Someone using your company name, logo, officers’ identities, or email style to publish fake job openings can cause immediate financial, privacy, and reputational harm. Applicants may pay “processing fees,” submit government IDs, disclose bank details, or resign from real jobs because they believe they are dealing with your business. The company may also face angry victims, damaging social media posts, and questions from regulators or law enforcement. The correct response is to preserve evidence first, stop the scam from spreading, warn applicants, report the accounts, and build a coordinated criminal, civil, employment, intellectual-property, and data-privacy response.
What Counts as a Fake Job Posting?
A fake job posting usually involves one or more of the following:
- A social media page pretending to be your official recruitment page
- A job advertisement using your company name or logo without authority
- A fake recruiter claiming to be an employee, officer, or HR representative
- An email address designed to resemble your official domain
- A fabricated offer letter, employment contract, company ID, or interview invitation
- A request for an application fee, training fee, medical fee, equipment deposit, visa fee, or “refundable” reservation payment
- A request for passports, government IDs, selfies, bank details, one-time passwords, or other sensitive information
- A fake local or overseas job order supposedly issued by your company
The company and the applicants may be separate victims. The company suffers misuse of its identity, goodwill, and intellectual property. Applicants may suffer financial loss, identity theft, privacy violations, or illegal recruitment.
That distinction matters. A company representative can report the impersonation and damage to the business, while applicants who sent money or personal information should generally execute their own affidavits because they have direct knowledge of the deception and loss.
Philippine Laws That May Apply
Several laws can apply to the same scheme. The correct charges depend on what the impostors actually did, what documents they used, whether anyone paid money, and whether the supposed jobs were local or overseas.
Computer-Related Identity Theft Under RA 10175
Section 4(b)(3) of the Cybercrime Prevention Act of 2012, Republic Act No. 10175, penalizes the intentional acquisition, use, misuse, transfer, possession, alteration, or deletion of identifying information belonging to another person without right.
Importantly, the law expressly covers identifying information belonging to a natural or juridical person. A corporation or company is a juridical person. Using a company’s identity, official details, or other identifying information to operate fake recruitment accounts may therefore support a computer-related identity-theft complaint, depending on the evidence. Damage need not already have occurred for the conduct to be punishable, although the resulting penalty may differ. (Lawphil)
Other cybercrime provisions may apply when the perpetrators manipulate data, gain unauthorized access to accounts, or use computer systems to commit fraud. Section 6 of RA 10175 also covers crimes under the Revised Penal Code and special laws when committed through information and communications technology, subject to the rules developed by the Supreme Court.
Estafa When Applicants Lose Money
Article 315(2)(a) of the Revised Penal Code covers estafa by false pretenses. This generally applies when a person makes a false representation before or at the time of the transaction, the victim relies on it, and the victim suffers financial or property damage.
A typical example is a scammer who:
- Pretends to be your company’s HR manager;
- Promises a real position;
- Demands a “processing fee” or “equipment deposit”;
- Receives the applicant’s money; and
- Disappears or demands additional payments.
The applicant who transferred the money is usually the central private complainant for estafa. The company’s evidence helps prove that the recruiter, job opening, offer letter, and payment demand were unauthorized.
Illegal recruitment and estafa may be prosecuted separately when the facts establish the elements of both offenses. The Supreme Court has repeatedly recognized that the two crimes protect different interests and may arise from the same recruitment scheme. (Lawphil)
Falsification and Use of Falsified Documents
Articles 171 and 172 of the Revised Penal Code may apply when the scammers fabricate or alter documents such as:
- Employment contracts
- Certificates of employment
- Company IDs
- Signatures of officers
- Job orders
- Recruitment licenses
- Receipts
- Interview notices
- Visa endorsements
- Letters printed on fake company letterhead
Falsification is not automatically established merely because a document contains false statements. Investigators must determine the type of document, the manner of falsification, the identity of the person who made or used it, and the resulting damage or intent to cause damage. (Lawphil)
Illegal Recruitment Under the Labor Code
Article 13(b) of the Labor Code broadly describes recruitment and placement activities, including canvassing, enlisting, contracting, transporting, utilizing, hiring, or procuring workers, as well as promising or advertising employment.
