What to Do When Your Phone Number Is Used in a Scam

With the rapid digitization of the Philippine economy, mobile numbers have transitioned from simple communication tools into vital identifiers tied to bank accounts, e-wallets, and government records. However, this shift has also made mobile numbers a prime target for cybercriminals.

A rising concern among mobile users is spoofing or identity theft, where scammers manipulate caller ID technology or clone numbers to make it appear as though a fraudulent text or call is originating from an innocent person's mobile number.

If your phone number has been hijacked or used to perpetrate a scam, you face potential civil, criminal, and reputational liabilities. This legal guide outlines the Philippine statutory framework and the immediate actions you must take to protect yourself.

The Legal Landscape in the Philippines

Under Philippine law, a person whose number is used without authorization is considered a victim, not a perpetrator. However, due to strict regulatory laws, you must actively establish that your number was used maliciously without your consent.

1. Republic Act No. 11934: The SIM Registration Act

The SIM Registration Act was enacted to curb text scams and digital fraud by linking every SIM card to a verified identity.

  • Spoofing Penalties: Section 11 of RA 11934 explicitly penalizes the act of transmitting misleading or inaccurate caller identification information with the intent to defraud, cause harm, or wrongfully obtain anything of value. This carries a penalty of imprisonment ranging from six (6) years to twelve (12) years, or a fine of Two hundred thousand pesos (₱200,000.00), or both.
  • The Burden of Notification: Under the law, if your SIM card is lost, stolen, or if there is any change in the information registered, you are required to notify your Public Telecommunications Entity (PTE) immediately. Failure to report unusual activity can complicate your defense if your number is implicated in a crime.

2. Republic Act No. 10175: Cybercrime Prevention Act of 2012

When a scammer uses your number to deceive others, they commit Computer-related Identity Theft under Section 4(b)(3) of the Cybercrime Prevention Act. This involves the intentional acquisition, use, misuse, transfer, possession, or deletion of identifying information belonging to another person without right.

3. Republic Act No. 10173: Data Privacy Act of 2012

If your phone number was obtained through a data breach (such as a leak from an online shopping platform or delivery app), the National Privacy Commission (NPC) provides avenues to hold the negligent data controllers accountable.

Immediate Action Plan: What You Must Do

If you discover that your number is being used to send scam texts, make fraudulent calls, or access unauthorized accounts, you must act swiftly to mitigate legal liability.

Step 1: Document and Secure Evidence

Before changing settings or contacting authorities, compile absolute proof that your device did not originate the fraudulent communications.

  • Take Screenshots: Capture messages from people informing you that they received a scam text or call from your number.
  • Check Outgoing Logs: Take screenshots of your official billing statements or outgoing call/SMS logs from your service provider's app to prove that these fraudulent messages do not appear on your official account ledger.
  • Keep Timestamps: Note exactly when the scam messages were reportedly sent.

Step 2: File an Official Report with Your Telco

Contact your Public Telecommunications Entity (PTE)—Globe, Smart, or DITO—immediately.

  • Request a formal investigation into whether your number is being spoofed via an external web gateway or if a SIM-swap fraud has occurred.
  • Demand a reference number or official acknowledgment receipt of your report. This serves as critical evidence that you acted in good faith upon discovering the fraud.

Step 3: Execute an Affidavit of Denial and File a Police Blotter

Go to the nearest police station or cybercrime unit to record the incident.

  • Police Blotter: File a blotter stating that your mobile number is being used by unknown individuals for fraudulent purposes without your knowledge or consent.
  • Affidavit of Denial: Draft a formal legal statement executing under oath that you have no participation, knowledge, or financial gain from the scams originating from your number. Have this notarized.

Step 4: Lodge a Complaint with Law Enforcement Cybercrime Units

Standard police stations may lack specialized digital forensics. You should elevate your documentation to specialized cybercrime units:

  • Philippine National Police - Anti-Cybercrime Group (PNP-ACG): You can file a complaint through their official website or visit their camp headquarters.
  • National Bureau of Investigation - Cybercrime Division (NBI-CCD): Provide copies of your evidence, your affidavit of denial, and telco correspondence.

Step 5: Notify the National Telecommunications Commission (NTC)

The NTC is the regulatory body overseeing telcos. You can file a formal report through their consumer welfare division or their dedicated text scam channels. Reporting to the NTC ensures that government regulators are aware of systemic spoofing tactics passing through local network gateways.

Summary of Key Actions and Contacts

Entity Action Required Expected Outcome
Telco Provider (Globe/Smart/DITO) Report spoofing/unauthorized activity immediately. Official log of network non-activity from your device.
Local PNP / Notary Public File a blotter and execute an Affidavit of Denial. Legal shield establishing lack of knowledge or intent.
PNP-ACG / NBI-CCD File a formal cybercrime complaint. Criminal investigation against the actual perpetrators.
NTC Submit a consumer complaint/report. Regulatory tracking and potential blocking of malicious gateways.

Mitigating Your Civil and Criminal Liability

Important Legal Principle: In criminal law, a person cannot be held liable for a crime they did not commit, provided there is no conspiracy or criminal negligence.

If a victim of the scam files a lawsuit against the owner of the registered SIM card under the SIM Registration Act, your defense relies entirely on proving absence of intent and unauthorized third-party intervention.

By securing a police blotter, an Affidavit of Denial, and a telco certification proving that the outgoing messages did not originate from your physical SIM card, you effectively sever the legal link between your identity and the fraudulent acts.

Practical Steps to Prevent Future Incidents

  • Never Share OTPs: One-Time Passwords are the keys to your digital identity. No legitimate telco or bank will ever ask for them.
  • Be Cautious with Public Directories: Avoid posting your registered mobile number on public social media accounts, resume banks, or unverified online forms.
  • Monitor Signal Dropouts: If your phone suddenly loses signal entirely for an extended period in an area with normally good reception, contact your telco immediately. This is a primary symptom of SIM-swap fraud, where a scammer convinces a telco to issue a replacement SIM under your name.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login