I. Overview: What “online scam” means under Philippine law

“Online scam” is not a single crime title. In practice, the same scheme may trigger multiple offenses under different statutes, depending on what the scammer did (misrepresentation, use of a fake identity, hacking, unlawful access, use of electronic evidence, etc.). The most common legal tracks are:

• Estafa (Swindling) under the Revised Penal Code (RPC), Article 315 (and related provisions), when there is deceit and resulting damage.
• Cybercrime offenses under the Cybercrime Prevention Act of 2012 (RA 10175) when computers, phones, online platforms, or networks are used as tools or targets.
• Other fraud-related offenses (e.g., falsification, identity-related crimes, deceptive trade practices, money laundering implications), depending on the facts.

Because online scams frequently involve digital communications and fund transfers, proper reporting depends on (1) choosing the right complaint venue, (2) preserving electronic evidence, and (3) identifying the legal elements you can prove.

---

II. Common online scam patterns and the likely charges

A. Online selling / non-delivery scams

Scenario: You pay for goods/services online; seller disappears or never delivers.

Possible charges:

• Estafa (Art. 315(2)(a), RPC) — deceit through false pretenses prior to or simultaneous with receipt of money; damage results.
• Potential cyber-related angle if the scheme involves online accounts, messaging, or electronic payments (often charged with or “in relation to” cybercrime depending on prosecutorial approach).

B. Investment / “double your money” / crypto trading scams

Scenario: Promises of high returns; pressure to deposit; withdrawals blocked.

Possible charges:

• Estafa (multiple variants under Art. 315 depending on representation and manner of taking).
• If public solicitation or securities-like activity is involved, there may be securities regulation issues and other special laws depending on structure.

C. Phishing, account takeover, OTP harvesting

Scenario: Scammer tricks you into giving OTP/password; your accounts are accessed and used.

Possible charges:

• Cybercrime offenses (e.g., illegal access, computer-related identity misuse, computer-related fraud—depending on the exact act).
• Estafa may still apply if deceit caused you to part with money or property.

D. Loan app harassment / “online lending” abuses

Scenario: Small loan but abusive interest/fees; contacts are threatened; data used for harassment.

Possible charges/issues:

• Potential violations involving data privacy, threats, and other offenses depending on acts (doxxing, extortion-like demands, etc.).
• Consumer protection angles may apply depending on the entity.

E. Romance scams / impersonation

Scenario: Fake identity builds relationship then asks for money.

Possible charges:

• Estafa (deceit-induced transfer of money).
• Possible identity-related cyber offenses depending on impersonation mechanics.

---

III. Estafa in the Philippine setting: elements you must show

While Article 315 has several modes, the most common online scam complaint is estafa by deceit. Prosecutors look for:

1. Deceit (false pretense, fraudulent act, or representation)

   • Must be before or at the time money/property is obtained.

2. Reliance by the victim on the deceit

   • You believed the representation and acted because of it.

3. Damage or prejudice capable of pecuniary estimation

   • Loss of money, property, or valuable rights.

4. Causal link between deceit and damage

Key practical point: Non-delivery alone is not always enough. The stronger cases show intent to defraud from the start, proven through patterns (multiple victims, fake identity, refusal to deliver, blocking, inconsistent stories, “too good to be true” pricing, fabricated receipts, etc.).

---

IV. Cybercrime in online scams: what makes a case “cybercrime”

In online scams, cybercrime law is relevant in two ways:

1. The computer/phone/network is the tool or environment (e.g., scam conducted via social media, messaging apps, online banking).
2. The computer/phone/network is the target (e.g., illegal access, account takeover, malware).

Even when the underlying wrongdoing resembles traditional fraud, using ICT can affect:

• Where you file (special cybercrime units)
• How you preserve evidence (electronic evidence rules)
• How perpetrators are traced (subscriber information, IP logs, platform requests)

---

V. Where to report: choosing the correct venue

A. Immediate first steps (best practice)

• Notify your bank/e-wallet immediately and request:

  • Hold/freeze if possible
  • Trace transaction details (reference numbers, destination account)
  • Formal dispute or chargeback options (card payments often have specific dispute windows)

• Report/flag the account inside the platform used (marketplace, social media, messaging app)

• Preserve evidence (see Section VI)

B. Law enforcement reporting channels

1) Philippine National Police (PNP) – Anti-Cybercrime Group (ACG) Common for online fraud, phishing, identity misuse, and similar complaints.