Under Article 38, recruitment activities undertaken by a person without the required license or authority may constitute illegal recruitment. A scammer does not necessarily escape liability simply because the supposed job never existed or because the scheme stopped before deployment. The advertisement, promise of employment, interviews, collection of documents, and demand for money may collectively establish recruitment activity. (Lawphil)
For supposed overseas jobs, Republic Act No. 8042, as amended by Republic Act No. 10022, provides additional rules on illegal recruitment involving migrant workers.
Illegal recruitment may be treated as economic sabotage when committed:
- By a syndicate involving three or more conspirators; or
- In large scale against three or more victims, individually or as a group.
The Department of Migrant Workers, formerly through the POEA, may assist victims of overseas illegal recruitment with documentation, evaluation, and referral to the proper prosecution office. (Lawphil)
Trademark, Trade-Name, and Unfair-Competition Violations
The Intellectual Property Code, Republic Act No. 8293, provides several possible remedies.
A registered trademark owner may have an infringement claim when another person uses an identical or confusingly similar mark in commerce without consent and the use is likely to confuse the public.
Registration is highly useful, but the absence of a registered trademark does not necessarily leave a business unprotected:
- Section 165 protects trade names even before or without registration against unlawful third-party use.
- Section 168 protects business goodwill against unfair competition and passing off.
- Section 169 covers false designations or representations likely to deceive people about affiliation, sponsorship, approval, or commercial connection.
Pretending that a fake recruitment service is operated, sponsored, or approved by your company can fall within these protections when the required elements are established. Sections 168 and 169 specifically address deceptive conduct involving services, business identity, affiliation, or approval. (Lawphil)
A DTI business-name certificate or SEC certificate helps prove the company’s identity and prior use, but it is not automatically equivalent to an IPOPHL trademark registration.
Civil Damages Under Articles 19, 20, and 21
The Civil Code provides broader remedies for wrongful conduct:
- Article 19 requires people to act with justice, give everyone their due, and observe honesty and good faith.
- Article 20 requires a person who causes damage through an unlawful willful or negligent act to indemnify the injured party.
- Article 21 covers willful conduct that causes loss or injury in a manner contrary to morals, good customs, or public policy.
These provisions may support a damages claim for reputational injury, investigation expenses, business disruption, or other provable losses, especially when combined with intellectual-property or cybercrime violations. (Lawphil)
Data Privacy Violations
Fake recruiters often collect résumés, identification documents, home addresses, birth dates, signatures, photographs, bank information, and family details. Unauthorized collection, use, disclosure, or retention of personal information may violate the Data Privacy Act of 2012, Republic Act No. 10173. (Lawphil)
The affected applicants are normally the relevant data subjects because the stolen information identifies them as natural persons. The company should assist them, preserve evidence, and notify the National Privacy Commission of a data-protection concern when appropriate.
A different situation arises when the scammers obtained applicant data by breaching the company’s own recruitment system, email account, cloud storage, or database. The company must then assess whether it has experienced a reportable personal-data breach and whether notification obligations to the NPC and affected individuals have been triggered.
What the Company Should Do Immediately
1. Confirm That the Posting Is Unauthorized
Check whether the advertisement came from:
- An official recruiter
- An accredited recruitment agency
- A legitimate regional office
- A third-party hiring platform engaged by the company
- An old but genuine campaign that was never removed
Record the result of the verification in writing. Identify who checked the posting, when it was checked, and why it was confirmed as fraudulent.
2. Preserve Evidence Before Requesting Removal
Do not begin by mass-reporting the page. It may disappear before you capture the evidence needed to identify the operators.
Preserve:
- Full-page screenshots showing the account name, username, post, date, and comments
- Screen recordings showing how the profile, advertisement, links, and payment instructions are connected
- Exact URLs, profile IDs, group names, and advertisement-library references
- Email messages with complete headers, not merely printed screenshots
- Chat exports from Messenger, Viber, WhatsApp, Telegram, or similar services
- Phone numbers, SIM numbers, email addresses, usernames, and QR codes
- Bank names, account names, account numbers, e-wallet numbers, and transaction receipts
- Fake contracts, IDs, offer letters, and company forms
- Statements from applicants who communicated with the scammers
- Dates and times in Philippine Standard Time
- The device and account used to access the material
Keep the original files. Avoid repeatedly editing, cropping, renaming, or converting them. Make working copies for reports and public advisories.
