If you were tricked into sending money online, lost access to your bank or e-wallet account, paid a fake seller, or were lured into a bogus investment or crypto scheme, act quickly. In Philippine online fraud cases, the first hours matter because money can move through several bank or e-wallet accounts within minutes. This guide explains what online fraud means under Philippine law, what to do immediately, where to report, what evidence to prepare, how banks and law enforcement usually handle these cases, and what options victims may have to recover money or hold scammers accountable.
What Counts as Online Fraud in the Philippines?
Online fraud is not limited to one crime. In practice, Philippine authorities may treat an online scam as estafa, computer-related fraud, identity theft, access device fraud, financial account scamming, or a combination of offenses.
Common examples include:
- A fake online seller who accepts payment but never ships the item.
- A scammer pretending to be a bank, e-wallet, courier, government office, or employer.
- A phishing link that captures your OTP, password, PIN, or card details.
- A fake investment, crypto, forex, “tasking,” or “double-your-money” scheme.
- A romance scam where the person builds trust, then asks for money.
- A hacked social media account used to ask friends or relatives for funds.
- Unauthorized credit card, debit card, online banking, or e-wallet transactions.
- A “money mule” arrangement where someone asks to use your bank or e-wallet account to receive or transfer money.
The important point is this: you do not need to know the scammer’s real name before reporting. Many victims only have a mobile number, account name, QR code, username, email address, link, or transaction receipt. Those details can still be useful.
First 24 Hours: What to Do Immediately After an Online Scam
1. Stop communicating and do not send more money
Scammers often ask for an additional “release fee,” “tax,” “verification fee,” “customs fee,” “recovery charge,” or “lawyer fee.” This is usually a second layer of fraud.
Do not argue with the scammer or threaten them. Take screenshots first. If they think you are reporting, they may delete accounts, messages, listings, or posts.
2. Secure your accounts
If you clicked a link, gave an OTP, installed an app, shared your screen, or gave personal information:
- Change passwords for your email, bank, e-wallet, social media, and shopping accounts.
- Turn on multi-factor authentication.
- Log out all devices where possible.
- Call your bank or e-wallet provider to block the card, freeze the account, reset credentials, or dispute unauthorized transactions.
- Check whether your recovery email, phone number, or security questions were changed.
- If your phone was compromised, remove suspicious apps and consider using a clean device for banking.
For e-wallets and banks, report through the institution’s official in-app help channel, hotline, branch, or published consumer assistance channel. Do not rely on random Facebook pages or “customer support” numbers sent by strangers.
3. Report the disputed transaction to the bank or e-wallet immediately
If money moved through a bank, e-wallet, or payment service provider, time is critical. Give the institution:
- Your full name and contact details.
- Date and exact time of transfer.
- Amount.
- Sender and recipient account numbers, wallet numbers, QR codes, or reference numbers.
- Screenshots of the conversation and payment proof.
- A short statement that the transaction is fraudulent or unauthorized.
Under the Anti-Financial Account Scamming Act, Republic Act No. 12010, banks and BSP-supervised institutions have mechanisms for disputed transactions, coordinated verification, and temporary holding of funds. The law allows institutions to temporarily hold funds subject of a disputed transaction within the period prescribed by BSP, not exceeding 30 calendar days, unless extended by a court.
This does not guarantee recovery. If the money has already been withdrawn or transferred through several accounts, recovery becomes harder. But a fast report gives your bank or e-wallet a better chance to trace or hold remaining funds.
4. Preserve evidence properly
Do not just take one screenshot. Build a clear evidence folder.
Save:
- Full chat history, including profile names, usernames, phone numbers, and timestamps.
- Screenshots of the product listing, ad, page, group post, website, or investment platform.
- Payment receipts, bank slips, e-wallet confirmations, reference numbers, QR codes, and account names.
- Emails, SMS messages, OTP requests, call logs, and links sent to you.
- Delivery tracking numbers, fake invoices, or fake IDs sent by the scammer.
- URLs of websites, social media profiles, posts, marketplace listings, or Telegram/WhatsApp/Viber accounts.
- Screen recordings if the fraudulent platform still displays your account balance or transaction history.
- Names and contact details of witnesses, if any.
When possible, export conversations rather than relying only on cropped screenshots. Courts and investigators prefer evidence that shows context, dates, and continuity.
