What to Do After Being Scammed Online in the Philippines: Legal Remedies and Reporting

What to Do After Being Scammed Online in the Philippines: Legal Remedies and Reporting

Online scams—from fake online stores and “crypto” or “investment” schemes, to phishing, SIM-swap, account takeovers, romance scams, and sextortion—are prosecuted in the Philippines under a mix of the Revised Penal Code and special laws. This guide explains, in plain language, exactly what to do, what to file, where to report, and which laws typically apply.

Quick take: Move fast, preserve evidence, notify your bank/telco/platform the same day, and file reports with law enforcement and the appropriate regulator. Criminal, civil, administrative, and chargeback routes can run in parallel.

1) First 24–72 Hours: Your Incident Checklist

A. Stop further loss

  • Freeze or lock affected accounts (bank/e-wallet/crypto exchange, marketplace, email, socials).
  • Change passwords and enable multi-factor authentication (MFA). If you suspect SIM-swap, ask your telco to suspend the SIM and issue a replacement with stricter verification.

B. Secure funds

  • Call your bank/card issuer/e-wallet immediately to dispute unauthorized transfers or card charges and request:

    • Transaction reversal/chargeback or a provisional credit, where applicable.
    • Hot-listing of your card/e-wallet profile.
    • Investigation docket number and written acknowledgment.

C. Preserve electronic evidence

  • Take full-screen screenshots of chats, profiles, posts, listings, invoices, QR codes, emails (include full headers), and transaction receipts.
  • Export PDFs of conversations and .csv of transaction logs where possible.
  • Note exact timestamps, usernames/handles, phone numbers, email addresses, wallet addresses, bank account names/numbers, courier docs, and IPs if available.
  • Keep the original device and avoid “cleaning” chats; duplication is fine but preserve originals for authenticity under the Rules on Electronic Evidence.

D. File internal platform reports

  • Report the account/listing to the marketplace or social platform to trigger takedowns and internal investigations. Ask for case/reference numbers.

2) Where to Report (You can do several at once)

A. Law enforcement

  • PNP Anti-Cybercrime Group (ACG) – for criminal complaints (phishing, online fraud, sextortion, account takeovers, etc.).
  • NBI Cybercrime Division – investigative assistance; often useful for tracing accounts and coordinating with banks/telcos.
  • DOJ Office of Cybercrime (OOC) – coordination and legal support for cybercrime cases.

Tip: Bring a sworn affidavit-complaint (see template below) and your evidence list on a USB plus printed copies. Ask for the case number and the officer’s name and unit.

B. Financial and sector regulators (depending on the scheme)

  • Bangko Sentral ng Pilipinas (BSP) – for issues with banks/e-money issuers/payment operators (failed dispute handling, unauthorized debits, poor fraud controls).
  • Securities and Exchange Commission (SEC) – for investment scams, unregistered securities, Ponzi/multi-level “investments,” and crypto “returns” schemes run as investment contracts.
  • Department of Trade and Industry (DTI) – for consumer transactions with online sellers (non-delivery/defective goods/misrepresentation).
  • National Privacy Commission (NPC) – for data breaches, doxxing, identity fraud, or mishandling of your personal data by a company.
  • Insurance Commission (IC) – for insurance-related scams or mis-sold policies.
  • National Telecommunications Commission (NTC) and your telco – for SIM-swap or spoofed numbers; request blocking and investigation under SIM registration rules.
  • AMLC (Anti-Money Laundering Council) – you can submit information to aid freeze/monitor efforts; your bank will also file Suspicious Transaction Reports.

3) What Laws Typically Apply (with examples)

  • Revised Penal Code – Estafa/Swindling (Art. 315) Used for deceit causing damage (e.g., fake online shop, advance-fee fraud, bogus “reseller” deals).

  • Cybercrime Prevention Act (RA 10175) If the offense is committed through computers/ICT, penalties for predicate crimes (like estafa, illegal access) are often one degree higher. Also covers illegal access, system interference, cybersex, and computer-related fraud.

  • Access Devices Regulation Act (RA 8484) For credit/debit card or access device fraud (including card-not-present transactions, stolen card data, skimming, and phishing leading to card misuse).

  • E-Commerce Act (RA 8792) Recognizes electronic documents and signatures; useful for admissibility of evidence and liability of parties transacting online.

  • Data Privacy Act (RA 10173) For unlawful processing/leaks of your personal data leading to identity theft or fraud; file a complaint with NPC after first contacting the company at fault.

