Where to Report Online Scammers in the Philippines: Agencies and Complaint Steps

I. Overview: What Counts as an “Online Scam” in Philippine Practice

An online scam is any scheme conducted through the internet, mobile networks, or digital platforms intended to deceive victims into surrendering money, property, personal data, access credentials (OTP, passwords), or other valuable rights. In the Philippines, online scams are commonly pursued as fraud (estafa) and/or as cybercrime, depending on how the act was committed.

Common forms include:

  • Online selling/buy-and-sell scams: seller disappears after payment; fake tracking; counterfeit goods; “reservation fee” scams.
  • Investment/crypto/forex scams: guaranteed returns; referral pyramids; fake “trading platforms.”
  • Phishing and account takeovers: fake bank/e-wallet pages; OTP harvesting; SIM swap.
  • Identity/impersonation scams: posing as a relative, government office, bank, courier, or celebrity.
  • Romance/“love” scams and “inheritance/parcel” scams.
  • Task/job scams: paid tasks → “upgrade” fee → withdrawals blocked.
  • Loan/collection harassment (including illegal lenders and contact-harassment tactics).
  • Marketplace and booking scams: fake Airbnb/hotel pages; fake ticketing; fake travel packages.
  • Unauthorized card/online banking transactions: card-not-present fraud; stolen credentials.

Your reporting route depends on (a) the type of scam, (b) whether money moved through banks/e-wallets, and (c) whether you need criminal prosecution, regulatory action, or both.

II. Key Philippine Laws Typically Used Against Online Scammers

Online scams rarely rely on only one law. Complaints often cite estafa plus cybercrime elements, and sometimes special financial laws.

A. Revised Penal Code (RPC): Estafa (Swindling)

Most scam complaints revolve around estafa, generally involving deceit and damage (loss). Estafa can apply whether the scam happened online or offline; the “online” aspect often adds cybercrime coverage.

B. Cybercrime Prevention Act (Republic Act No. 10175)

This law addresses crimes committed through computers, networks, and online systems. Two practical effects:

  1. Certain offenses (including fraud-related offenses) may be treated as cyber-related when committed using ICT.
  2. Cybercrime authorities can use specialized procedures and coordination for digital evidence and data requests.

C. E-Commerce Act (Republic Act No. 8792)

Supports recognition and use of electronic data messages/documents and can be relevant to electronic transactions and proof.

D. Access Devices Regulation Act (Republic Act No. 8484)

Often implicated when scams involve credit cards, access devices, or unauthorized use of card details.

E. Anti-Money Laundering Act (AMLA, as amended)

If funds moved through financial institutions, AML mechanisms may be relevant (e.g., suspicious transaction reporting, account tracing, and preservation actions through proper channels).

F. Data Privacy Act (Republic Act No. 10173)

Relevant when scammers collect or misuse personal data, doxx, or obtain data through unlawful means. Also relevant if you’re dealing with a platform or entity mishandling personal data.

G. Other laws may apply depending on facts

For example, if threats, extortion, voyeurism, identity misuse, or other offenses occurred alongside the scam.

Practical point: Your initial report does not need perfect legal labeling. What matters is that you describe the facts clearly and preserve evidence. Investigators and prosecutors can fit the facts to the correct charges.

III. Where to Report: The Main Philippine Agencies (and When to Use Each)

Think in layers: (1) immediate financial containment, (2) criminal investigation, (3) regulator/consumer enforcement, (4) platform/telecom action.

1) PNP Anti-Cybercrime Group (PNP-ACG)

Best for: online fraud, phishing, account takeovers, impersonation, marketplace scams, and cyber-enabled estafa—especially when you need police blotter support and criminal investigation.

What they do: take cybercrime complaints, assist in evidence handling, coordinate with other units, and support case build-up.

2) National Bureau of Investigation (NBI) – Cybercrime/related units

Best for: larger-scale scams, syndicates, repeat offenders, cases needing deeper investigation, cross-regional activity, and evidence-heavy matters.