5. Report to the platform
Report the account, page, listing, ad, group, or website to the platform where the scam happened. For online marketplaces, use the platform’s buyer protection or dispute process. For social media scams, report the profile and preserve the URL before it disappears.
For purchases from online merchants or e-marketplaces, the Internet Transactions Act of 2023, Republic Act No. 11967, requires digital platforms and e-marketplaces to provide redress mechanisms and, in certain cases, information relevant to investigations based on a sworn complaint.
Philippine Laws That May Apply to Online Fraud
Estafa under the Revised Penal Code
Many online scams are prosecuted as estafa, or swindling, under Article 315 of the Revised Penal Code.
In simple terms, estafa usually involves:
- Deceit or abuse of confidence;
- Damage or loss to the victim; and
- A connection between the deceit and the victim’s act of giving money, property, or a benefit.
Example: A seller falsely represents that an item exists, asks for payment, then disappears. Another example is a person who pretends to be a bank employee and tricks the victim into revealing credentials that allow money to be withdrawn.
If the fraud is committed through information and communications technology, the Cybercrime Prevention Act of 2012, Republic Act No. 10175, may also apply. Section 6 of RA 10175 covers crimes under the Revised Penal Code and special laws when committed through ICT, with a higher penalty.
Computer-related fraud and identity theft
RA 10175 also penalizes computer-related offenses, including computer-related fraud and identity theft. These provisions may apply when the scam involves unauthorized access, manipulation of computer data, use of stolen credentials, fake online identities, or fraudulent electronic communications.
For investigation, cybercrime authorities may need subscriber information, traffic data, account records, or device data. The Supreme Court’s Rule on Cybercrime Warrants, A.M. No. 17-11-03-SC, governs warrants and orders for preservation, disclosure, interception, search, seizure, and examination of computer data.
Anti-Financial Account Scamming Act
RA 12010 is especially relevant to phishing, e-wallet scams, bank transfer fraud, and money mule accounts.
It penalizes, among others:
- Money muling, such as using, borrowing, selling, lending, buying, renting, or recruiting others to use financial accounts for proceeds of crimes or social engineering schemes.
- Social engineering schemes, where a person obtains sensitive identifying information through deception or fraud, resulting in unauthorized access or control over another person’s financial account.
- Economic sabotage, when the prohibited acts involve circumstances such as a group of three or more persons, three or more victims, use of mass mailers, or human trafficking.
RA 12010 also states that prosecution under that law is without prejudice to liability under the Revised Penal Code, the Access Devices Regulation Act, the Anti-Money Laundering Act, and RA 10175.
Access Devices Regulation Act
Republic Act No. 8484 applies to fraud involving access devices, which include cards, account numbers, PINs, codes, and other means of account access used to obtain money, goods, services, or transfer funds.
This law may apply to unauthorized credit card use, stolen account credentials, fraudulent card applications, possession or use of unauthorized access devices, and similar acts.
Consumer and e-commerce laws
If the issue is a defective product, non-delivery by a real online merchant, refund refusal, or misleading online sale, it may also involve consumer protection remedies.
Relevant laws include:
- Consumer Act of the Philippines, Republic Act No. 7394;
- Internet Transactions Act of 2023, Republic Act No. 11967.
A practical distinction matters:
| Situation | Usual route |
|---|---|
| Real business, identifiable seller, refund or defective product issue | Platform dispute process, DTI complaint, consumer remedies |
| Fake seller using a false name or mule account | PNP/NBI/CICC cybercrime complaint, bank/e-wallet dispute |
| Unauthorized bank/e-wallet transaction | Bank/e-wallet dispute, BSP escalation, PNP/NBI/CICC |
| Phishing, identity theft, hacking | PNP/NBI/CICC, possible NPC complaint if personal data misuse is involved |
Civil liability and damages
A victim may also have civil claims under the Civil Code, including:
- Article 19: every person must act with justice, give everyone his due, and observe honesty and good faith.
- Article 20: a person who willfully or negligently causes damage contrary to law must indemnify the injured party.
- Article 21: a person who willfully causes loss or injury contrary to morals, good customs, or public policy must compensate the injured party.
- Article 22: no one may unjustly enrich himself at another’s expense.
- Article 2176: quasi-delict, where damage is caused by fault or negligence when there is no pre-existing contractual relation.
In criminal cases, civil liability is generally deemed included unless reserved or waived. This matters because a conviction for estafa or related fraud may include restitution or indemnity.
