;
  • promised loan amount;
  • fake official seal;
  • fake notary;
  • payment instructions;
  • penalty for cancellation;
  • threats for non-payment;
  • requirement to pay fees before release.

Do not assume a contract is valid merely because it has a signature, stamp, or logo. If no money was released to the borrower, the scammer cannot honestly claim the borrower must repay a loan that was never received.

However, the victim should preserve the contract as evidence of the scam.

XXX. If the Scammer Claims the Victim Must Pay Cancellation Fee

Scammers often say:

“Your loan is already approved. If you cancel, you must pay cancellation fee.”

If no loan was released and the victim was deceived, the demand may be part of the scam. Preserve the message and do not pay without verifying legal basis.

A legitimate lender may have terms for cancellation in some contexts, but a scammer uses cancellation fees to continue extracting money.

XXXI. If the Scammer Claims the Loan Was Released but Frozen

This is a classic advance fee fraud tactic.

The scammer may say:

  • bank froze the transfer;
  • account number is wrong;
  • AMLA blocked the funds;
  • tax clearance is needed;
  • fund code must be activated;
  • bank manager requires release fee;
  • wallet limit must be upgraded.

Usually, the loan does not exist. Do not pay more. Ask for official bank proof and verify through official bank channels, not through numbers provided by the scammer.

XXXII. If the Scammer Uses a Fake Bank Employee

Scammers may include a second person pretending to be a bank manager, bank compliance officer, or finance officer. This is meant to make the scam look real.

Warning signs:

  • bank employee uses personal Gmail, Facebook, or Telegram;
  • bank employee asks payment to personal account;
  • bank employee pressures immediate payment;
  • bank employee cannot be reached through official bank hotline;
  • documents are sent through chat only;
  • payment is required to “unlock” funds.

Verify directly with the bank through official channels.

XXXIII. If the Victim Paid Multiple Fees

Victims often pay several times because each payment is followed by a new excuse.

Examples:

  1. processing fee;
  2. insurance fee;
  3. correction fee;
  4. AMLA fee;
  5. tax fee;
  6. release fee;
  7. cancellation fee.

The victim should list every payment in a table:

Date Amount Payment Method Receiver Name/Number Reason Given Reference No.

This table is useful for complaints.

XXXIV. If the Scam Involves Cryptocurrency

Some scammers demand payment through crypto. This makes recovery harder.

Victims should preserve:

  • wallet address;
  • transaction hash;
  • exchange account used;
  • screenshots of instructions;
  • chat logs;
  • amount and cryptocurrency type;
  • date and time.

Report to the exchange if one was used. Crypto transactions are difficult to reverse, but evidence may still help investigation.

XXXV. If the Scam Involves Remittance Centers

If payment was made through remittance:

  • preserve receipt;
  • receiver name;
  • receiver phone number;
  • tracking number;
  • branch location if available;
  • date and time;
  • ID details used by receiver if available to authorities.

Report to the remittance company quickly. If the money has not been claimed, cancellation may be possible depending on timing and company policy.

XXXVI. If the Victim Is an OFW or Abroad

OFWs are common targets because they may need loans for placement fees, travel, family emergencies, or documents.

If abroad:

  1. preserve evidence;
  2. report to the payment provider;
  3. ask family in the Philippines to assist with reporting if authorized;
  4. contact Philippine embassy or consulate for guidance if identity documents are compromised;
  5. file online reports where available;
  6. consult counsel if large sums are involved;
  7. monitor Philippine bank and e-wallet accounts.

If passports or overseas employment documents were submitted, treat the incident as identity risk.

XXXVII. If the Victim Is a Student, Senior Citizen, or Vulnerable Borrower

Scammers target vulnerable persons. Family members should help preserve evidence and report. If the victim is a minor, additional child protection concerns may arise, especially if IDs, photos, school information, or sexual threats are involved.

XXXVIII. Can the Victim Recover the Money?

Recovery depends on timing, payment method, traceability, and whether the receiving account can be frozen or identified.

Recovery is more possible if:

  • the victim reports immediately;
  • money has not been withdrawn;
  • payment provider acts quickly;
  • receiving account is verified;
  • bank or e-wallet cooperates through legal process;
  • law enforcement identifies the scammer;
  • scammer is within reach of Philippine authorities.

Recovery is harder if:

  • money was withdrawn immediately;
  • fake or mule accounts were used;
  • payment was through crypto;
  • scammer is abroad;
  • victim delayed reporting;
  • account details are incomplete.

Even if recovery is uncertain, reporting helps create a record and may prevent further victimization.

XXXIX. Money Mule Accounts

Scammers often use “money mule” accounts. These are bank or e-wallet accounts used to receive scam proceeds. The account holder may be part of the scam, paid to lend the account, deceived, or negligent.