What they do: investigative case build-up, technical support, identification of suspects, coordination with prosecutors.

3) DOJ Office of Cybercrime (or DOJ cybercrime prosecution channels)

Best for: when you are already preparing a formal criminal complaint for prosecutor evaluation and need the cybercrime prosecution route.

What they do: prosecution guidance and coordination for cybercrime matters (actual filing is typically with the appropriate prosecution office/venue).

4) Cybercrime Investigation and Coordinating Center (CICC)

Best for: coordination and referrals for cybercrime concerns; can help route complaints or provide guidance on where to lodge the complaint depending on scam type.

5) Securities and Exchange Commission (SEC)

Best for: investment scams, “investment solicitation,” pseudo-brokerage, “guaranteed returns,” and entities acting like investment companies without proper authority.

What they do: investigate and penalize entities, issue advisories, and enforce securities regulations (separate from criminal prosecution).

6) Bangko Sentral ng Pilipinas (BSP) + Your Bank / E-Wallet Provider

Best for: scams involving bank transfers, online banking, e-wallet transfers, unauthorized transactions, and payment disputes.

What they do (bank/e-wallet): immediate dispute handling, internal investigation, potential hold/reversal processes (depending on timing and rules), and coordination with law enforcement when properly requested.

What BSP does: consumer assistance/escalation for regulated institutions, supervision and regulatory compliance.

7) National Telecommunications Commission (NTC) + Your Mobile Network

Best for: SIM-related scams, text blasts, SIM swap indicators, spam messages, and blocking/reporting of scam numbers.

What they do: telecom regulatory actions and coordination with telcos; telcos can also block/report accounts and investigate SIM incidents.

8) Department of Trade and Industry (DTI)

Best for: online consumer complaints involving sellers, deceptive sales practices, and e-commerce merchants (especially when a seller is a legitimate business that can be compelled through consumer processes).

What they do: consumer complaint mediation, enforcement of consumer-related regulations.

9) National Privacy Commission (NPC)

Best for: scams involving misuse/leak of personal information, doxxing, harassment using contact lists, or unlawful processing of personal data by entities.

What they do: data privacy complaints and enforcement actions (separate from criminal fraud cases).

10) Local Police Station / Barangay (Limited use)

  • Police station: useful for a blotter entry and initial report if you need documentation quickly.
  • Barangay: generally not the main channel for cybercrime and is often unhelpful when the suspect is unknown or when the matter is primarily criminal and/or cross-jurisdictional.

11) The Platform Itself (Facebook/Meta, Instagram, TikTok, X, Telegram, Marketplace apps, Shopee/Lazada support, etc.)

Best for: takedown, account reporting, chat logs preservation on your side, and immediate prevention of further victimization.

What they do: remove listings/pages (not guaranteed), disable accounts, provide limited reporting tools; official data disclosures usually require lawful requests.

IV. A Practical “Where Do I Report?” Matrix (Quick Guide)

A. If you sent money via bank/e-wallet

  1. Report to your bank/e-wallet immediately (containment)
  2. Report to PNP-ACG or NBI (criminal case)
  3. Escalate to BSP (if the regulated institution fails to address consumer handling properly)

B. If it’s an investment/crypto “guaranteed profit” scheme

  1. SEC (regulatory action)
  2. PNP-ACG or NBI (criminal action)
  3. Bank/e-wallet (if you paid through them; try to freeze/trace)

C. If it’s phishing / OTP / account takeover

  1. Bank/e-wallet (freeze account, reset access, dispute)
  2. Telco (if SIM swap suspected; secure SIM)
  3. PNP-ACG or NBI (cybercrime complaint)

D. If you’re being harassed using your contact list (illegal lending tactics)

  1. NPC (data privacy/harassment angle)
  2. PNP-ACG / local police (threats, coercion, unlawful acts)
  3. Platform (report accounts/messages)

E. If it’s an online purchase scam by a known local seller/business

  1. DTI (consumer complaint)
  2. PNP-ACG / NBI (if clearly fraudulent and criminal)
  3. Platform + bank/e-wallet (if payment involved)