Where to Report Online Fraud in the Philippines
| Office or platform | Best for | Practical notes |
|---|---|---|
| Bank, e-wallet, credit card issuer, payment provider | Freezing, blocking, disputing, tracing, or holding funds | Report immediately. Ask for a case/reference number. |
| PNP Anti-Cybercrime Group (PNP-ACG) | Cybercrime investigation, online scam reports, evidence preservation | You may report through PNP-ACG channels or a regional cybercrime unit. |
| NBI Cybercrime Division | Cybercrime investigation, digital evidence, organized scams | The NBI lists its Cybercrime Division contact at ccd@nbi.gov.ph. |
| CICC / Inter-Agency Response Center | Centralized cybercrime and scam reporting | BSP’s official guide lists CICC at report@cicc.gov.ph and hotline 1326. |
| BSP Consumer Assistance Mechanism | Unresolved complaints against BSP-supervised financial institutions | BSP generally expects you to complain first to the bank/e-wallet’s consumer assistance channel before escalating through BSP Online Buddy (BOB). |
| DTI Consumer Care | Online seller or e-commerce consumer complaints involving merchants | Use the DTI Consumer CARe system for consumer complaints. |
| National Privacy Commission | Misuse of personal data, identity theft issues involving data privacy violations | The NPC requires a complaint in proper form, usually notarized, submitted through its formal complaint process. |
| City or Provincial Prosecutor | Filing a criminal complaint for preliminary investigation | Usually requires a complaint-affidavit and supporting evidence. |
Step-by-Step Guide to Filing a Cybercrime or Online Fraud Complaint
Step 1: Prepare a clear incident summary
Write a short timeline:
- How you found the seller, investment, person, link, or message.
- What the scammer promised or represented.
- What made you believe the representation.
- What you paid or disclosed.
- Where the money went.
- What happened after payment.
- What steps you already took with your bank, e-wallet, platform, or agency.
Keep it factual. Avoid long emotional narration. Investigators need names, numbers, dates, transaction references, screenshots, and links.
Step 2: Gather identification documents
Prepare:
- Valid government ID.
- Proof of address, if available.
- Contact number and email address.
- For company victims: SEC/DTI registration, board secretary’s certificate or authorization, and representative’s ID.
- For representatives: authorization letter or Special Power of Attorney.
If you are abroad, the Philippine office receiving the complaint may require documents executed before a Philippine Embassy or Consulate, or notarized abroad and apostilled if executed in a country that is part of the Apostille Convention. Requirements vary by office, so keep originals and scanned copies ready.
Step 3: Prepare your evidence folder
Create folders such as:
01 Chat Screenshots02 Payment Proof03 Account Details04 Platform Reports05 Bank or E-wallet Complaint06 IDs and Affidavit
For screenshots, include the device date/time where possible. Do not edit, crop, or annotate the only copy. Keep the original image files.
Step 4: Report to law enforcement
For a cyber-related scam, victims commonly report to the PNP-ACG, NBI Cybercrime Division, or CICC. If you are outside Metro Manila, ask for the nearest regional cybercrime unit or NBI regional/district office.
Expect the officer or investigator to ask for:
- Your ID.
- Complaint sheet or incident report form.
- Complaint-affidavit or sworn statement.
- Screenshots and printed copies.
- Digital copies in USB or email, depending on office procedure.
- Proof of bank/e-wallet report.
- Contact details of the suspect, if known.
A police blotter is not the same as a full cybercrime complaint. A blotter records an incident. A complaint package supports investigation and possible filing before the prosecutor.
Step 5: Execute a complaint-affidavit
A complaint-affidavit is your sworn written statement. It should identify you, narrate the facts, attach evidence, and state that you are filing a complaint for online fraud or other appropriate offenses.
A good complaint-affidavit usually includes:
- Your full name, age, nationality, address, and contact details.
- The known details of the respondent, or “John/Jane Doe” if unknown.
- A chronological statement of facts.
- The exact amount lost.
- The account numbers, phone numbers, usernames, URLs, and transaction references involved.
- A list of attachments.
- A statement that the allegations are true based on personal knowledge and authentic records.
Have it notarized. Government offices may have different formatting preferences, but clarity and completeness matter more than legal jargon.
Step 6: Follow up with reference numbers
Track every report:
- Bank or e-wallet ticket number.
- Platform report number.
- PNP/NBI/CICC reference number.
- BSP complaint reference number, if escalated.
- Prosecutor docket number, if filed for preliminary investigation.
