What to Do If You Are a Victim of a Cryptocurrency Fraud Scheme in the Philippines

If you lost money to a cryptocurrency fraud scheme in the Philippines, act quickly but carefully. Crypto transfers are often irreversible, but speed can still matter: banks, e-wallets, licensed virtual asset service providers, law enforcement, and regulators may be able to preserve records, flag accounts, identify money mules, or support a criminal complaint. This guide explains what to do in the first hours and days, which Philippine laws may apply, where to report the scam, what evidence to prepare, and what realistic recovery options are available.

What Counts as Cryptocurrency Fraud in the Philippines?

Cryptocurrency fraud is not limited to someone “hacking” your wallet. In Philippine practice, many crypto-related complaints involve a mix of investment fraud, cybercrime, estafa, identity theft, fake trading platforms, and money mule accounts.

Common examples include:

  • A person promises “guaranteed” crypto profits, daily payouts, or fixed returns if you send money or crypto.
  • A fake exchange or wallet app lets you deposit funds but blocks withdrawal unless you pay more “tax,” “gas fee,” “unlocking fee,” or “anti-money laundering clearance.”
  • A romance scammer convinces you to invest through a platform they control.
  • A Telegram, Facebook, WhatsApp, Viber, or Discord group promotes a token, mining plan, staking pool, or “AI trading bot” that later disappears.
  • Someone impersonates a legitimate exchange, bank, e-wallet, broker, government agency, or lawyer.
  • Your identity documents, selfie, OTP, seed phrase, private key, or e-wallet credentials are obtained through deception.
  • You are asked to “rent,” “lend,” or “receive” money through your bank account or e-wallet, which may expose you to money mule liability.

Under the SEC’s 2025 Crypto-Asset Service Provider framework, a crypto-asset is a cryptographically secured digital representation of value or a right that can be transferred, stored, or traded electronically, and crypto-asset services include offering crypto-assets to the public, operating a trading venue, and crypto-asset intermediation activities. (InsightPlus)

First 24 Hours: Immediate Steps to Limit the Damage

1. Stop sending money immediately

Scammers often ask for one more payment to “release” your funds. Do not pay additional “withdrawal fees,” “taxes,” “verification charges,” “lawyer fees,” “police clearance fees,” or “recovery deposits.” In many cases, these are part of the same fraud.

Also be careful of so-called recovery agents. A second scam commonly targets victims by promising to “hack back” funds, trace wallets, or recover crypto for an advance fee.

2. Secure your accounts and devices

Change passwords for your email, crypto exchange, e-wallet, bank, social media, and cloud storage accounts. Enable multi-factor authentication using an authenticator app where possible.

If you shared a seed phrase, private key, recovery phrase, or wallet backup, assume the wallet is compromised. Move remaining assets to a new wallet that was created on a clean device. Do not reuse the same seed phrase.

If you installed an APK, remote access app, browser extension, or “trading software” sent by the scammer, disconnect the device from the internet and avoid using it for banking or crypto until it has been checked.

3. Report the transaction to your bank, e-wallet, or licensed platform

If you paid through a Philippine bank, e-wallet, credit card, debit card, QR code, online transfer, or local crypto platform, report the transaction immediately through the provider’s fraud or customer protection channel. Ask for:

  • A fraud report or ticket number
  • Temporary hold, freezing, or restriction of the receiving account, if still possible
  • Written confirmation of your report
  • Instructions for submitting a police report or complaint-affidavit
  • Transaction records showing date, time, amount, reference number, recipient account, and recipient name or mobile number

For unresolved complaints against BSP-supervised financial institutions, the BSP says consumers may use the BSP Online Buddy or BOB, and BOB provides a unique case reference number when a complaint is submitted. The BSP page also states that email or postal submissions are evaluated and responded to within seven banking days from receipt. (Bureau of Soils and Water Management)

4. Preserve evidence before the scammer deletes it

Do not rely only on screenshots. Save evidence in several formats.