Victims should report receiving accounts. Account holders may face investigation if their accounts are used for fraud.

XL. Preventive Measures Before Applying for an Online Loan

Before applying:

  1. verify the lender’s official company name;
  2. check if the app or company is legitimate;
  3. avoid lenders requiring upfront fees;
  4. do not pay to personal accounts;
  5. read loan terms;
  6. check official contact details;
  7. avoid agents who communicate only through personal chat;
  8. do not send OTPs, passwords, or PINs;
  9. do not send IDs unless the lender is verified;
  10. avoid “guaranteed approval” ads;
  11. be suspicious of urgent pressure;
  12. verify payment channels;
  13. check if the website URL is official;
  14. avoid downloading apps from unknown links;
  15. review app permissions.

XLI. How Legitimate Fees Should Be Treated

Some legitimate lenders may charge processing fees, documentary stamp tax, insurance, service fees, or platform fees. But lawful charges should be:

  • disclosed before loan acceptance;
  • included in the loan agreement;
  • reasonable and lawful;
  • paid through official channels;
  • receipted;
  • not repeatedly invented after approval;
  • not required through personal accounts;
  • not used as a pretext to delay release indefinitely.

A major warning sign is when every payment creates a new required payment.

XLII. What Borrowers Should Never Give to Online Loan Agents

Do not give:

  • OTP;
  • PIN;
  • online banking password;
  • e-wallet password;
  • SIM card;
  • remote access to phone;
  • screen sharing access;
  • blank signed documents;
  • ATM card;
  • payroll card;
  • passport without verified legal need;
  • unnecessary ID copies;
  • access to contacts;
  • social media password;
  • email password;
  • nude or compromising photos;
  • payment before verifying legitimacy.

Legitimate lenders do not need your OTP or password to release a loan.

XLIII. What If the Victim Also Has Real Online Loans?

A victim may be dealing with both real lenders and scammers. Keep separate records for each.

Create a table:

App/Lender Real or Suspected Scam Amount Borrowed/Promised Amount Received Fees Paid Status

This avoids confusion and helps identify which payments were fraudulent.

XLIV. If the Scammer Threatens to File a Case Against the Victim

Scammers may claim the victim committed breach of contract, fraud, or money laundering by refusing to pay additional fees.

If no loan was released and the victim only paid fees, the scammer’s claim is usually part of intimidation. Preserve the threats.

A victim may respond:

“No loan proceeds were released to me. I will not send additional payments. Please communicate through proper legal channels.”

Do not argue endlessly. Preserve evidence and report.

XLV. If the Scammer Threatens to Blacklist the Victim

Scammers often say the borrower will be blacklisted from all banks, government agencies, NBI, police, immigration, or employers.

These threats are usually designed to scare the victim. A private scammer cannot simply blacklist a person from government services. Legitimate credit reporting has rules and cannot be used as random intimidation.

Preserve the message as evidence of coercive conduct.

XLVI. If the Scammer Threatens Arrest

A private lender or scammer cannot order arrest by text message. Arrest requires lawful basis and proper authority.

Threats such as:

  • “Police will arrest you today,”
  • “NBI will come to your house,”
  • “You have a warrant,”
  • “Pay now or go to jail,”

should be preserved. If fake warrants or fake subpoenas are sent, they may support additional complaints.

XLVII. If the Scam Involves a Fake Lawyer

Scammers may use fake law office names, fake demand letters, or fake attorney signatures.

Warning signs:

  • no office address;
  • no roll number or verifiable identity;
  • payment demanded to personal wallet;
  • threats of immediate arrest;
  • poor formatting;
  • refusal to provide formal contact details;
  • legal letter sent only as a chat image.

Victims may preserve the document and verify independently. Impersonating legal professionals or using fake legal documents may create additional liability.

XLVIII. If the Scam Involves Fake Government Fees

Scammers may say fees are required by:

  • NBI;
  • PNP;
  • SEC;
  • BIR;
  • AMLC;
  • courts;
  • barangay;
  • bank regulators;
  • immigration.

Government fees are paid through official channels, not to random personal accounts. Victims should verify directly with the named agency.

XLIX. Public Posting and Warning Others

Victims often want to post the scammer’s name online to warn others. Caution is needed.

It is safer to:

  • report to authorities;
  • report to platforms;
  • post factual warnings without unnecessary accusations if legally safe;
  • avoid posting private information;
  • avoid sharing IDs, phone numbers, addresses, or unverified claims;
  • avoid defamatory language;
  • consult counsel if the amount is large or the situation is sensitive.

A victim should not commit cyber libel, doxxing, or privacy violations while trying to expose a scam.

