Losing money to an online scam through a bank transfer, InstaPay/PESONet, QR payment, or e-wallet is stressful because the money can move through several accounts within minutes. The most important thing is to act fast, preserve evidence, and report the transaction through the right channels. In the Philippines, your remedies may involve the bank or e-wallet’s fraud process, the Bangko Sentral ng Pilipinas (BSP), the PNP Anti-Cybercrime Group or NBI Cybercrime Division, and in some cases a criminal complaint for estafa, cybercrime, or financial account scamming.
First Things First: What You Should Do Immediately
The first few hours matter. Once scam proceeds are withdrawn, converted to crypto, transferred to another e-wallet, or passed through “money mule” accounts, recovery becomes much harder.
Stop communicating with the scammer. Do not send “verification fees,” “refund processing fees,” “tax,” “unfreezing fees,” or any additional amount. Many victims lose more money after the first transfer because the scammer promises a refund.
Call or message your bank or e-wallet’s official fraud channel immediately. Use the hotline, in-app help center, official website, or branch. Tell them: “I am reporting a disputed transaction due to an online scam. Please flag the transaction and initiate temporary holding/coordinated verification under AFASA if applicable.”
Report to the receiving bank or e-wallet too, if known. The receiving institution may not disclose the account owner’s details to you, but it can receive a fraud report, flag the beneficiary account, and coordinate with your own provider.
Secure your own accounts. Change passwords, remove unfamiliar linked devices, reset app PINs, disable biometrics if compromised, and call your telco if your SIM may have been taken over.
Take screenshots before anything disappears. Save chat threads, profile links, usernames, phone numbers, account names, QR codes, transaction receipts, reference numbers, emails, URLs, courier details, and call logs.
File a cybercrime or police report as soon as possible. Banks and e-wallets commonly ask for a police report, sworn complaint, or affidavit before they extend a hold or support a formal investigation.
Escalate to the BSP if the bank or e-wallet does not respond properly. BSP-supervised banks and e-money issuers are required to have consumer assistance mechanisms, and unresolved complaints may be elevated to the BSP Consumer Assistance Mechanism. (BSP)
Why Speed Matters Under Philippine Law
Republic Act No. 12010, or the Anti-Financial Account Scamming Act (AFASA), specifically covers bank accounts, e-wallets, payment accounts, and other financial accounts used in scams. The law recognizes that scammers often use financial accounts, fake identities, and mule accounts to receive and move stolen money. (Lawphil)
AFASA is important because it gives financial institutions authority to temporarily hold funds subject of a disputed transaction. Under BSP Circular No. 1215, the initial holding period is generally up to five calendar days, with possible extension up to a total of thirty calendar days, unless a court extends it further.
This does not mean every victim automatically gets a refund. It means there is now a clearer legal mechanism for banks and e-wallets to stop, trace, verify, and possibly return disputed funds when the facts and timing support it.
What Counts as an Online Scam Involving a Bank or E-Wallet?
Online scams can take many forms, but the common feature is that you were deceived into sending money or giving access to your financial account.
Common examples include:
- Fake online sellers on Facebook Marketplace, Instagram, TikTok, Carousell, or messaging apps
- Fake investment, crypto, forex, or “tasking” platforms
- Romance scams or “love scams”
- Fake job offers requiring “processing,” “training,” or “unlocking” fees
- Phishing links that imitate banks, e-wallets, delivery companies, or government portals
- Fake customer support accounts asking for OTPs or account details
- QR code scams
- Account takeover after you gave an OTP, MPIN, password, or remote access
- Impersonation scams using a hacked account of a friend, relative, boss, or client
Under AFASA, social engineering includes deception or fraud used to obtain sensitive identifying information, such as usernames, passwords, bank details, credit card details, e-wallet information, and other credentials. (Lawphil)
Legal Bases That May Apply
Several laws can apply at the same time. The correct legal theory depends on how the scam happened.