Prepare:

  • Screenshots of chats, profile pages, group chats, advertisements, posts, and promises of profit
  • Full names, aliases, usernames, mobile numbers, email addresses, website URLs, referral codes, wallet addresses, QR codes, and bank/e-wallet details
  • Transaction confirmations, bank receipts, e-wallet receipts, exchange withdrawal records, blockchain transaction hashes, and wallet addresses
  • Copies of contracts, whitepapers, investment plans, certificates, IDs, “SEC registration” claims, licenses, and receipts
  • Screen recordings showing the website or app dashboard, especially if withdrawals are blocked
  • Links to social media pages, websites, app store listings, Telegram channels, Discord servers, and Facebook groups
  • Names and contact details of witnesses or other victims

For blockchain transactions, save the transaction hash and wallet address. A screenshot alone may not be enough because investigators may need the exact wallet address and transaction ID.

5. Report urgent cyber fraud to the government hotline

The Inter-Agency Response Center Hotline 1326 is used for reporting online scams. A Philippine Information Agency report describes Hotline 1326 as a 24/7 central number for online selling scams, deceitful text messages, emails, romance scams, impersonation, investment fraud, cybercrimes, and phishing. (Philippine Information Agency)

Calling 1326 is not a substitute for a formal criminal complaint, but it can help document the incident early and may guide you on the next agency to approach.

Legal Basis: What Philippine Laws May Apply?

Revised Penal Code: Estafa and Other Deceits

Many cryptocurrency scams may fall under estafa, also called swindling, under Article 315 of the Revised Penal Code. Estafa commonly applies when a person defrauds another through false pretenses, fraudulent acts, fictitious names, imaginary transactions, or abuse of confidence. Article 315 includes fraud by false pretenses or fraudulent acts executed before or at the same time as the fraud, such as falsely pretending to possess qualifications, business, property, agency, or imaginary transactions. (Lawphil)

In crypto cases, estafa may be relevant where the scammer:

  • Pretended to be a licensed broker, exchange officer, trader, or investment manager
  • Promised returns that were never realistically intended
  • Used fake screenshots of profits or withdrawals
  • Created a false trading dashboard
  • Received money for a stated purpose but converted it for personal use
  • Misrepresented that the investment was registered, insured, or government-approved

A criminal case can include a claim for civil liability, such as restitution of the amount lost, damages, and costs allowed by law.

Cybercrime Prevention Act: Online Fraud, Identity Theft, and ICT-Enabled Estafa

Republic Act No. 10175, or the Cybercrime Prevention Act of 2012, applies when computers, phones, networks, apps, websites, or online platforms are used in committing the offense. The law expressly covers computer-related fraud and computer-related identity theft. (Supreme Court E-Library)

The same law provides that crimes under the Revised Penal Code and special laws, when committed through information and communications technologies, are covered by RA 10175, with the penalty one degree higher. It also states that prosecution under the Cybercrime Prevention Act is without prejudice to liability under the Revised Penal Code or special laws. (Supreme Court E-Library)

This matters because crypto fraud often happens through online chats, fake websites, mobile apps, phishing links, social media, or electronic wallets.

The NBI and PNP are the primary law enforcement agencies under RA 10175. The law directs them to organize cybercrime units or centers manned by special investigators for cybercrime cases. (Supreme Court E-Library)

Securities Regulation Code: Unregistered Investment Solicitation

Republic Act No. 8799, or the Securities Regulation Code, protects investors and requires full and fair disclosure in securities transactions. The law defines securities to include shares, participation or interests in a corporation or profit-making venture, investment contracts, and similar instruments. (Supreme Court E-Library)

Section 8.1 of the Securities Regulation Code provides that securities shall not be sold, offered for sale, or distributed in the Philippines without a registration statement filed with and approved by the SEC. (Supreme Court E-Library)

A crypto scheme may involve securities when it is structured as an investment contract. In SEC v. Prosperity.Com, Inc., the Supreme Court described an investment contract as a contract, transaction, or scheme where a person invests money in a common enterprise and expects profits primarily from the efforts of others. (Supreme Court E-Library)

In Power Homes Unlimited Corp. v. SEC, the Supreme Court upheld the SEC’s cease-and-desist order against a scheme found to involve the sale or offer of unregistered investment contracts. (Supreme Court E-Library)

For crypto victims, this is important because scammers often say, “This is crypto, so SEC rules do not apply.” That is not necessarily true. If the scheme involves public solicitation of money with expected profit mainly from the efforts of promoters, traders, bots, mining operators, or platform managers, securities and investment fraud rules may be involved.

