Procedure to report an online game scam in the Philippines

1) What counts as an “online game scam”

An online game scam is any scheme using an online game, its marketplace, related social media channels, or game-linked payments to unlawfully obtain money, items, accounts, personal data, or other benefits through deceit, unauthorized access, or abuse of systems.

Common patterns in the Philippines include:

  • In-game item/account selling fraud: seller takes payment then blocks buyer / delivers nothing / delivers a different item.
  • Top-up/load/diamond scams: “discounted top-up” offers; payment is taken and credits never arrive.
  • Middleman / “escrow” impersonation: fake “MM” accounts vouching for trades.
  • Account takeovers: phishing links, fake login pages, OTP theft, “free skins” bait, then account hijack.
  • Chargeback/refund abuse: buyer receives item then reverses payment (where platforms allow).
  • Investment/“guild earning” schemes: promised returns from game currency/assets with recruitment mechanics.
  • Malware and credential theft: “injectors,” mod APKs, cheat tools that steal logins.

These scams can trigger criminal, civil, and platform/financial remedies, often in parallel.

2) Key Philippine laws that may apply

Which law applies depends on what the scammer did and what you lost. Online game scams commonly fall under one or more of these:

A. Revised Penal Code (RPC)

  • Estafa (Swindling) (deceit causing damage, e.g., taking payment for items/top-ups and not delivering; misrepresentation to obtain money).
  • Theft / Qualified theft may apply in limited situations, but online-game cases are more often charged as estafa or cybercrime offenses.

B. Cybercrime Prevention Act of 2012 (RA 10175)

If the act involved computers/networks, RA 10175 may cover:

  • Computer-related fraud (fraud committed through a computer system).
  • Computer-related identity theft (use/misuse of identifying information).
  • Illegal access (hacking/unauthorized entry into accounts).
  • Other related cyber offenses depending on conduct.

RA 10175 can also affect jurisdiction/venue and how digital evidence is handled in practice.

C. Electronic Commerce Act (RA 8792) and Rules on Electronic Evidence

These support the use of electronic data messages and digital evidence (screenshots, logs, emails, chats) in legal proceedings, provided they are properly authenticated.

D. Data Privacy Act (RA 10173) (situational)

If the scam includes unlawful collection, disclosure, or misuse of personal data (IDs, selfies, contact lists), data privacy issues may arise—especially when data is used for identity theft, harassment, or further fraud.

E. Access Devices Regulation Act (RA 8484) (situational)

If credit/debit cards or access devices are misused as part of the scam (carding, stolen card details), this may apply.

3) First-response steps (do these before reporting, when possible)

A. Secure your accounts and devices

  • Change passwords for the game account, email, and linked social accounts.
  • Enable two-factor authentication (2FA) wherever available.
  • Revoke unknown sessions/devices in account security settings.
  • Scan devices for malware (especially if you clicked “free skins,” “mods,” or suspicious APKs).

B. Notify the game/platform immediately

Use the game’s support and in-app reporting tools to:

  • Report the scammer account(s).
  • Request account recovery or transaction review (if your account was taken over).
  • Ask the platform to preserve logs tied to your case (chat logs, trade logs, payment references). Even if platforms won’t “share” logs with you, they may retain them for law enforcement.

C. Notify your payment channel

If you paid via bank transfer, card, e-wallet, remittance, or payment link:

  • Report the transaction as fraudulent and request blocking, dispute handling, and record preservation.
  • Gather official transaction references (merchant name, transaction ID, timestamp).

Speed matters because reversals/holds are time-sensitive and depend on the provider’s rules.

4) Evidence: what to collect (and how to preserve it)

A strong report is evidence-heavy and timeline-driven.