  • Financial Products and Services Consumer Protection Act (RA 11765) Strengthens consumer rights vs. banks/e-wallets and requires fair treatment, effective complaint handling, and redress.

  • Securities Regulation Code (RA 8799) Unregistered securities/investment contracts (including many “crypto ROI” and HYIP schemes) are unlawful. SEC can cease and desist and file criminal cases.

  • Anti-Photo and Video Voyeurism Act (RA 9995) and Anti-OSAEC Relevant to sextortion or threats to publish intimate content; involves heavier penalties, especially if minors are involved.

  • SIM Registration Act (RA 11934) Helps with linking numbers to identity; supports complaints for spoofing/SIM-swap.

Venue & jurisdiction: Cybercrime cases have broader venue rules—you can typically file where any element occurred (e.g., where you accessed the internet, where the bank account is, or where the offender’s device/account was used). Prosecutors and cybercrime units can advise you on strategic venue.

4) Criminal vs. Civil vs. Administrative: You Can Pursue All

Criminal (punish offender; possible restitution)

  • File a complaint-affidavit with the City/Provincial Prosecutor, PNP-ACG, or NBI.
  • Attach evidence; identify statutes violated (see above).
  • Outcome may include warrants, seizure of devices, and prosecution. Restitution is possible but not guaranteed.

Civil (recover your money and damages)

  • File for sum of money/damages, rescission (undoing a contract), or unjust enrichment.
  • Small Claims in first-level courts (no lawyers required) can be used for monetary claims up to ₱1,000,000 (subject to the latest Supreme Court rules). Ideal for non-delivery/refund disputes.

Administrative/Regulatory (fast consumer relief and sanctions)

  • BSP/SEC/DTI/NPC complaints can pressure institutions, trigger refunds, and sanction bad actors/platforms that failed to protect consumers.

Chargebacks/Disputes (cards, e-wallets, platforms)

  • Run in parallel with criminal/civil remedies. Keep to issuer deadlines (often within 30–120 days depending on network rules). Provide proof of non-delivery, counterfeit, or unauthorized charge.

5) Building a Strong Case: Evidence & Procedure

Authenticity & integrity (electronic evidence):

  • Keep original files/devices; export copies in common formats (PDF, MP4, CSV).
  • Retain metadata when possible. If you must print, include hashes or audit trails where available.
  • Maintain a chain-of-custody note: who collected, when, how stored.

Tracing funds:

  • Record exact transaction IDs, beneficiary account names/numbers, receiving banks/e-wallets, and crypto wallet addresses/tx hashes.
  • Send this list to your bank, law enforcement, and (if applicable) AMLC to support freeze/hold requests.

Witnesses & corroboration:

  • Obtain sworn statements from delivery riders, bank staff who handled your call, or acquaintances who also dealt with the same seller.

Damages computation:

  • Principal loss + fees + consequential damages (e.g., replacement phone/SIM, travel) + moral/exemplary damages (as appropriate) + interest.

6) Special Scenarios

Phishing / Account Takeover (ATO)

  • Dispute unauthorized transactions; ask the bank/e-wallet for logs (login IPs, device fingerprints) and applied authentication factors.
  • If OTPs were intercepted via SIM-swap, include telco records of SIM change. Consider Data Privacy and RA 8484 angles.

Marketplace non-delivery / fake seller

  • Screenshot product page, seller profile, check-out confirmation, and chat logs.
  • File DTI complaint and Small Claims for refund; if deceit is clear, add estafa complaint.

Investment/“crypto ROI” schemes

  • Capture pitches, promised returns, proof of “guarantees,” and payment trails.
  • File with SEC (unregistered securities) and law enforcement (estafa/cyber-fraud). Ask SEC for any Cease and Desist Orders on the entity.

Romance scams / Sextortion

  • Do not pay. Preserve chats, payment requests, and threat messages.
  • Report to PNP-ACG/NBI. If intimate images are involved, cite RA 9995; if minors, Anti-OSAEC applies.

SIM-swap

  • Demand account freeze from bank/e-wallet; request SIM suspension and change from telco with higher verification.
  • File with NTC and law enforcement; include timestamps of SIM deactivation/reactivation.

7) Timelines, Deadlines, and Prescription (general guidance)

  • Chargebacks/disputes: act within card network/e-money deadlines (often within weeks).
  • Criminal complaints: special laws and estafa have varying prescriptive periods; file early to avoid issues.
  • Civil actions: commonly 4–10 years depending on the cause (e.g., fraud from discovery; written contracts up to 10 years). When in doubt, file promptly.