Follow up politely and periodically. Cyber fraud investigations often depend on responses from banks, e-wallets, telcos, platforms, and service providers, which can take time.
How the Bank or E-Wallet Recovery Process Usually Works
The recovery process is different from the criminal case. A bank or e-wallet dispute focuses on tracing, holding, reversing, or reimbursing funds if the facts and rules allow it.
In practice:
- You report the disputed transaction to your financial institution.
- The institution reviews the transaction and may ask for documents.
- If the recipient account is within the same institution, tracing may be faster.
- If the money moved to another bank or e-wallet, inter-institution coordination is needed.
- Under AFASA and BSP rules, institutions may temporarily hold disputed funds in proper cases.
- If funds remain, there may be a chance of holding or recovery.
- If funds were withdrawn, converted, or transferred onward, the case may depend more heavily on investigation and prosecution.
BSP’s consumer assistance mechanism is generally a second-level recourse. According to BSP’s own guidance, financial consumers should first report the concern to the financial institution’s Financial Consumer Protection Assistance Mechanism or customer service channel. If unresolved or unsatisfactory, the complaint may be escalated through BOB or other BSP channels.
Also note this warning: BSP does not need your PIN, password, account number, credit card or ATM card number, passport, or similar sensitive information to process a consumer complaint. Never disclose those details to anyone claiming to “help” with a BSP complaint.
Common Pitfalls That Hurt Online Fraud Cases
Deleting chats after reporting the account
Many victims report and block the scammer immediately, then lose access to the full conversation. Take screenshots, export chats, and save URLs before blocking.
Sending only cropped screenshots
Cropped screenshots may remove timestamps, usernames, links, or context. Keep full-screen versions and original files.
Waiting too long to report to the bank or e-wallet
Money can move quickly. Even a strong criminal case may not result in recovery if the funds are gone.
Filing only with the barangay
Barangay assistance may help document harassment or local disputes, but many online fraud cases involve unknown persons, different cities, false identities, or penalties beyond barangay conciliation coverage. For cyber fraud, go directly to the bank/e-wallet and cybercrime authorities.
Paying “fund recovery” agents
Victims of online fraud are often targeted again by fake recovery agents claiming they can retrieve money from crypto wallets, banks, or scammers. If they ask for upfront fees, seed phrases, OTPs, or remote access to your device, treat it as another scam.
Treating every failed online sale as cybercrime
Not every delayed delivery is criminal fraud. If there is a real registered seller and the dispute is about warranty, refund, wrong item, or non-delivery, the platform dispute system and DTI may be more appropriate. If the seller used a fake identity, fake proof, or mule account from the start, law enforcement becomes more relevant.
Special Situations
If you are a Filipino abroad
You can still report a Philippine online fraud case if the suspect, bank account, e-wallet, platform activity, or damage is connected to the Philippines. Practical options include:
- Reporting to your bank/e-wallet online or by hotline.
- Preparing a notarized or consularized complaint-affidavit.
- Authorizing a trusted representative in the Philippines through a Special Power of Attorney.
- Keeping originals of remittance records and foreign bank documents.
If documents are executed abroad, Philippine agencies may require apostille or consular acknowledgment depending on where and how the document was signed.
If you are a foreigner scammed by someone in the Philippines
Foreigners can report online fraud in the Philippines. RA 12010 expressly recognizes jurisdiction when elements are committed in the Philippines, when Philippine-based systems or financial accounts are used, or when damage is caused to a person in the Philippines or to a financial account maintained with an institution operating in the Philippines.
Prepare your passport, proof of payment, communications, and any Philippine account details. If you are not physically in the Philippines, you may need a representative and properly authenticated documents.
If your identity was used to open accounts
Report immediately to the bank, e-wallet, telco, platform, PNP/NBI/CICC, and, where personal data misuse is involved, the National Privacy Commission. Ask the financial institution to preserve records and mark the account as disputed or fraud-related.
Also consider checking whether your phone number, email, or IDs were used in other platforms. Identity theft cases can spread if the scammer has copies of your ID or selfie verification.
If your account was used as a mule account
If someone convinced you to receive or transfer money “for a fee,” “for work,” or “for verification,” take the matter seriously. RA 12010 penalizes money muling activities. If you were deceived, threatened, trafficked, or used without understanding the scheme, preserve all communications and report promptly. Do not delete evidence showing how you were recruited.
