A stolen SIM card is more than a lost piece of plastic. Because your mobile number may receive one-time passwords, password-reset links, bank alerts, and account-recovery messages, a thief may use it to impersonate you, take over online accounts, or ask your contacts for money. The safest response is to have the SIM barred immediately, secure every account linked to the number, preserve evidence, and create a clear official record showing when you lost control of it.
What to do immediately after your SIM card is stolen
Treat the first few hours as a security emergency.
| Priority | Action | Why it matters |
|---|---|---|
| 1 | Report the SIM to your telecommunications provider | Stops calls, texts, mobile data, and incoming OTPs |
| 2 | Secure your primary email, banks, and e-wallets | These accounts can be used to reset or access other accounts |
| 3 | Lock the stolen phone remotely, if applicable | Prevents access to apps, files, and saved passwords |
| 4 | Preserve screenshots, transaction details, and report numbers | Creates evidence for the telco, bank, police, NBI, or PNP |
| 5 | Warn family, friends, clients, and coworkers | Reduces the chance that someone will send money to the thief |
| 6 | File a police or cybercrime report if there is misuse | Starts an official investigation and helps preserve digital records |
| 7 | Obtain a replacement SIM and consider IMEI blocking | Restores control of the number and may disable the stolen handset |
Do not wait for an affidavit of loss or police report before contacting your telco. Ask for immediate barring first. Supporting documents can usually follow.
Your rights and obligations under the SIM Registration Act
Republic Act No. 11934, or the SIM Registration Act of 2022, requires a registered end-user to immediately inform the public telecommunications entity, or PTE, when a SIM is lost. The telco must deactivate the lost SIM within 24 hours from the report. (Supreme Court E-Library)
The law’s implementing rules, contained in NTC Memorandum Circular No. 001-12-2022, are more specific. When reporting a lost or stolen SIM, the subscriber may be required to provide:
- Full name;
- Address;
- Date of birth;
- Mobile number; and
- Other relevant information reasonably needed to establish ownership.
Once the report is received, the telco must immediately bar the SIM so that it cannot receive or send calls and text messages or use mobile data. The SIM is permanently deactivated when a replacement is issued to the verified owner or within the statutory period, whichever occurs earlier. (Supreme Court E-Library)
Report the SIM even if you are unsure whether it was lost or stolen
You do not need to prove theft before asking the telco to bar the SIM. Tell the provider that the SIM is no longer under your control and may be used without your authority.
Ask for:
- Immediate temporary barring;
- Deactivation of the old SIM;
- A complaint, case, or reference number;
- Written or emailed confirmation of the report;
- The exact requirements for same-number replacement; and
- Confirmation of the date and time the SIM became unusable.
Keep the case number and confirmation. They may help establish that any later messages, account access, or transactions occurred after you reported the loss.
Registration does not automatically prove that you committed a scam
A scam message traced to a SIM registered in your name may cause investigators to contact you, but SIM registration alone does not establish criminal guilt. The prosecution must still prove the elements of the alleged offense and your participation beyond reasonable doubt.
Your position is stronger when you can produce a clear timeline showing:
- When you last controlled the SIM;
- When and where it was lost or stolen;
- When you notified the telco;
- When the telco barred or deactivated it;
- When fraudulent messages or transactions occurred; and
- What steps you took to stop the misuse.
A delayed report does not automatically make you guilty, but it can make the facts harder to reconstruct.
What crimes may be committed using a stolen SIM
The applicable charge depends on what the offender actually did.
Computer-related fraud or identity theft
Republic Act No. 10175, or the Cybercrime Prevention Act of 2012, penalizes computer-related fraud and computer-related identity theft. Identity theft includes the unauthorized acquisition, possession, use, misuse, transfer, alteration, or deletion of another person’s identifying information. Using a stolen number to take over an email, social media account, e-wallet, or banking account may fall within these provisions, depending on the evidence. (Supreme Court E-Library)
Estafa
Article 315 of the Revised Penal Code may apply when the offender uses deceit to obtain money or property and causes damage to another person. A typical example is sending messages from the victim’s number claiming to need emergency money, then directing relatives or coworkers to transfer funds.
Where a crime under the Revised Penal Code is committed through information and communications technology, Section 6 of RA 10175 may also become relevant.