A. Identity and footprint of the scammer (even if “unknown”)

Collect:

  • In-game name, user ID, guild/clan, server, friend code
  • Social media handles, phone numbers, emails
  • Payment details given (GCash/Bank name + account number, QR code, remittance details)
  • Any shipping/delivery details (if physical items were involved)

B. Proof of the scam

Collect and keep original copies where possible:

  • Screenshots/screen recordings of:

    • chats and agreements (price, item, delivery terms)
    • scammer’s profile and posts/ads
    • proof of “blocked” status or deleted messages (take a video if chat disappears)

  • Transaction proof:

    • e-wallet/bank confirmations, receipts, reference numbers
    • statements showing debit

  • Game records:

    • trade history, purchase history, inventory changes, login alerts

  • Links and technical artifacts:

    • URLs used for phishing, shortened links, fake login pages
    • email headers (if scam came through email)

C. Preservation tips that help in court

  • Don’t crop away timestamps/usernames if you can avoid it.
  • Keep files in a folder with the original filenames and dates.
  • If you can export chats (where apps allow), export them.
  • Write down a chronology immediately while memory is fresh.

Digital evidence is admissible, but credibility improves when you show the court/prosecutor you preserved it carefully.

5) Where to report in the Philippines (the practical channels)

You can report in multiple tracks. The most common are:

A. Law enforcement cybercrime units (investigation + case build-up)

  1. PNP Anti-Cybercrime Group (PNP-ACG)
  2. NBI Cybercrime Division / NBI Cybercrime units in regional offices

These units can:

  • take your sworn statement,
  • evaluate cybercrime angles (illegal access, computer-related fraud),
  • coordinate preservation requests for logs and subscriber details,
  • assist in identifying suspects and preparing the complaint for prosecution.

B. The Prosecutor’s Office (to start the criminal case)

To pursue criminal liability (estafa and/or cybercrime offenses), you typically file a Complaint-Affidavit with the City/Provincial Prosecutor for preliminary investigation.

In many cyber cases, complainants first go to PNP-ACG/NBI to strengthen identification and technical documentation, then file with the prosecutor once the complaint packet is complete.

C. Platform and payment providers (to stop harm and attempt recovery)

  • Game publisher/platform support (bans, recovery, internal review)
  • Social media marketplace/reporting (if sale happened there)
  • Banks/e-wallets/payment gateways (dispute, fraud reporting, account blocking, documentation)

These are not substitutes for criminal reporting, but they can prevent further losses and preserve key records.

6) Step-by-step procedure to report (end-to-end)

Step 1: Prepare a complete “case packet”

Create a single folder (digital + printed) containing:

  1. Chronology of events (date/time, what happened, where)
  2. All identities/handles of the scammer and accomplices
  3. Evidence annexes (screenshots, videos, receipts, links)
  4. Loss summary (money value, items, account value if relevant, plus consequential costs)

Step 2: Execute a sworn narrative (Complaint-Affidavit)

A Complaint-Affidavit is the standard document for criminal complaints. It should include:

  • Your full name, address, contact details

  • Your account identifiers (game ID/email—only what’s necessary)

  • The scammer’s identifiers (even if only usernames and payment accounts)

  • A clear narration:

    • how you met/contacted the scammer
    • what was promised
    • what you paid/transferred
    • what you received (or didn’t receive)
    • how the deceit/unauthorized access occurred
    • your efforts to resolve (requests for delivery/refund, being blocked, etc.)

  • A statement of damages/loss

  • A list of attachments labeled Annex “A,” “B,” “C,” etc.

This affidavit is typically notarized.

Step 3: File with PNP-ACG or NBI cybercrime (recommended in many cases)

Bring:

  • Valid IDs
  • Printed and soft copies of evidence
  • Notarized affidavit (or draft, depending on office practice)

They may:

  • interview you and record a formal statement,
  • advise on proper offense classification (estafa vs cyber fraud vs illegal access),
  • help request preservation of logs and identify the suspect through payment trails and available records.

Step 4: File the criminal complaint with the Prosecutor’s Office

Submit:

  • Complaint-Affidavit (notarized)
  • Supporting affidavits (if witnesses exist: friends in the chat, middleman, courier, etc.)
  • Evidence annexes and proof of loss

The prosecutor will conduct preliminary investigation, usually involving:

  • evaluation of your complaint for sufficiency,
  • issuance of a subpoena to the respondent (if identifiable/addressable),
  • receipt of counter-affidavit and your reply,
  • issuance of a resolution on whether probable cause exists to file in court.