L. Practical Complaint Packet

A strong complaint packet may include:

  1. cover letter;
  2. complaint-affidavit;
  3. timeline of events;
  4. table of payments;
  5. screenshots of ads and messages;
  6. profile links and URLs;
  7. fake documents;
  8. payment receipts;
  9. list of receiving accounts;
  10. proof of non-release of loan;
  11. threats and further demands;
  12. personal data submitted;
  13. reports made to payment platforms;
  14. witness statements, if any;
  15. valid ID of complainant.

Label evidence clearly as Annex A, B, C, and so on.

LI. Sample Demand to Payment Provider

A victim may send:

Subject: Urgent Report of Fraudulent Transaction

I respectfully report a suspected online lending scam involving payment sent through your platform.

Transaction details:

  • Sender: ___
  • Receiver name/account/number: ___
  • Amount: ___
  • Date and time: ___
  • Reference number: ___
  • Reason given by scammer: loan processing/release fee
  • Platform used by scammer: ___

The receiver represented that the payment was required for release of an approved loan, but no loan was released and additional fees were demanded. Attached are screenshots of the conversation and proof of payment.

I request urgent review of the receiving account and assistance under your fraud reporting procedures.

LII. Sample Message to Scammer After Discovery

Keep it short:

“No loan proceeds were released to me. I will not send additional payments. Preserve all communications and payment records. I am reporting this transaction to the proper authorities and payment provider.”

Avoid threats, insults, or long arguments.

LIII. Sample Warning to Contacts

If the victim’s contacts may be targeted:

“Someone pretending to offer an online loan may have obtained my information. Please ignore any messages asking about me, asking for money, or claiming I owe them. Do not give them any information. Please screenshot and send me any message you receive.”

LIV. Frequently Asked Questions

1. Is it normal for online lenders to ask for processing fees before loan release?

A legitimate lender should clearly disclose fees and use official channels. Repeated upfront payments to personal accounts before any loan release are a major red flag.

2. I paid a processing fee but no loan was released. What can I do?

Stop paying, preserve evidence, report to the payment provider, and consider filing complaints with law enforcement, cybercrime authorities, SEC, or other appropriate offices.

3. Can I file estafa?

Possibly, if the facts show deceit, reliance, payment, and damage. Online elements may also raise cybercrime issues.

4. What if the scammer used a real lending company’s name?

Report the impersonation to the real company and authorities. Preserve screenshots showing the fake page, payment instructions, and representations.

5. Can I recover my money from GCash, Maya, or the bank?

Recovery is not guaranteed, but report immediately. Fast reporting may help if the funds have not been withdrawn.

6. What if I sent my ID and selfie?

Treat it as identity theft risk. Monitor accounts, report misuse, change passwords, and consider reporting to privacy or cybercrime authorities.

7. What if they threaten to post my ID?

Preserve the threat and report. This may involve privacy violations, harassment, coercion, or cybercrime.

8. What if they say I must pay cancellation fee?

If no loan was released and the demand follows a suspicious advance fee pattern, do not pay without verifying legal basis. Preserve the demand as evidence.

9. What if they sent a contract?

A contract does not prove legitimacy if it was used to extract fees for a nonexistent loan. Preserve it and verify the company.

10. Can I be arrested for refusing to pay more fees?

A scammer cannot cause immediate arrest by chat. If no loan was released and the transaction appears fraudulent, preserve threats and report.

LV. Key Legal Principles

The key principles are:

  1. Advance fee loan scams are commonly fraudulent.
  2. A borrower should be suspicious of upfront payments before loan release.
  3. Fraud may be prosecuted as estafa and may involve cybercrime if committed online.
  4. Impersonation, fake documents, and identity misuse may create additional liability.
  5. Payment to personal e-wallet or bank accounts is a major red flag.
  6. Personal data submitted to scammers creates identity theft risk.
  7. Victims should preserve evidence before accounts disappear.
  8. Reporting should be prompt, especially to payment providers.
  9. Recovery is uncertain but faster action improves chances.
  10. A fake loan contract or fake approval does not make a scam legitimate.

Conclusion

Online lending scams and advance fee fraud in the Philippines exploit financial urgency. Scammers promise fast approval and loan release, then demand upfront payments disguised as processing fees, insurance, taxes, AMLA clearance, correction fees, activation fees, or cancellation charges. Once the victim pays, the scammer invents new fees, refuses to release the loan, threatens the victim, or disappears.

The victim should stop paying immediately, preserve all evidence, report the transaction to the payment provider, protect personal data, and consider complaints with law enforcement, cybercrime authorities, the prosecutor, the SEC, the National Privacy Commission, and the platforms used by the scammer. If IDs, selfies, OTPs, passwords, or bank details were shared, the victim should treat the matter as both a fraud case and an identity security risk.

The guiding rule is clear: when a supposed lender repeatedly asks for money before releasing a loan, especially through personal accounts and online chats, it is likely not lending—it is fraud.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login