Financial account scamming
Republic Act No. 12010, or the Anti-Financial Account Scamming Act of 2024, penalizes social-engineering schemes used to obtain sensitive financial information or unauthorized access to bank and e-wallet accounts. It also penalizes money-muling activities, including lending, selling, buying, renting, or allowing the use of a financial account for criminal proceeds. (Lawphil)
SIM spoofing
Under RA 11934, “spoofing” means transmitting misleading or inaccurate information about the source of a call or message with intent to defraud, cause harm, or wrongfully obtain something of value. It is not the same as every unauthorized use of a stolen physical SIM. Whether the spoofing provision applies depends on whether the offender manipulated or falsely represented the source information. (Supreme Court E-Library)
Step-by-step guide after a SIM or phone is stolen
1. Contact your telco from a safe device
Use another phone, the provider’s verified website, official app, hotline, social media account, or physical store.
Use clear wording:
My registered SIM for mobile number 09XX-XXX-XXXX was lost or stolen at approximately [time and date]. I no longer authorize any use of that SIM. Please bar it immediately, deactivate the old SIM, and provide a reference number and the requirements for replacement.
Do not rely on comments posted on a telco’s public social media page. Use private messaging through the verified account and never provide passwords or OTPs.
Current provider procedures include the following:
| Provider | Common reporting or replacement process |
|---|---|
| Globe or TM | Globe advises immediate reporting. A prepaid or TM subscriber may obtain temporary barring at a Globe Store with one government ID while preparing replacement documents. Replacement commonly requires proof of ownership, a notarized affidavit of loss, and two government-issued IDs. Postpaid loss may also be reported through Globe’s official Messenger channel or 211 from a Globe number. (Globe Telecom) |
| Smart or TNT | A lost SIM may be reported through Smart’s official channels, including *888 from a Smart number or the published landline hotline. Smart states that a same-number replacement may be requested at a Smart Store by the registered owner with one valid government-issued ID. (Smart Help) |
| DITO | DITO publishes customer-support channels including its website live chat, official Facebook page, customer-service email, and hotline 185. Ask specifically for immediate barring and the current requirements for lost-SIM replacement. (DITO) |
Procedures change, and additional verification may be required when the subscriber cannot produce the original SIM bed, receipt, or account records.
2. Secure your primary email first
Your email is often the recovery account for everything else. From a safe device:
- Change the email password.
- Sign out all other sessions and devices.
- Remove unfamiliar recovery numbers and email addresses.
- Review recent logins and forwarding rules.
- Enable an authenticator app, security key, or passkey instead of relying only on SMS.
- Save screenshots of unfamiliar access before removing it.
Use a unique password that has not been used on any other account.
3. Secure banks, credit cards, and e-wallets
Contact each financial institution through its official app, website, hotline, or branch. Ask it to:
- Temporarily suspend digital access;
- Unregister or block the stolen device;
- Freeze the e-wallet or mobile-banking profile;
- Replace affected cards;
- Change the registered mobile number temporarily, when permitted;
- Investigate unauthorized transactions;
- Preserve access and transaction logs; and
- Provide a case or dispute reference number.
If money has already been transferred, identify the exact:
- Date and time;
- Amount;
- Sending account;
- Recipient account or wallet;
- Transaction reference;
- Channel used, such as InstaPay, PESONet, QR payment, card, or internal transfer; and
- Name displayed for the recipient.
Under RA 12010 and BSP rules, financial institutions may temporarily hold funds involved in a disputed electronic transaction. The statutory maximum is generally 30 calendar days, unless extended by a court. The law also provides for coordinated verification among the institutions and account owners involved. Speed matters because recovery becomes more difficult after funds are withdrawn, converted, or transferred through several accounts. (Lawphil)
4. Lock the stolen phone remotely
If the phone was also stolen:
- Use Apple’s Find My service or Google’s Find My Device from another trusted device;
- Mark the device as lost;
- Display an alternate contact number without revealing sensitive information;
- Remove payment cards from the device wallet;
- Record the last known location and time; and
- Change the Apple ID or Google Account password after securing access.