Typical Documents, Timelines, and Costs
| Item | What to expect |
|---|---|
| Bank/e-wallet fraud report | File immediately, ideally within hours. Ask for a ticket number. |
| Temporary hold of disputed funds | Under AFASA, holding is subject to BSP rules and generally cannot exceed 30 calendar days unless extended by court. |
| BSP escalation | Usually after first reporting to the bank/e-wallet. BSP BOB gives a reference number when processed. |
| PNP/NBI/CICC complaint | Initial report may be same day, but investigation depends on evidence and responses from institutions/platforms. |
| Complaint-affidavit | Usually notarized. Bring printed attachments and digital copies. |
| Prosecutor preliminary investigation | Can take weeks to months depending on complexity, respondents, subpoenas, counter-affidavits, and evidence. |
| Court case | If filed in court, cyber fraud and estafa cases can take months to years, depending on docket, witnesses, and evidence. |
| Fees | Reporting to law enforcement is generally free. Expect possible costs for notarization, photocopying, printing, authentication, courier, and document retrieval. |
Frequently Asked Questions
Can I still report online fraud if I only lost a small amount?
Yes. Small losses are still reportable, especially if the same account, number, or page is victimizing many people. Even if recovery is uncertain, your report may help authorities connect related complaints.
Can the police trace a GCash, Maya, bank, or crypto scammer?
They may be able to request records through proper legal processes, but tracing does not always mean immediate arrest or recovery. Many scammers use mule accounts, fake IDs, VPNs, foreign platforms, or multiple transfers. Good evidence and quick reporting improve the chances.
Should I report first to the bank or to the police?
Do both, but for money recovery, report to the bank or e-wallet immediately. For criminal investigation, report to PNP-ACG, NBI Cybercrime Division, or CICC. The bank may focus on the transaction; law enforcement focuses on identifying and prosecuting offenders.
What if the scammer deleted the account or blocked me?
You can still report. Provide screenshots, URLs, account names, payment details, phone numbers, email addresses, transaction references, and any saved messages. Deleted accounts may still leave records with platforms, telcos, banks, or e-wallets, subject to lawful requests.
Is a screenshot enough evidence?
Screenshots help, but they are stronger when supported by payment receipts, transaction reference numbers, full chat exports, URLs, emails, call logs, bank statements, and a sworn complaint-affidavit. Keep original files whenever possible.
Can I get my money back?
Sometimes, but not always. Recovery is more likely if you report quickly and the funds are still in the recipient account or within the financial system. If the money has already been withdrawn, converted to crypto, or passed through multiple accounts, recovery may depend on investigation, prosecution, restitution, or civil action.
Can I file a complaint if I do not know the scammer’s real name?
Yes. You may file against an unknown person using available identifiers such as phone number, username, bank or e-wallet account, email address, URL, QR code, or profile link. Investigators may later identify the person through records.
Should I post the scammer’s name online?
Be careful. Posting accusations may expose you to counterclaims, especially if you identify the wrong person or publish private information. It is usually safer to report to the platform, bank, and authorities, and preserve evidence.
What if the scam involved an online lending app?
If the issue involves an online lending app, financing company, or collection agency, the Securities and Exchange Commission may be involved because it regulates financing and lending companies. If there is harassment, identity misuse, threats, or unauthorized access, cybercrime and data privacy remedies may also apply.
Can foreigners file online fraud complaints in the Philippines?
Yes. A foreign victim may report if the scam has a Philippine connection, such as a Philippine bank account, e-wallet, suspect, platform activity, or damage connected to the Philippines. Documents signed abroad may need apostille, consular acknowledgment, or a representative with proper authority.
Key Takeaways
- Report online fraud immediately to your bank or e-wallet so disputed funds can be traced or possibly held.
- Preserve complete evidence: chats, screenshots, URLs, payment receipts, reference numbers, and account details.
- Online fraud may involve estafa, cybercrime, access device fraud, identity theft, financial account scamming, consumer law violations, and civil liability.
- PNP-ACG, NBI Cybercrime Division, and CICC handle cybercrime reporting; BSP handles unresolved complaints against BSP-supervised financial institutions; DTI handles many online consumer disputes; NPC handles data privacy complaints.
- A complaint-affidavit should be factual, chronological, notarized, and supported by organized attachments.
- Fast reporting improves the chance of tracing or holding funds, but recovery is never automatic.
- Do not pay “recovery agents,” do not share OTPs or passwords, and do not delete evidence after reporting.