SEC Crypto-Asset Service Provider Rules

The SEC’s 2025 Crypto-Asset Service Provider Rules cover CASPs offering crypto-asset services and third-party service providers marketing crypto-assets or crypto-asset services. The rules recognize crypto-assets as financial products in relation to SEC supervision and protect crypto-asset financial consumers’ rights to fair treatment, disclosure, protection of assets against fraud and misuse, data privacy, and timely complaint handling. (InsightPlus)

The rules also state that crypto-assets shall not be sold, offered for sale, or distributed in the Philippines without complying with the CASP Rules and Guidelines, and that disclosure documents must be filed and published before marketing or offering. (InsightPlus)

Marketing is also regulated. The CASP Rules state that no person or entity may engage in marketing or inducement to purchase crypto-assets or crypto-asset services unless registered as a corporation under Philippine law and licensed by the concerned regulatory agencies. The rules also treat social media posts, videos, live streams, advertisements, events, airdrops, and certain sponsored educational content as possible marketing. (InsightPlus)

Financial Products and Services Consumer Protection Act

Republic Act No. 11765, or the Financial Products and Services Consumer Protection Act of 2022, protects financial consumers’ rights to fair treatment, disclosure and transparency, protection of assets against fraud and misuse, data privacy, and timely redress of complaints. It also defines investment fraud to include deceptive solicitation of investments from the public, Ponzi schemes, and offering or selling investment schemes without an SEC license or permit unless exempt. (Supreme Court E-Library)

RA 11765 gives financial regulators, including the BSP and SEC, enforcement and consumer redress powers. The law also allows the BSP and SEC to adjudicate certain purely civil financial consumer claims for payment or reimbursement of money not exceeding ₱10 million, when the case falls within their jurisdiction. (Supreme Court E-Library)

This remedy is most useful where the respondent is a regulated or supervised financial service provider. It is usually not a full substitute for criminal complaints against unknown scammers, fake platforms, or syndicates.

Anti-Financial Account Scamming Act: Money Mules and Social Engineering

Republic Act No. 12010, or the Anti-Financial Account Scamming Act, was enacted in 2024 to address financial account scams, money muling, and social engineering schemes. It covers financial accounts such as bank accounts, e-wallets, and other accounts used for financial products or services. (Lawphil)

The law penalizes money muling activities, including using, borrowing, allowing the use of, buying, renting, selling, lending, or recruiting another person to use a financial account for proceeds known to be derived from crimes or social engineering schemes. It also covers social engineering schemes involving deception to obtain sensitive identifying information that results in unauthorized access and control over another person’s financial account. (Lawphil)

A victim should therefore be careful not to let anyone use their bank account, e-wallet, SIM, exchange account, or verified crypto account to “receive” funds. Even if you were originally a victim, allowing your account to be used by scammers can create serious legal risk.

Civil Code Remedies: Restitution and Damages

Apart from criminal liability, Philippine civil law may support recovery of money or damages. Civil Code Articles 19, 20, and 21 require honesty, good faith, and compensation for wrongful damage. Article 22 also embodies unjust enrichment: a person who obtains something at another’s expense without legal ground must return it. (Lawphil)

If there was a contract, platform terms, investment agreement, or written undertaking, Article 1170 of the Civil Code may be relevant because those guilty of fraud, negligence, delay, or breach of obligations may be liable for damages. (Supreme Court E-Library)