Remote locking is usually preferable as the first step because it may preserve location information. Remote erasure may be appropriate where sensitive data is exposed and recovery appears unlikely, but save the phone’s IMEI, serial number, location screenshots, and other identifying details before erasing it.
Do not personally confront or arrange to meet anyone shown at the device’s location. Give the information to the police.
5. Preserve evidence before blocking or deleting accounts
Save evidence in its original form whenever possible.
Useful evidence includes:
- Screenshots of fraudulent messages;
- Full phone numbers, usernames, profile links, and account URLs;
- Call logs and voicemail;
- Login alerts and password-reset emails;
- Telco report confirmation and ticket number;
- Bank or e-wallet transaction receipts;
- Recipient account details;
- Messages from people who received scam requests;
- CCTV availability at the place of theft;
- The phone’s IMEI and serial number;
- Original purchase receipt or box;
- Location-history screenshots; and
- Copies of government IDs that may have been stored on the phone.
Ask recipients of scam messages to retain the original conversation. A forwarded screenshot is helpful, but the original message on the recipient’s device may contain better timestamps and account details.
Avoid heavily cropping, drawing over, or editing screenshots. Keep a backup in cloud storage or on another device and prepare a simple incident chronology.
6. Warn your contacts without creating confusion
Use another verified number, email account, social media page, workplace channel, or family group chat.
A useful notice is:
My mobile number 09XX-XXX-XXXX was stolen or compromised on [date and approximate time]. Do not send money, disclose OTPs, click links, or follow payment instructions from that number until I confirm that it is secure again.
Do not accuse a named person unless you have reliable evidence. Do not negotiate with the offender or promise payment.
7. Report theft and fraudulent use to the proper authorities
If the SIM was taken through theft, robbery, or snatching, report the incident to the police station with jurisdiction over the place where it occurred. A police blotter creates a contemporaneous record of your report.
If the SIM is being used for account takeovers, online impersonation, or scams, you may file with:
- The PNP Anti-Cybercrime Group or its regional anti-cybercrime units;
- The NBI Cybercrime Division or a regional cybercrime center; or
- The CICC cybercrime reporting service through hotline 1326 for reporting assistance and referral. (Cybercrime Prevention Unit)
The NBI’s published process involves completing a complaint sheet, undergoing a preliminary interview, executing a sworn statement or submitting an affidavit, and providing supporting documents or the relevant device. Its Citizen’s Charter lists no fee for the initial complaint process and estimates approximately one hour and ten minutes for frontline intake and approval steps. That estimate does not include the actual investigation, which may take substantially longer. (National Bureau of Investigation)
A barangay blotter may help document that you reported an incident, particularly where the loss occurred locally, but it does not compel the telco to deactivate the SIM and does not replace a police or cybercrime investigation.
8. Ask investigators to preserve digital records promptly
Telecommunications and online-service records are not kept forever. Under Section 13 of RA 10175, traffic data and subscriber information must generally be preserved for at least six months from the transaction. Content data may be preserved for six months after a law-enforcement preservation order, with a possible one-time extension. Disclosure ordinarily requires the appropriate legal process or court warrant. (Supreme Court E-Library)
This is one reason to file promptly when serious fraud has occurred. A complainant cannot normally force a telco to hand over another subscriber’s private registration information directly.
Under RA 11934, subscriber registration data is confidential. A telco may disclose relevant information pursuant to a subpoena from a competent authority based on a sworn written complaint alleging that a particular number was used for a crime or fraudulent act and that the complainant cannot identify the perpetrator. (Supreme Court E-Library)
9. Obtain a same-number replacement SIM
A replacement lets you recover the number while invalidating the old SIM. Bring as many ownership records as possible:
- Government-issued ID;
- SIM registration confirmation or reference number;
- Original SIM bed, if available;
- Purchase receipt;
- Account statements or postpaid bills;
- Screenshots showing the number in the telco app;
- Previous load or payment records;
- Notarized affidavit of loss, if required;
- Police report or blotter, if the incident involved theft; and
- Authorization documents, if the registered owner is a company or juridical entity.
The request generally must be made by the person under whose name the SIM was registered. A mismatch between the actual user and registered owner is a common reason for delay or denial.