8) How to Draft Your Papers

A. Affidavit-Complaint (criminal)

  1. Title & parties (Offender as “Respondent,” you as “Complainant”).
  2. Personal circumstances (name, address, ID).
  3. Narrative of facts in chronological order (dates, times, platforms, acts of deceit, payments).
  4. Elements of the offense matched to facts (e.g., deceit + damage for estafa; use of ICT for RA 10175).
  5. Evidence list (Annex “A” chat screenshots; “B” receipts; “C” bank letter, etc.).
  6. Prayer (issuance of subpoenas/warrants, prosecution, restitution).
  7. Verification & jurat (have it notarized or sworn before a prosecutor).

B. Demand Letter (civil/refund)

  • Header: Your details, date, addressee.
  • Statement of transaction: What was promised, what happened.
  • Legal basis: Misrepresentation/breach; cite refund or rescission and damages.
  • Demand: Exact amount and deadline (e.g., 5 banking days); warn of civil/criminal action.
  • Mode of payment and where to respond. Send via traceable means; keep proof of service.

Demand Letter Template (fill-in-the-blanks)

[Date] [Name/Handle of Seller] [Address/Email/Platform Link]

Re: Formal demand for refund and damages

I purchased [item/service] on [date] for ₱[amount] via [bank/e-wallet/transfer ref no.]. You represented that [promise]. Despite payment, [non-delivery/defect/misrepresentation].

This constitutes [fraud/estafa/misrepresentation/breach]. I demand ₱[amount] within 5 banking days, failing which I will pursue criminal, civil, and regulatory remedies without further notice.

Sincerely, [Your Name], [ID No.] [Contact details]

9) Working With Institutions

Banks/e-wallets/payment operators

  • Escalate to the dispute/chargeback team; ask for internal Fraud or Customer Protection handling per the FCP Act.
  • Request written results of investigations and transaction logs.

Marketplaces/social platforms

  • Use “Report” tools; request data preservation (profiles, IP logs). Platforms may cooperate when shown a law enforcement case number.

Telcos

  • Ask for call/SIM change logs; request number blocking for scammers’ numbers and preservation for law enforcement.

Regulators

  • File online complaints with attachments; reference your police/NBI case number. Regulators can pressure platforms and financial institutions to resolve faster.

10) Practical Tips & Red Flags (to avoid repeat victimization)

  • No recovery fees. Scammers pose as “agents” promising to get your money back for a cut—don’t pay.
  • One-way crypto “refunds.” Anyone asking you to “verify wallet” or send gas fees for a “refund” is scamming you again.
  • Document everything. Every call, name, ticket number, and date.
  • Credit monitoring. If ID documents leaked, consider credit bureau monitoring and re-issuance of IDs.
  • Two-factor hygiene. Prefer authenticator apps over SMS OTP; never share OTPs or recovery codes.

11) Frequently Asked Questions

Can I get my money back? Yes—through chargebacks, civil suits, or settlement prompted by regulatory pressure. Success depends on speed, evidence, and cooperation of institutions.

Should I still file criminal charges if I’m pursuing a chargeback? Usually yes. Criminal and civil/chargeback avenues are independent and filing helps freeze assets and deter further harm.

What if the scammer is overseas? Law enforcement can coordinate via MLATs and platform requests. You can still pursue chargebacks and regulatory complaints locally and sue local “mules” who received funds.

Do I need a lawyer? Helpful, especially for criminal complaints and higher-value civil claims. For Small Claims (up to ₱1,000,000 under the current rules), you can file without a lawyer.

12) One-Page Action Plan (print and keep)

  1. Today: Freeze accounts, change passwords/MFA, call bank/e-wallet, report on platform, preserve evidence.
  2. Within 48 hours: File with PNP-ACG/NBI and the relevant regulator (BSP/SEC/DTI/NPC).
  3. Within 7–10 days: Send Demand Letter; lodge formal chargeback/dispute with full documentation.
  4. Within 30 days: Decide on Small Claims or regular civil action; continue with the criminal case.
  5. Ongoing: Track all case numbers, follow up in writing, and ignore “recovery agents.”

Final Note

This guide provides practical, Philippine-specific steps and the usual legal frameworks used against online scams. Because facts vary, consider consulting a Philippine lawyer—especially if the amount is significant, sensitive images are involved, or a business data breach occurred.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login