Where to Report a Cryptocurrency Scam in the Philippines

Situation Where to Report Why It Matters
You paid through a bank, e-wallet, card, QR transfer, or local payment channel Your bank, e-wallet, card issuer, or payment provider first; then BSP if unresolved They may flag, restrict, or investigate the account and give transaction records
Online scam, fake app, phishing, hacked account, identity theft, fake website PNP Anti-Cybercrime Group or NBI Cybercrime Division These agencies handle cybercrime investigation under RA 10175
Investment solicitation, Ponzi scheme, fake crypto trading group, unlicensed investment platform SEC Enforcement and Investor Protection channels / SEC iMessage SEC handles unregistered securities, investment fraud, and CASP-related matters
Urgent online scam report Hotline 1326 / CICC-linked reporting channels Early reporting may help routing and documentation
Large-scale laundering, mule accounts, organized syndicate Law enforcement, with possible referral to AMLC through proper channels Victims cannot directly freeze accounts, but reports may support AML escalation
Foreign victim or OFW abroad Philippine Embassy or Consulate for notarials; file with Philippine agencies online or through representative where available Affidavits and SPAs may need consular notarization or apostille depending on where executed

The NBI Cybercrime Division’s Citizen’s Charter states that investigative assistance for victims of computer crimes is available to the general public, with no listed fee, and includes filing a complaint sheet, preliminary interview, sworn statements or prepared affidavits, and collection of supporting documents. (National Bureau of Investigation)

Step-by-Step Guide to Filing a Complaint

Step 1: Make a clear timeline

Write a simple chronological statement:

  1. When and how you first encountered the person or platform
  2. What was promised
  3. Who made the promise
  4. How much you paid and through what channel
  5. Wallet addresses, bank accounts, e-wallet numbers, or exchange accounts used
  6. When you tried to withdraw or recover funds
  7. What excuses or additional payment demands were made
  8. What you did after discovering the fraud

A timeline helps investigators quickly understand the case instead of sorting through hundreds of screenshots.

Step 2: Prepare a complaint-affidavit

A complaint-affidavit is a sworn written statement of facts. It usually contains:

  • Your full name, address, nationality, contact details, and valid ID
  • The respondent’s known name, alias, usernames, accounts, addresses, and contact details
  • A clear narration of the fraud
  • The amount lost, with dates and transaction references
  • Screenshots and documents marked as annexes
  • The laws possibly violated, such as estafa, cybercrime, securities violations, or financial account scamming
  • A statement that you are willing to testify and submit further evidence

If the complaint will be filed with law enforcement or the prosecutor, the affidavit must usually be notarized or sworn before an authorized officer.

Step 3: File with the proper agency

For cyber-enabled fraud, file with the NBI Cybercrime Division or PNP Anti-Cybercrime Group. For investment schemes and unregistered solicitation, file a parallel report with the SEC. If your bank or e-wallet failed to handle your complaint properly, escalate to the BSP after first reporting to the institution.

Do not assume one report automatically triggers every agency. In practice, victims often need parallel filings because each office has a different function:

  • Law enforcement investigates crimes and identifies suspects.
  • Prosecutors determine probable cause and file cases in court.
  • SEC investigates unregistered investment solicitation and regulatory violations.
  • BSP handles complaints involving BSP-supervised financial institutions.
  • Banks, e-wallets, and exchanges hold records and may implement internal fraud controls.

Step 4: Ask for written proof of filing

Keep copies of:

  • Complaint sheet
  • Receiving copy of affidavit
  • Reference number
  • Email acknowledgment
  • Ticket number
  • Police blotter or incident report, if issued
  • Agency endorsement or referral

Banks, e-wallets, exchanges, insurers, or foreign agencies may ask for proof that a formal complaint was filed.

Step 5: Follow up in writing

Cybercrime investigations can take time because investigators may need records from banks, e-wallets, telecom providers, exchanges, website hosts, or foreign platforms. Follow up politely and in writing. Always include your reference number, date of filing, full name, and short summary.

Can the Scammer’s Bank or E-Wallet Account Be Frozen?

A victim cannot personally issue a freeze order. In practice, there are different levels of restriction:

  1. Internal fraud hold by the bank, e-wallet, or exchange. This may happen after a timely fraud report, but it depends on the institution’s policies, available balance, and investigation.
  2. Law enforcement preservation or investigation requests. These may help secure records and identify account holders.
  3. Court-issued or AMLC-related freeze orders. Under anti-money laundering rules, freeze orders generally involve the AMLC and the Court of Appeals. RA 11521 states that the Court of Appeals may issue a freeze order effective immediately for 20 days, subject to legal rules on extension. (Lawphil)

This is why speed matters. Scam proceeds are often moved quickly through mule accounts, e-wallets, crypto wallets, and foreign exchanges.