Security checks may include questions about recent load purchases, frequent contacts, account history, plan information, or linked services. Same-day replacement is sometimes possible, but processing may take longer because of store queues, SIM availability, identity verification, security waiting periods, or discrepancies in the registration records.
After activation:
- Test incoming and outgoing calls and texts.
- Confirm that the old SIM no longer works.
- Reset voicemail and account PINs.
- Review all linked accounts again.
- Re-enroll secure authentication methods.
- Notify banks and e-wallets that you have regained the number.
How to block the stolen phone’s IMEI
SIM barring and IMEI blocking are different.
- SIM barring disables the mobile number and SIM credentials.
- IMEI blocking targets the handset’s International Mobile Equipment Identity, which identifies the physical device on mobile networks.
If the phone itself was stolen, you may request IMEI blocking through your telco or the National Telecommunications Commission. The NTC’s published requirements include:
- A valid government-issued ID or passport;
- Proof of ownership, such as the official receipt, original box showing the IMEI, or seller’s certificate;
- A notarized affidavit of ownership and loss stating the IMEI and SIM number; and
- A police blotter, when available, especially for theft or robbery.
NTC Form No. 1-24 is the agency’s affidavit of ownership and loss with undertaking. NTC materials state that blocking requests may be received through walk-in filing, courier, facsimile, or electronic mail, subject to the office’s current procedure. (Region 7 NTC)
IMEI blocking does not log the thief out of email, social media, bank, or e-wallet accounts. Those accounts must still be secured separately.
Documents, fees, and realistic timelines
| Process | Common requirements | Typical official timeline or cost |
|---|---|---|
| Initial SIM barring | Name, address, birth date, mobile number, identity verification | Immediate barring should be requested; deactivation must occur within 24 hours from the report under RA 11934 |
| SIM replacement | Valid ID, proof of ownership, registration or account records, affidavit if required | Same day to several working days, depending on verification, stock, and provider security controls |
| Affidavit of loss | Personal appearance before a notary, valid ID, incident details, mobile number and possibly IMEI | Notarial fees vary; there is no single nationwide private-notary rate |
| Police report | Valid ID and factual narration of the loss or theft | Usually no police filing fee; waiting time varies |
| Cybercrime complaint | Sworn complaint or affidavit, screenshots, transactions, account details, devices or digital records | Initial intake may be completed the same day; investigation can take weeks or months |
| IMEI blocking | ID, ownership proof, notarized affidavit, IMEI, police record if available | Processing varies by NTC office and completeness of documents |
| Bank or e-wallet dispute | ID, account details, transaction references, affidavit or police report when requested | Urgent blocking may be immediate; investigation and fund recovery take longer |
Do not pay a fixer to obtain expedited deactivation, subscriber information, or law-enforcement records. Use official channels and obtain receipts for legitimate fees.
Common problems and how to handle them
The thief is messaging people but no money has been lost yet
Have the SIM barred, warn contacts, preserve screenshots, and report the fraudulent use to the telco. File a cybercrime report where the messages show a clear attempt to obtain money, passwords, OTPs, or financial information.
An attempted offense may still be punishable under applicable laws even if no one sent money.
Someone already sent money to the scammer
The sender should immediately contact the sending bank or e-wallet and report the transaction as fraudulent. Provide the recipient account, amount, time, and reference number. The registered SIM owner should separately submit evidence showing the number was stolen and already reported.
The person who transferred the money is usually the direct financial complainant, while the SIM owner may be an important complainant or witness regarding identity misuse.
The number was registered under a relative’s name
The registered owner will generally need to participate in replacement and verification. Bring proof explaining the relationship and actual use of the number.
Do not submit false statements claiming to be the registered owner. Providing false information or fraudulent identification documents in connection with SIM registration is itself punishable under RA 11934. (Supreme Court E-Library)
The SIM was stolen but the phone remains with you
The risk may still be serious because the SIM can be inserted into another handset. Report and bar it immediately. Check whether your accounts permit password recovery through SMS and replace SMS-only authentication.
IMEI blocking is generally unnecessary when you still possess the handset.
The phone is locked with a PIN or biometrics
A screen lock reduces risk but does not eliminate it. Depending on the device and SIM settings, the thief may remove the physical SIM and insert it into another phone. A SIM PIN can help prevent this, but many subscribers have not enabled one.