2) National Bureau of Investigation (NBI) – Cybercrime Division Also receives online scam complaints; often used for cases requiring more extensive technical tracing.

3) Local police station You may start at a local station for documentation and referral, especially if you need a blotter entry and assistance.

C. Prosecution track (for filing the criminal complaint)

Criminal cases like estafa are pursued through the Office of the City/Provincial Prosecutor (OCP/OPP) via a complaint-affidavit. Typically, you:

• File with law enforcement for investigation support and/or
• File directly with the Prosecutor’s Office with complete documents

Practical approach: Many complainants file with PNP-ACG or NBI Cybercrime first to help with tracing and case build-up, then proceed to the Prosecutor with a more complete respondent identity and evidence.

---

VI. Evidence preservation: the backbone of online scam reporting

Online scam cases often fail due to weak documentation. Preserve evidence in a way that is credible and usable.

A. What to save

• Chat logs (full conversation history; include date/time stamps if possible)

• Screenshots of:

  • Seller profile, username/ID, bio, marketplace listing
  • Payment instructions and account identifiers
  • Threats or admissions

• Links/URLs to profiles, posts, listings (copy and store)

• Transaction records:

  • Bank transfer slips, e-wallet reference numbers, screenshots
  • Email/SMS confirmations
  • Statements showing debit/credit

• Delivery documents (if any): waybills, tracking numbers, courier messages

• Call logs and recordings where lawful and available (recording rules can be complex; rely mainly on written/electronic records)

• ID documents the scammer sent (often fake—but still evidence of misrepresentation)

• Other victim statements if there are multiple complainants

B. How to preserve well

• Do not edit screenshots. Keep originals.
• Export chats if the app supports download/export.
• Save files with clear naming: 2026-03-03_chat_sellername_platform.png.
• Back up to at least two locations (phone + cloud/drive).
• If you have the technical ability: keep metadata (original files) instead of re-sending through apps that strip metadata.

C. Authenticating electronic evidence

Philippine courts apply Rules on Electronic Evidence and general evidence principles. Practically, you should be prepared to explain:

• How you obtained the screenshot/chat
• Where it came from (device/account)
• That it is a faithful representation of what you saw If possible, maintain the device intact and avoid factory resets until the case is resolved.

---

VII. Identifying the respondent: what if you only have a username?

A frequent barrier is that you only know:

• A profile name
• A mobile number
• An e-wallet/bank account
• A courier pickup name
• A messaging handle

You can still file a complaint using the identifiers you have. Law enforcement can pursue:

• Subscriber/account information through legal process
• Bank/e-wallet KYC details (subject to legal requests)
• Platform data requests (subject to jurisdiction and platform policy)

Practical drafting point: List every identifier in your affidavit—handles, URLs, phone numbers, account names, reference numbers, and any photos used.

---

VIII. Step-by-step: how to file a criminal complaint (Estafa / Cybercrime-related)

Step 1: Organize your evidence packet

Prepare:

• Printed screenshots and digital copies
• Proof of payment
• A timeline of events (date/time, what happened, what was promised)
• IDs for your personal identification (government ID)

Step 2: Draft a Complaint-Affidavit

A good complaint-affidavit includes:

1. Your identity and contact details
2. Narrative with timeline
3. Specific misrepresentations made by the respondent
4. How you relied on those misrepresentations
5. Payments made (amounts, dates, channels, reference numbers)
6. Damage suffered
7. Demand/refund attempts and the respondent’s reaction (blocking, excuses)
8. List of attachments (marked Annex “A”, “B”, etc.)
9. Verification and signature before an authorized officer (usually prosecutor’s office or notary, depending on venue requirements)

Step 3: File with the proper office

• With law enforcement (PNP-ACG / NBI Cybercrime) for investigation support, especially identity tracing
• With the Prosecutor’s Office for formal initiation of the criminal case (preliminary investigation for cases requiring it)

Step 4: Preliminary Investigation (typical for estafa and many cyber-related crimes)

Process generally includes:

• Your complaint-affidavit and evidence submission
• Issuance of subpoena to the respondent (if identifiable/locatable)
• Respondent’s counter-affidavit
• Possible reply and rejoinder
• Prosecutor’s resolution determining probable cause

If probable cause is found, an Information is filed in court and the case proceeds.