A simple evidence log is useful:
| Item | What to record |
|---|---|
| Social media post | URL, username, date, time, screenshots, page ID |
| Original message, complete headers, sender domain, attachments | |
| Chat | Exported conversation, profile details, dates, phone number |
| Payment | Receipt, reference number, bank or e-wallet details |
| Fake document | Original file, metadata, visible signatures and logos |
| Victim information | Full name, contact details, amount lost, affidavit status |
3. Secure the Company’s Own Systems
Determine whether this is external impersonation or an actual account compromise.
Immediately review:
- Corporate email and social media logins
- Recently created administrator accounts
- Email forwarding rules
- Password-reset activity
- Domain registrar access
- Recruitment-platform accounts
- Shared HR cloud drives
- Suspicious downloads or malware alerts
Change compromised credentials, revoke unknown sessions, and enable multi-factor authentication. For email impersonation, review SPF, DKIM, and DMARC controls with the company’s IT team.
Do not attempt to hack, trace, disable, or access the scammer’s account. Unauthorized access may itself violate RA 10175 and can damage the integrity of the investigation.
4. Issue a Clear Public Advisory
Publish an advisory through the company’s official website and verified social media accounts. It should state:
- The exact fake account names or URLs
- That the company is not connected with them
- The company’s real recruitment page, email domain, and application process
- Whether the company ever collects fees
- What applicants should do if they submitted money or personal data
- A dedicated email address for incident reports
Avoid naming a suspected individual unless the identity has been properly verified. Publicly accusing the wrong person can create separate defamation, privacy, or harassment issues.
5. Submit Takedown and Impersonation Reports
Report each fraudulent page, advertisement, domain, or account through the platform’s impersonation, fraud, trademark, or business-support channel.
Prepare the following because platforms commonly request them:
- SEC certificate, DTI registration, or equivalent foreign registration
- IPOPHL trademark certificate, if available
- Government ID of the authorized representative
- Board resolution or secretary’s certificate
- Official website and corporate email address
- Links to the fraudulent material
- Explanation of the confusion and harm
- Copies of original logos or branding materials
Ask the platform or service provider to preserve subscriber information, login records, advertisement-payment details, and relevant communications. A private request does not have the same legal force as a preservation order or cybercrime warrant, so law-enforcement reporting should not be delayed.
6. Contact Known Applicants and Victims
Provide a secure method for victims to submit evidence. Request only information that is necessary for the investigation.
Victims who sent money should immediately:
- Contact the bank or e-wallet provider;
- Ask that the transaction and recipient account be flagged;
- Preserve the complaint reference number;
- Change compromised passwords;
- Notify their bank if identity documents or account information were disclosed; and
- Execute an affidavit describing the representation, payment, and loss.
The company should not promise reimbursement unless it has legally and commercially decided to assume that obligation. The key initial role is to confirm that the recruitment was unauthorized and help preserve evidence.
7. Report the Matter to the Proper Authorities
The company does not need to choose only one agency. Different offices address different aspects of the incident.
| Office or entity | When it is relevant |
|---|---|
| PNP Anti-Cybercrime Group | Online impersonation, identity theft, phishing, fraudulent accounts |
| NBI Cybercrime Division | Organized, cross-regional, technically complex, or high-value schemes |
| DOJ Office of Cybercrime | Cybercrime coordination and incident-reporting guidance |
| CICC Hotline 1326 | Initial reporting and coordination for scams and cybercrime incidents |
| DOLE regional office | Suspected illegal recruitment for local employment |
| Department of Migrant Workers | Fake overseas jobs, job orders, agencies, or deployment promises |
| National Privacy Commission | Misuse of applicants’ personal information or a company data breach |
| IPOPHL | Trademark, trade-name, unfair-competition, or other IP enforcement issues |
| SEC | Misuse involving a registered corporation or confusing corporate registration |
| Banks and e-wallet providers | Freezing, flagging, or tracing recipient accounts, subject to legal process |
The DOJ maintains an official cybercrime incident-reporting page. The PNP Anti-Cybercrime Group or NBI may require an in-person appearance, sworn complaint, original identification, and authenticated corporate authority documents.