| Legal basis | When it may apply | Why it matters |
|---|---|---|
| RA 12010, Anti-Financial Account Scamming Act | Scam used a bank account, e-wallet, money mule, fake account, or social engineering | Allows temporary holding, coordinated verification, investigation into financial accounts, and penalties for money muling and social engineering |
| RA 10175, Cybercrime Prevention Act of 2012 | Fraud was committed through a computer system, app, website, email, or online platform | Covers computer-related fraud and cybercrime investigation procedures |
| Revised Penal Code, Article 315 on estafa | You were deceived into parting with money | Estafa covers fraud through false pretenses, fictitious names, or similar deceit |
| RA 11765, Financial Products and Services Consumer Protection Act | Your complaint is against a bank, e-wallet, or other financial service provider | Gives financial consumers rights to fair treatment, protection against fraud, data privacy, and timely complaint handling (Supreme Court E-Library) |
| Civil Code, Articles 19, 20, 21, 1170, and 2176 | You seek damages from the scammer or a negligent party | Provides civil bases for compensation for fraud, negligence, bad faith, or wrongful acts |
| RA 9160, Anti-Money Laundering Act | Scam proceeds are moved through accounts or suspicious transaction chains | Banks and covered institutions may need to report suspicious transactions to AMLC |
| RA 11934, SIM Registration Act | The scam used mobile numbers, spoofing, or text messages | Registration data may assist law enforcement, but it does not by itself guarantee identification of the scammer |
AFASA also penalizes money muling, including using, borrowing, selling, lending, buying, renting, or opening financial accounts for scam proceeds, and recruiting others to do so. (Lawphil)
Step-by-Step Guide After You Lose Money
1. Prepare the Transaction Details
Before calling or emailing, gather the information that helps the bank or e-wallet locate the transaction quickly.
Prepare:
- Your full name and registered mobile number or account number
- Date and exact time of transfer
- Amount sent
- Transaction reference number
- Channel used: InstaPay, PESONet, QR, bank transfer, e-wallet send money, card transaction, or cash-in/cash-out
- Receiving account name, number, mobile number, QR merchant name, or wallet ID
- Screenshots of the scam conversation
- Scammer’s profile URL, page name, phone number, email, website, or username
- Short timeline of what happened
Be clear. Instead of saying only “I was scammed,” say:
“On 15 March 2026 at 2:14 p.m., I transferred ₱18,500 via InstaPay from my account to account name Juan D. Santos, account number ending 1234, under Bank X. The transfer was induced by a fake seller on Facebook using this profile link. I am requesting fraud tagging, temporary holding if funds are intact, and coordinated verification.”
2. Report to Your Own Bank or E-Wallet
Your provider is usually the originating financial institution because it processed the outgoing transfer. Ask for:
- Fraud report or dispute case number
- Temporary holding request, if available
- Coordinated verification with the receiving institution
- Written confirmation of your complaint
- Copy or screenshot of your report
- Instructions on required documents
Under BSP Circular No. 1215, a source account owner may be asked to submit supporting documents such as a sworn complaint, affidavit, police report, or other documents detailing why the transaction is disputed. These should be submitted within the initial holding period when required by the provider’s process.
3. Report to the Receiving Bank or E-Wallet
Even if you are not their customer, you can report that their account appears to have received scam proceeds.
Include:
- Name of receiving bank or e-wallet
- Account name and number or wallet number
- Amount and time received
- Transaction reference number
- Proof of transfer
- Proof of scam
Do not expect them to reveal the account owner’s address, ID, or personal details. Banks and e-wallets are restricted by privacy and bank secrecy rules. However, AFASA allows coordinated verification among involved institutions for disputed transactions. (Lawphil)
4. File a Complaint With Law Enforcement
For online scams, the usual options are:
| Office | Best for | Practical notes |
|---|---|---|
| PNP Anti-Cybercrime Group | Online scam, hacked accounts, phishing, impersonation, e-wallet fraud | Often accessible through regional or local cybercrime units |
| NBI Cybercrime Division | Larger, more technical, organized, or multi-victim scams | The NBI maintains an online complaint page and may require personal appearance or submission of documents (National Bureau of Investigation) |
| CICC / I-ARC Hotline 1326 | Immediate reporting and guidance for scams | The 1326 hotline is described as a 24/7 anti-scam reporting channel, with PNP and NBI as law enforcement arms of the inter-agency response system. (Philippine News Agency) |
| Office of the City or Provincial Prosecutor | Formal criminal complaint for estafa, cybercrime, or AFASA violation | Usually requires a complaint-affidavit and supporting evidence |
When filing, bring printed and digital copies. Investigators often need the digital version because URLs, headers, screenshots, and metadata may matter.