What Evidence Is Most Useful in a Crypto Fraud Case?

Evidence Why It Helps
Transaction hash Allows tracing on the blockchain
Wallet address Identifies destination and movement of crypto
Bank/e-wallet receipt Connects fiat payment to a person or account
Screenshot of payment instruction Shows where the scammer told you to send money
Chat logs Shows promises, deception, and identity claims
Social media links Helps identify promoters and co-conspirators
Fake license or SEC certificate Helps prove misrepresentation
Platform dashboard screen recording Shows blocked withdrawals or fake balances
Valid ID and affidavit Needed for formal complaint filing
Names of other victims May show a broader scheme or syndicate pattern

When printing screenshots, include the date, time, URL, username, and phone number where visible. For digital copies, keep the original files because metadata may help.

Special Issues for OFWs, Foreigners, and Victims Abroad

Filipinos abroad and foreign victims can still report a crypto scam connected to the Philippines if the scammer, bank account, e-wallet, platform, promoter, or victimization has a Philippine connection.

Common issues include:

  • Affidavits executed abroad. Philippine embassies and consulates can notarize private documents such as affidavits and special powers of attorney. (Philippine Embassy)
  • Apostille requirements. For foreign public documents to be used in the Philippines, apostille or consular rules may matter depending on the country. DFA guidance states that apostillization by the DFA applies to Philippine public documents for use abroad, while foreign documents follow the rules of the issuing country and receiving authority. (Apostille Philippines)
  • Special Power of Attorney. If someone in the Philippines will file, follow up, or receive documents for you, they may need an SPA.
  • Language and translation. Foreign-language chats, bank documents, and IDs may need certified translation if used in formal proceedings.
  • Time zone and communication delays. Use email filings where available, but expect some offices to require personal appearance, video verification, or sworn documents.

Foreigners should also keep immigration status separate from the fraud complaint. Being a foreign victim does not prevent filing, but proof of identity, authority to sign documents, and properly authenticated foreign records may be required.

Common Mistakes That Hurt Crypto Scam Complaints

Believing that SEC registration alone means an investment is legal

A corporation may be registered with the SEC as a company but still have no authority to solicit investments from the public. For securities and investment contracts, the key question is whether the offer itself is registered or exempt, and whether the seller has the required license.

Filing only a barangay blotter

A barangay blotter may help document a local incident, but crypto fraud, cybercrime, investment fraud, and cross-border scams usually require law enforcement, prosecutor, SEC, BSP, or platform-level reporting. Barangay conciliation is often not enough and may not apply to serious criminal or cybercrime matters.

Sending only screenshots without transaction details

For crypto, the wallet address and transaction hash are critical. For bank or e-wallet payments, the recipient account number, mobile number, reference number, date, time, and amount are important.

Waiting too long

Crypto funds can move through multiple wallets in minutes. Bank and e-wallet proceeds can be withdrawn or transferred quickly. Delay reduces the chance of tracing, restriction, or recovery.

Paying “withdrawal taxes” to the scammer

Legitimate Philippine taxes are not paid to a random trader, Telegram admin, or platform wallet to unlock withdrawals. Fake tax or AML clearance demands are common signs of fraud.

Deleting the app or chat too early

Do not delete messages, accounts, or apps until evidence has been preserved. If you must secure your device, take screenshots, export chats, save links, and create backups first.

Realistic Recovery Options

Recovery depends on where the money went and how fast you act.

Possible routes include:

  • Reversal or chargeback, if the payment method allows it
  • Internal restriction of a receiving bank or e-wallet account
  • Return of funds if the receiving institution still holds the amount
  • Criminal case with civil liability for restitution
  • Civil action for recovery of sum of money, damages, or unjust enrichment
  • Regulatory action by SEC or BSP against a supervised entity
  • AMLC-related action in large or organized cases, through proper law enforcement channels
  • Cooperation with foreign exchanges if the crypto reached a regulated offshore platform

The hardest cases are those involving self-custody wallets, offshore exchanges with weak compliance, fake names, mule accounts, and funds already converted through mixers, privacy coins, peer-to-peer cash-outs, or foreign accounts.