---

IX. Civil remedies vs. criminal remedies: what you can pursue

A. Criminal case

• Seeks punishment and may include restitution aspects through civil liability impliedly instituted, subject to rules and any reservation to file separately.

B. Civil action

• Recovery of money (collection of sum) can be pursued civilly, sometimes concurrently depending on procedural posture and reservations.

Strategic consideration: Criminal complaints can pressure resolution but also require stronger proof and longer timelines. Civil cases can focus on recovery but still require respondent identification and enforceability.

---

X. Settlement, desistance, and “refund offers”: practical cautions

• Refund after you file does not automatically erase criminal liability. Prosecutors evaluate whether the offense occurred; restitution can be mitigating but not necessarily extinguishing.
• Beware of secondary scams: “recovery agents” who demand fees to retrieve your money or “fix” the case.
• If settlement is considered, document it carefully and ensure funds truly clear before signing anything.

---

XI. Jurisdiction and venue: where should the case be filed?

Online scams blur geography. Venue may relate to:

• Where you sent the money
• Where you received the deceitful communication
• Where the respondent is located
• Where the damage occurred

In practice, complainants often file where they reside or where the transaction and harm were felt, but venue can be contested depending on charge. Law enforcement cyber units can guide the most workable filing path based on the evidence and respondent location.

---

XII. Typical pitfalls that weaken cases

1. Incomplete records (missing full chat history, missing transaction proof)
2. No clear misrepresentation (only vague promises, no specific deceit)
3. Delay in reporting (harder to trace accounts and preserve logs)
4. Evidence gaps (cropped screenshots without identifiers or timestamps)
5. Dealing only in voice calls without follow-up written confirmation
6. Paying through untraceable channels without reference trails
7. Assuming platform reports equal legal reports (they do not)

---

XIII. Practical checklist: what to bring when filing

• Government ID

• Printed and digital copies of:

  • Chat logs/screenshots
  • Profile pages/listings
  • Payment records (reference numbers)
  • Delivery/tracking details (if any)

• Written timeline summary (1–2 pages)

• Names and contacts of any witnesses (if applicable)

• Any other complainants’ statements (if coordinated)

---

XIV. Special considerations

A. If the victim is a minor or vulnerable person

Coordinate with a parent/guardian and consider victim assistance channels. Documentation should be handled carefully, especially for sensitive content.

B. If threats or extortion are involved

Keep threats intact and report promptly. Threats can be separate offenses. Do not engage in prolonged negotiation; preserve evidence and seek assistance.

C. If your accounts were compromised

• Change passwords immediately
• Enable multi-factor authentication
• Report to the platform
• Secure your email (often the master key)
• Check linked devices and active sessions
• Document unauthorized transactions

---

XV. Model structure of a complaint narrative (for guidance)

A strong narrative usually reads like this:

1. On (date/time), respondent using (handle/account number) offered (item/service/investment) for (price/terms).
2. Respondent represented (specific claims).
3. Relying on these claims, you transferred (amount) via (bank/e-wallet) to (account details) under reference (number).
4. After payment, respondent (failed to deliver / blocked / gave excuses).
5. You demanded delivery/refund on (dates); respondent (refused/ignored).
6. You suffered loss of (amount) and other damages.
7. Attached are true copies of conversations and transaction proofs as Annexes.

---

XVI. Key takeaway: build the case around elements + proof

Successful online scam reporting in the Philippines is less about labeling the incident as “fraud” and more about matching facts to legal elements (deceit, reliance, damage; or specific cyber acts) and presenting credible electronic evidence with traceable financial records. The best outcomes generally follow prompt action: immediate financial notifications, careful evidence preservation, and timely filing with cybercrime-capable investigators and the Prosecutor’s Office.