5. Execute a Complaint-Affidavit
A complaint-affidavit is your sworn written statement explaining what happened. It is commonly required for criminal complaints.
It should include:
- Your personal details
- How you encountered the scammer
- What representations were made
- Why you trusted the scammer
- How much you sent and through what channel
- Transaction details
- Damage suffered
- List of attached evidence
- Statement that you are filing for investigation and appropriate charges
Have it notarized if required. If you are abroad, you may need to sign before a Philippine Embassy or Consulate, or use a notarized and apostilled document depending on the country and the receiving Philippine office’s requirements. The DFA’s apostille system applies to documents that need authentication for cross-border use. ([Apostille
]6)
6. Escalate to the BSP if the Provider Mishandles the Complaint
If your bank or e-wallet ignores you, gives only template replies, refuses to provide a case number, or fails to explain its action, escalate to the BSP.
The BSP page on consumer assistance says unresolved concerns may be filed through BSP Online Buddy, and alternatives include email, mail, phone, and walk-in channels. The complaint should include your summary, requested resolution, contact details, copy of your complaint to the financial institution, the institution’s reply if any, and supporting documents. (BSP)
The BSP Consumer Assistance Mechanism is not the same as a criminal case. It focuses on the financial institution’s handling of your complaint and whether you are entitled to redress under financial consumer protection rules.
Can the Bank or E-Wallet Be Required to Refund You?
A refund is possible, but it depends on the facts.
You may have a stronger refund argument if:
- You reported quickly and funds were still intact
- The bank or e-wallet failed to apply required fraud controls
- The transaction was unauthorized
- There were clear red flags, unusual patterns, or account takeover signs
- The provider failed to act on a timely fraud report
- The provider mishandled your complaint or did not follow BSP rules
AFASA states that institutions must protect access to financial accounts using adequate risk management systems and controls, including multi-factor authentication and fraud management systems. It also provides that restitution may be required when an institution fails to employ adequate controls or fails to exercise the highest degree of diligence, and conviction of the scammer is not a prerequisite to restitution. (Lawphil)
However, the provider may deny reimbursement if it finds that:
- The transfer was voluntarily initiated
- The correct OTP, MPIN, biometrics, or credentials were used
- The provider complied with required security controls
- The funds had already left the receiving account before your report
- The evidence is insufficient to classify the transaction as disputed
- The report appears false, malicious, or unsupported
Even if the bank denies reimbursement, you may still pursue law enforcement, BSP escalation, or civil recovery against identified persons.
What If You Gave the OTP or MPIN?
Many victims are told: “You gave the OTP, so we cannot help.” That answer is too simplistic.
Giving an OTP can hurt your claim because providers treat OTPs as strong proof of authorization. But under AFASA, social engineering schemes are expressly recognized. The question becomes more detailed:
- How was the OTP obtained?
- Did the scammer impersonate the bank, e-wallet, government, courier, or platform?
- Did the app or bank detect unusual device, location, amount, or transfer pattern?
- Were there adequate warnings?
- Was there a delay that allowed the provider to hold funds?
- Did the provider act promptly after your report?
Do not hide the fact that you gave an OTP. Investigators and fraud teams usually discover it anyway. Explain exactly how the scammer induced you to provide it.
What If the Account Name Is Fake or Belongs to a “Mule”?
A money mule is someone whose account is used to receive or move scam proceeds. Some mules are part of the syndicate; others are recruited through fake jobs, “cash-in/cash-out” commissions, or account rental schemes.