If the respondent is not yet identified, cybercrime units can still build identification leads; however, prosecution is significantly easier once a person is reasonably identified.

Step 5: Court filing and trial (if probable cause is found)

If the prosecutor finds probable cause, an Information is filed in court. Cybercrime-related cases are generally handled by designated cybercrime courts. You may later be asked to:

  • affirm your complaint,
  • testify to authenticate evidence,
  • identify your screenshots/records and explain how you obtained them.

Step 6: Parallel recovery actions (while the case runs)

  • Platform recovery/rollback processes (account restoration, reversal if allowed)
  • Payment disputes and documentation requests
  • Civil damages (often impliedly instituted with the criminal case for estafa, unless reserved; civil strategy depends on facts)

7) What offense to allege: matching facts to the right complaint

You do not need to perfectly label the crime, but your narrative should show the elements.

A. Estafa indicators (classic “trade scam”)

  • Misrepresentation or deceit induced you to part with money/property
  • You suffered damage when the scammer did not deliver/refund Examples: “Pay first, item later,” fake middleman, fake proof-of-transfer.

B. Cybercrime indicators (account hacking / phishing / system abuse)

  • You were tricked into giving credentials/OTP through a fake login page
  • Your account was accessed without authority
  • Your items/currency were transferred out after unauthorized login Examples: “free skins” phishing; OTP social engineering; malware “mods.”

Many online game cases involve both: estafa for the payment deception and RA 10175 for the computer-related component.

8) Special issues in online game scams

A. Cross-border scammers

Many gaming scams are run outside the Philippines or through foreign platforms. Identification may require:

  • platform cooperation,
  • telecom/payment records,
  • and sometimes international processes (which can affect speed and feasibility).

B. Minors

If either party is a minor, the handling may intersect with juvenile justice rules. Fact patterns with minors require careful, evidence-based reporting and appropriate safeguarding.

C. “Virtual items have no value” defenses

Scammers sometimes argue that virtual items aren’t “real property.” In practice, cases are strengthened by anchoring loss to:

  • actual money paid,
  • documented market price,
  • platform transaction value,
  • and demonstrable deprivation or benefit obtained through deceit/illegal access.

D. Avoiding self-incrimination and privacy pitfalls

  • Do not submit illegally obtained materials (e.g., hacked data) as evidence.
  • Stick to what you lawfully received/recorded (your chats, your receipts, your account alerts).
  • Avoid public accusations; keep allegations within sworn reports.

9) Evidence organization: a recommended annex structure

  • Annex A – Screenshot of scammer profile (game + social media)
  • Annex B – Chat logs showing agreement and instructions
  • Annex C – Proof of payment (transaction receipt, bank/e-wallet confirmation)
  • Annex D – Proof of non-delivery/blocking/refusal to refund
  • Annex E – Platform report/ticket number and any platform response
  • Annex F – Loss summary and valuation basis
  • Annex G – Device/login alerts or security logs (if account takeover)

This format makes it easier for investigators and prosecutors to follow your case.

10) What outcomes are realistic

Possible outcomes depend on evidence and identification:

  • Platform sanctions (ban, recovery, internal reversals where allowed)
  • Payment disputes (partial/full recovery depending on provider rules and timing)
  • Criminal prosecution (estafa/cybercrime), leading to penalties and restitution/damages
  • Settlement and restitution during investigation (common when respondent is identified and reachable)

11) Core checklist (procedural)

  1. Secure accounts + notify platform + notify payment provider
  2. Preserve evidence with timestamps and transaction references
  3. Prepare chronology + loss summary
  4. Draft and notarize Complaint-Affidavit with annexes
  5. File with PNP-ACG or NBI cybercrime (investigative support)
  6. File with City/Provincial Prosecutor for preliminary investigation
  7. Maintain copies; be ready to authenticate digital evidence in proceedings

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login