Telco barring remains necessary.
The SIM is an eSIM
Report the stolen device and ask the telco to bar the eSIM profile. Do not assume an eSIM is safe merely because it cannot be physically removed. A thief who can unlock the device may still access messages, apps, and account-recovery functions.
You are outside the Philippines
Report the SIM through the telco’s official online or international support channel immediately. Ask whether replacement requires personal appearance or whether a properly authorized representative may be accepted.
An affidavit or special power of attorney executed abroad may need to be notarized by a Philippine embassy or consulate, or locally notarized and apostilled in an Apostille Convention country. Confirm the telco’s requirements before paying for authentication because providers may still require the registered owner to appear personally for security reasons. (Philippine Embassy New Delhi)
Foreign nationals should prepare the passport and immigration or address documents used for registration. Under the SIM Registration Act’s rules, a tourist SIM is generally valid for 30 days and may be extended upon submission of an approved visa extension. (Supreme Court E-Library)
The telco refuses or delays barring the SIM
Escalate through the provider’s supervisor or formal complaint channel and record all reference numbers. State that the SIM is lost or stolen and cite the immediate-report and 24-hour deactivation requirements under Section 6 of RA 11934.
For unresolved SIM-registration or telecommunications concerns, the NTC’s published consumer hotline is 1682. Keep copies of the original telco complaint because regulators commonly expect the provider to have been notified first. (www.foi.gov.ph)
Frequently Asked Questions
Can a stolen SIM receive my OTPs?
Yes, until the SIM is barred or deactivated. A thief may also use password-recovery features linked to the number. Contact the telco and affected financial or online services immediately.
How quickly must my telco deactivate a stolen SIM?
RA 11934 requires deactivation within 24 hours from the report. Its implementing rules also require immediate barring so the SIM cannot be used for calls, texts, or mobile data. (Supreme Court E-Library)
Do I need an affidavit of loss before reporting the SIM?
No. Report the loss immediately and ask for temporary barring. An affidavit may be required later for replacement or IMEI blocking.
Can I retain the same mobile number?
Usually, yes, if the number remains eligible for replacement and you pass the provider’s identity and ownership verification. The old SIM should be permanently deactivated when the replacement is issued.
Will a police blotter automatically block the SIM?
No. You must separately notify the telco. A police blotter documents the incident but does not itself deactivate the number.
Can I obtain the identity of the person using my stolen SIM?
Not simply by asking the telco. SIM registration information is confidential. Disclosure generally requires a subpoena, court order, or other legal process allowed by RA 11934. (Supreme Court E-Library)
Am I liable if my registered number was used to scam someone?
Not automatically. Criminal liability requires proof that you committed, participated in, or knowingly assisted the offense. Prompt reports, telco records, affidavits, police reports, and account-access evidence can help establish that the SIM was no longer under your control.
Should I change every password?
Prioritize your primary email, Apple or Google account, banks, e-wallets, social media, messaging apps, work accounts, and shopping platforms. Change any other account that used the same password or relied on the stolen number for recovery.
Should I remotely erase the stolen phone?
Remote erasure may be appropriate when highly sensitive information is exposed and recovery is unlikely. Record the IMEI, serial number, last location, and relevant screenshots first. Remote lock the device immediately and coordinate with police rather than attempting to recover it personally.
Is SIM replacement free?
It depends on the provider and account type. Smart currently states that qualifying same-number replacement is free. Other providers may apply their current business policies or require additional documents. Notarization, courier, or authentication expenses are separate. (Smart Help)
Key Takeaways
- Report a stolen SIM to your telco immediately and obtain a reference number.
- Under RA 11934, the telco must deactivate a reported lost SIM within 24 hours and should bar it immediately.
- Secure your primary email, banks, e-wallets, and device accounts before the thief can use OTPs or password resets.
- Preserve original messages, login alerts, transaction references, telco records, and a detailed timeline.
- Warn contacts not to send money or share OTPs in response to messages from the stolen number.
- File a police and cybercrime report when the SIM was stolen or used for impersonation, account takeover, or fraud.
- Request same-number replacement from the telco and IMEI blocking if the handset was also stolen.
- SIM registration may identify the registered subscriber, but it does not by itself prove who committed a scam.