Under AFASA, buying, selling, lending, renting, or allowing use of a financial account for scam proceeds can be punished. Opening an account under a fictitious name or using another person’s identity documents is also covered. (Lawphil)
In practice, the name shown on your transfer receipt may be:
- A real mule
- A stolen identity
- A fake or incomplete account name
- A merchant wallet
- A cash-in/cash-out agent
- A first-layer account that immediately forwarded the funds elsewhere
This is why coordinated verification is important. The account you sent money to may not be the final destination.
Documents You Should Prepare
| Document or evidence | Why it helps |
|---|---|
| Government-issued ID | Proves your identity as complainant |
| Proof of transfer | Shows amount, time, reference number, and receiving account |
| Bank or e-wallet statement | Confirms debit from your account |
| Screenshots of chats | Shows deceit, promises, threats, instructions, and account details |
| Scammer profile links or URLs | Helps investigators preserve online traces |
| Screenshots of posts or ads | Useful for fake seller, investment, job, or marketplace scams |
| Call logs and SMS | Supports phishing, spoofing, or impersonation claim |
| Email headers | Useful for phishing emails |
| Complaint ticket from bank/e-wallet | Shows you reported and when |
| Police report or cybercrime complaint | Often required for extended verification or formal action |
| Complaint-affidavit | Required for criminal complaint or prosecutor referral |
| Special Power of Attorney | Needed if a representative files or follows up for you |
Practical Timelines and Bottlenecks
| Step | Typical timeline | Common bottleneck |
|---|---|---|
| Report to bank/e-wallet | Same day | Long hotline queues, chatbot loops, incomplete documents |
| Initial temporary hold if funds are intact | Up to 5 calendar days under BSP rules | Funds already withdrawn or moved |
| Possible extended hold | Up to 25 more calendar days, total generally 30 | Need affidavit, police report, or verification documents |
| BSP consumer escalation | BSP may evaluate or refer complaints; postal/email concerns may be acted on within stated BSP timeframes | Provider must first be given a chance to resolve |
| BSP-CAM process | BSP FAQ materials state the CAM process may take about 55 to 65 days | Complex fact-finding and provider response time (BSP) |
| PNP/NBI investigation | Weeks to months, depending on evidence and cooperation | Account tracing, subpoenas, warrants, and identity verification |
| Prosecutor preliminary investigation | Often months | Need complete affidavits and evidence |
| Court case | Months to years | Identification of accused, service of notices, trial delays |
Should You File a Small Claims Case?
A small claims case may help only if you can identify the person you are suing and your claim is for a sum of money within the small claims threshold.
The Supreme Court states that small claims coverage is up to ₱1,000,000, without the old distinction between Metro Manila and outside Metro Manila. (Supreme Court of the Philippines)
Small claims may be useful when:
- You know the scammer’s real name and address
- The transaction looks like a failed sale, unpaid debt, or refund dispute
- You have receipts, chats, and proof of demand
- The amount is within the threshold
Small claims may not be useful when:
- You only have a fake name or mule account
- The scammer is abroad or untraceable
- You need subpoenas, cyber warrants, or bank account tracing
- The case is primarily criminal or syndicate-based
Special Notes for OFWs, Filipinos Abroad, and Foreigners
If you are outside the Philippines, you can still start the process.
Practical options include:
- Report immediately through your bank or e-wallet’s official digital channel
- Use the BSP complaint channels if your provider is BSP-supervised
- Contact I-ARC Hotline 1326 or its alternative channels where accessible
- Prepare a sworn statement abroad
- Execute a Special Power of Attorney for a trusted representative in the Philippines
- Preserve evidence in original digital form, not only screenshots
For foreign documents, Philippine offices may ask whether the document is consularized, apostilled, or notarized in a way acceptable for Philippine proceedings. Requirements vary depending on the office, the country where the document was executed, and whether the country is part of the Apostille Convention.
Foreign victims should also keep passport pages, Philippine address details if any, and proof of the financial transaction connected to the Philippines.
Common Mistakes That Hurt Recovery
Waiting several days before reporting
The biggest mistake is delay. Even a valid scam report may fail to recover funds if the money has already been withdrawn.