Frequently Asked Questions

Can I still recover crypto after sending it to a scammer?

Sometimes, but recovery is difficult. Blockchain transfers are usually irreversible. The best chance is when funds are still on a regulated exchange, bank-linked platform, or identifiable account that can be frozen, restricted, or investigated quickly.

Should I report to the PNP or NBI?

For cyber-enabled crypto fraud, either the PNP Anti-Cybercrime Group or NBI Cybercrime Division may be appropriate. The NBI Cybercrime Division’s process includes complaint intake, preliminary interview, sworn statements, and evidence collection, with no listed fee in its Citizen’s Charter. (National Bureau of Investigation)

Should I also report to the SEC?

Yes, if the scheme involved investment solicitation, promised profits, a token sale, staking plan, trading bot, mining package, referral earnings, or a platform offering crypto-asset services to the Philippine public. The SEC handles securities, investment fraud, and CASP-related regulation.

Is cryptocurrency illegal in the Philippines?

Cryptocurrency itself is not automatically illegal. The legal issue is usually how it is offered, marketed, traded, held, or used. BSP rules regulate certain virtual asset service providers, while SEC rules regulate crypto-asset service providers and crypto-assets offered as financial products or securities. BSP Circular No. 1108 established guidelines for VASPs, recognizing both the financial innovation potential and the risks of virtual assets.

How do I check if a crypto platform is authorized?

Check official regulator lists. The BSP publishes a list of Virtual Asset Service Providers, and its list was updated as of 31 May 2026. (Bureau of Soils and Water Management) For crypto-asset services and investment solicitation, also check SEC registration, licenses, advisories, and whether the specific offering is authorized.

What if the scammer used a GCash, Maya, bank, or QR PH account?

Report immediately to the provider and request a fraud ticket. Provide the amount, date, time, reference number, sender account, recipient account, screenshots, and police or complaint reference if available. If the institution does not resolve the issue, BSP escalation may be available through BOB for BSP-supervised financial institutions. (Bureau of Soils and Water Management)

What if I gave my ID, selfie, or OTP?

Treat it as identity theft risk. Report it to the platform, bank, e-wallet, or telecom provider involved. Change passwords, secure accounts, monitor unauthorized transactions, and include the ID compromise in your cybercrime complaint. RA 10175 covers computer-related identity theft involving intentional acquisition, use, misuse, transfer, possession, alteration, or deletion of identifying information without right. (Supreme Court E-Library)

Do I need a lawyer to file a complaint?

You can file a complaint personally with law enforcement or regulators. However, for large losses, multiple victims, foreign parties, or complex evidence, legal assistance can help organize affidavits, annexes, legal theories, and follow-up filings.

Can a foreigner file a crypto fraud complaint in the Philippines?

Yes, if there is a Philippine connection, such as a Philippine bank account, e-wallet, company, promoter, website operator, victim location, or transaction route. Foreign affidavits, identity documents, and authority documents may need notarization, consular notarization, apostille, or translation depending on where they were executed and where they will be submitted.

Is a fake crypto investment a cybercrime, estafa, or securities violation?

It can be more than one. A single scheme may involve estafa under the Revised Penal Code, cybercrime under RA 10175, unregistered securities or investment fraud under RA 8799 and RA 11765, financial account scamming under RA 12010, data privacy violations, and money laundering issues. The correct classification depends on the facts.

Key Takeaways

  • Act fast: report to your bank, e-wallet, exchange, or card provider immediately.
  • Preserve evidence before chats, websites, and accounts disappear.
  • File with the NBI or PNP for cyber-enabled fraud, and with the SEC for investment solicitation or crypto-asset service issues.
  • Use BSP channels for unresolved complaints involving BSP-supervised financial institutions.
  • Do not pay more “withdrawal,” “tax,” “verification,” or “recovery” fees.
  • SEC company registration is not the same as authority to solicit investments.
  • Crypto fraud may involve estafa, cybercrime, securities violations, financial account scamming, civil damages, and money laundering issues.
  • Recovery is possible in some cases, but it depends heavily on speed, evidence quality, and whether funds reached traceable or regulated accounts.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login