Report promptly. Under RA 10175 and the Supreme Court’s Rule on Cybercrime Warrants, investigators can seek preservation and disclosure of subscriber information, traffic data, and other relevant computer data through the required legal process. A Warrant to Disclose Computer Data may direct a service provider to submit covered information within the period stated by the rules. (Lawphil)
8. Prepare the Corporate Complaint Package
A strong company complaint package normally includes:
- Affidavit-complaint of the authorized representative
- Board resolution or secretary’s certificate
- SEC certificate, articles of incorporation, or DTI certificate
- Trademark and copyright records
- Evidence of actual use of the name and logo
- Incident chronology
- Evidence inventory
- Screenshots, URLs, emails, chats, and fake documents
- Public advisory
- Platform correspondence
- Affidavits from HR personnel confirming the postings were unauthorized
- Affidavits and receipts from applicants
- Proof of business loss or reputational damage
- Government-issued ID of the representative
A corporation acts through authorized natural persons. An employee who files without proof of authority may be asked to submit a board resolution or secretary’s certificate before the complaint proceeds.
Choosing Between Criminal, Civil, and Administrative Remedies
The best strategy is usually layered rather than limited to one case.
Criminal Complaint
A criminal complaint is appropriate when the evidence indicates identity theft, estafa, falsification, illegal recruitment, unauthorized access, or another offense.
After investigation, the complaint may be referred to a prosecutor for preliminary investigation. The prosecutor determines whether probable cause exists to file the case in court. Delays commonly arise from incomplete affidavits, unidentified account holders, pending platform records, multiple victims in different locations, and foreign service providers.
IPOPHL Administrative Complaint
The IPOPHL Bureau of Legal Affairs has original jurisdiction over qualifying administrative complaints involving violations of intellectual-property laws where the statutory damages threshold is met. Available provisional and final remedies may include injunctions, cease-and-desist relief, administrative fines, or other appropriate orders.
The complaint must be verified and supported by documentary evidence, witness affidavits, authority documents, and a certification against forum shopping. Current requirements should be checked through the IPOPHL adjudication page before filing. (IPOPHL)
Civil Case
A civil action may seek an injunction, damages, and other relief under the IP Code or Civil Code. It is most useful when the responsible party has been identified and has assets, operations, or continuing conduct that a court order can effectively address.
Court litigation may take much longer than a platform takedown or law-enforcement preservation request. It should not be treated as the only emergency response.
NPC Complaint
Affected applicants may file a formal complaint with the National Privacy Commission when their personal information has been unlawfully processed or misused.
The NPC’s published procedure generally requires a properly accomplished or verified complaint, supporting evidence, valid identification, and notarization. Complaints may be submitted personally, through registered mail or courier, or by authorized electronic means, subject to the NPC’s current procedural rules. (National Privacy Commission)
The company may assist applicants with documentation. If the company itself suffered a breach involving applicant data, it should separately assess its obligations as the personal information controller.
Special Issues for Foreign Companies
A foreign company does not necessarily need a Philippine business license before it can protect its mark in the Philippines.
Section 160 of RA 8293 allows a qualifying foreign national or juridical person that is not doing business in the Philippines to bring civil or administrative actions for trademark infringement, unfair competition, false designation, opposition, or cancellation, subject to the law’s requirements. (Lawphil)
A foreign company should expect to prepare:
- Certificate of incorporation or registry extract
- Proof of ownership and use of the name or mark
- Trademark registrations
- Board resolution or power of attorney
- Identity documents of the authorized representative
- Evidence connecting the fake postings to Philippine applicants or transactions
Documents executed abroad may need an apostille under the Apostille Convention. Documents from countries where apostille procedures do not apply may require the appropriate authentication process. Non-English documents should be accompanied by a reliable English translation, particularly when they will be submitted to prosecutors, courts, or Philippine agencies.
Common Mistakes That Weaken the Case
Deleting the Evidence Too Early
A successful takedown is helpful, but an undocumented takedown can leave investigators with no URL, account ID, message history, or payment trail.
Treating Screenshots as the Entire Case
Screenshots are useful but can be challenged as incomplete or altered. Preserve original emails, files, exported chats, URLs, metadata, and devices where reasonably possible.