Deleting chats out of embarrassment
Do not delete anything. Shame is common, especially in romance scams, job scams, or investment scams. Evidence is more important than embarrassment.
Posting the full account number online
You may warn others, but avoid posting full account numbers, IDs, addresses, or private information publicly. Give complete details to the bank, e-wallet, and investigators instead.
Filing only with the platform
Reporting to Facebook, TikTok, Telegram, or the marketplace may remove the scammer’s profile, but it does not automatically trigger bank tracing or a criminal investigation.
Sending more money to “recover” the first amount
Legitimate banks, government agencies, and law enforcement offices do not require you to send more money to release scam proceeds.
Assuming a police blotter is enough
A blotter may document your report, but banks and prosecutors often need a clearer complaint-affidavit, transaction proof, and evidence packet.
Making a false or exaggerated report
AFASA penalizes malicious reporting that results in temporary holding of funds. Report facts accurately, even if some details are embarrassing or unfavorable. (Lawphil)
Frequently Asked Questions
Can I still recover my money after an online scam in the Philippines?
Yes, recovery is possible, but not guaranteed. Your chances are better if you report immediately, the funds are still in the receiving account, and your bank or e-wallet can initiate temporary holding or coordinated verification.
Should I report first to the bank, the police, or the BSP?
Report to your bank or e-wallet first because they can act on the transaction fastest. Then file with PNP-ACG, NBI, or I-ARC for investigation. Escalate to the BSP if the financial institution mishandles or fails to resolve your complaint.
Is an e-wallet scam covered by AFASA?
Yes. AFASA expressly includes e-wallets and other financial accounts used to access financial products or services. (Lawphil)
What if the scammer already withdrew the money?
The bank may no longer be able to hold the original funds, but the transaction trail may still help identify mule accounts, linked accounts, cash-out points, or other participants. You should still file reports and preserve evidence.
Can the bank reveal the scammer’s identity to me?
Usually, no. Banks and e-wallets are restricted by privacy, bank secrecy, and internal rules. However, they may share information through proper legal processes, coordinated verification, BSP authority, subpoenas, cybercrime warrants, or law enforcement channels.
Is giving my OTP the end of my case?
No. It may make the case harder, but it does not automatically end it. If the OTP was obtained through deception, impersonation, phishing, or social engineering, that fact should be documented and reported.
Do I need a lawyer to file a cybercrime complaint?
For the initial report, many victims file directly with the bank, e-wallet, PNP, NBI, or BSP. A lawyer becomes more important when the amount is large, the facts are complex, the bank denies reimbursement, or a formal prosecutor or court case is being prepared.
Can I file against the owner of the receiving account?
Possibly. If evidence shows the account owner knowingly received, moved, or allowed use of the account for scam proceeds, AFASA, estafa, money laundering-related rules, or other laws may apply. But if the identity was stolen or the account was misused, investigators must verify the facts.
How long do banks or e-wallets have to hold disputed funds?
Under BSP Circular No. 1215, initial holding is generally up to five calendar days, with possible extension up to a total temporary holding period of thirty calendar days, unless extended by a court.
What if the bank or e-wallet refuses to help?
Ask for a written explanation and case reference number. Then escalate through the provider’s formal complaint channel and, if unresolved, through the BSP Consumer Assistance Mechanism with your proof, complaint history, and requested resolution. (BSP)
Key Takeaways
- Report the scam to your bank or e-wallet immediately; speed is critical.
- Ask for fraud tagging, temporary holding, and coordinated verification under AFASA when applicable.
- Preserve all evidence before the scammer deletes accounts, chats, or posts.
- File with PNP-ACG, NBI, or I-ARC for cybercrime investigation.
- Escalate to the BSP if the bank or e-wallet mishandles your complaint.
- A refund is possible but depends on timing, evidence, whether funds remain traceable, and whether the provider complied with required security and consumer protection duties.
- Do not send additional “recovery” fees, and do not make false or exaggerated reports.
- For larger losses, prepare a complete evidence packet early: transaction proof, screenshots, complaint-affidavit, police or cybercrime report, and all bank or e-wallet case references.