Relying Only on a Public Advisory
An advisory reduces harm but does not identify the perpetrators, preserve platform data, or address applicants whose documents and money were already taken.
Filing Without Victim Affidavits
A company can prove impersonation, but an applicant is usually needed to prove the exact promise, reliance, payment, and financial loss supporting estafa.
Assuming SEC or DTI Registration Solves Everything
Corporate and business-name registrations help establish identity. They do not automatically remove fake pages, freeze bank accounts, identify anonymous users, or replace trademark and criminal remedies.
Publicly Threatening Unidentified Suspects
Aggressive public accusations may alert the scammers, cause evidence to disappear, or wrongly implicate an innocent account owner whose account was hacked or whose identification was stolen.
Collecting Victim Evidence Insecurely
Applicants may send passports, IDs, receipts, and bank information. Use restricted folders, access controls, retention limits, and a privacy notice. Do not create a second data-security problem while investigating the first.
Frequently Asked Questions
Can we file a case even if no applicant paid money?
Yes. Lack of payment may affect an estafa charge, but computer-related identity theft, attempted fraud, illegal recruitment, trade-name violations, unfair competition, or falsification may still be relevant. RA 10175 expressly contemplates identity theft even when damage has not yet occurred.
Is using our logo automatically trademark infringement?
Not automatically. Trademark infringement requires proof of the legal elements, including ownership of a protected mark and use likely to cause confusion. Even without a registered mark, trade-name protection, unfair competition, false designation, copyright, and civil remedies may apply.
Should we report the fake page before taking screenshots?
Preserve the page first unless continued publication creates an immediate and severe risk. Capture the URL, username, page ID, posts, comments, payment instructions, and linked accounts before requesting removal.
Can the company file estafa for applicants who lost money?
The company can report the broader scheme and provide evidence, but the applicants who transferred money are normally the direct victims of the deceit and should execute their own affidavits. Their testimony and payment records are important.
Is a recruitment fee required for illegal recruitment?
Not in every situation. Philippine law defines recruitment activity broadly. Advertising or promising employment, collecting applicants, conducting interviews, or processing supposed deployment may be relevant even before a fee is successfully collected.
Where should fake overseas job postings be reported?
Report them to the Department of Migrant Workers, the PNP Anti-Cybercrime Group or NBI, and the platform carrying the advertisement. Applicants should verify both the recruitment agency and the approved job order through official DMW channels.
Can we ask a bank to disclose the scammer’s identity?
You may report and request that the account be flagged, but banks and e-wallet providers are subject to privacy, bank-secrecy, and regulatory rules. Disclosure or freezing commonly requires the appropriate law-enforcement, court, or statutory process.
Can a foreign company bring a Philippine trademark case?
Yes, in qualifying cases. Section 160 of RA 8293 permits certain foreign nationals and juridical persons to bring Philippine trademark and unfair-competition actions even if they are not licensed to do business in the country.
How long does a fake-job-posting case take?
Platform takedowns may occur within hours or several days, but there is no guaranteed period. Identification of anonymous operators may take weeks or months because investigators may need preservation requests, cybercrime warrants, financial records, and responses from foreign platforms. Prosecution and civil litigation can take substantially longer.
Should the company reimburse applicants?
There is no automatic rule making an impersonated company liable for every payment made to a scammer. Liability depends on the facts, including whether the company contributed to the loss through negligence, a security breach, misleading communications, or inadequate handling of known risks. Reimbursement decisions should be separated from evidence collection and victim assistance.
Key Takeaways
- Preserve complete digital evidence before requesting takedowns.
- Confirm the fraud internally and secure the company’s real accounts and recruitment systems.
- Publish a precise advisory identifying official recruitment channels and stating whether fees are ever collected.
- Report the scheme promptly to cybercrime authorities so platform and subscriber data can be preserved through legal process.
- Obtain individual affidavits and payment records from applicants who lost money.
- Consider RA 10175, estafa, falsification, illegal recruitment, intellectual-property law, Civil Code damages, and data-privacy rules based on the actual conduct.
- Use board authority documents, corporate registrations, trademark records, and an organized evidence inventory.
- Treat platform removal, criminal investigation, regulatory reporting, and civil or IP enforcement as complementary remedies rather than substitutes for one another.