V. Before You Report: Evidence to Preserve (This Makes or Breaks Cases)

A. Capture and store proof immediately

  • Screenshots of the profile/page, usernames, URLs, phone numbers, email addresses
  • Screenshots of chat messages, including dates/times
  • Photos of listings, invoices, “contracts,” “investment dashboards,” and promises
  • Transaction proof: bank transfer slip, e-wallet reference number, receipt, screenshots of fund transfer confirmation
  • Any delivery info: tracking number, courier details, fake waybill
  • Any threats or coercive messages

B. Preserve originals when possible

  • Export chat history if the platform allows it
  • Save files sent by the scammer (PDFs, images, voice notes)
  • Keep emails with full headers if phishing happened
  • Avoid editing screenshots; keep a clean folder with timestamps

C. Write a clean timeline (do this even if you’re upset)

Create a simple chronological list:

  1. when and where you encountered the scammer
  2. what was promised
  3. what you paid/sent (amount, date, channel)
  4. what happened afterward
  5. your losses and continuing risks (accounts compromised, threats, etc.)

D. Identify the “trace points”

These are what investigators can chase:

  • bank account number / name used
  • e-wallet number / account name
  • delivery address used
  • referral links, group chats, admin accounts
  • device numbers, SIM numbers, GCash/Maya handles, etc.

VI. Immediate Damage Control (Do This First if Money or Accounts Are at Risk)

1) If money was transferred

  • Call or in-app report to your bank/e-wallet right away.
  • Request: transaction dispute, fraud report, and if applicable, attempt to hold/recall the transfer.
  • Ask for a reference/ticket number and keep it.

Reality check: Many transfers are final once credited to the recipient. Still, reporting fast can help with containment, documentation, and potential coordination.

2) If your account was compromised (OTP given, phishing, SIM swap)

  • Change passwords immediately (email first, then banking/e-wallet, then social media).
  • Enable MFA using secure methods.
  • Notify your telco if SIM swap is suspected; secure your SIM and update your accounts.
  • Freeze cards if relevant.

3) If you sent IDs/selfies

  • Assume identity misuse risk.
  • Monitor accounts; consider requesting guidance from your bank and relevant agencies.
  • Keep proof of where/when you provided the documents.

VII. How to File a Criminal Complaint (Philippine Context, Step-by-Step)

Step 1: Choose the primary investigative body

  • PNP-ACG or NBI are the usual first stops for online scam investigations. Choose based on accessibility and scale; you can start with whichever you can reach fastest.

Step 2: Prepare your complaint packet

A solid packet typically includes:

  • Sworn statement / affidavit-complaint (narrative + attachments)
  • Photocopy of valid government ID
  • Printed screenshots and a USB or storage with digital copies (when accepted)
  • Proof of payment and any bank/e-wallet correspondence
  • Your timeline and computation of total loss

Affidavit basics (structure):

  1. your personal details and capacity (victim)
  2. how you met the suspect (platform, date)
  3. specific representations made (what they promised)
  4. reliance (why you believed it)
  5. how you paid/transferred funds (details)
  6. how you discovered the scam
  7. damages/losses
  8. list of attachments (annexes)

Step 3: Make the report and get documentation

  • Request a copy of the report or reference number.
  • If you need it for bank escalation or workplace documentation, ask what they can provide (blotter/certification where applicable).

Step 4: Case build-up and identification

Investigators may:

  • validate transaction trails
  • identify account owners used
  • coordinate for lawful requests for data (platform/bank/telco)
  • invite you for clarifications or additional affidavits

Step 5: Filing with the Prosecutor (Inquest/regular filing)

Most scam cases proceed through regular filing (not inquest) unless there was an arrest. You’ll submit your affidavit-complaint and evidence for preliminary investigation.

What happens in preliminary investigation:

  • you file complaint with supporting evidence
  • respondent is required to submit counter-affidavit (if identified and reachable)
  • prosecutor determines probable cause and whether to file in court

Step 6: Court case (if probable cause is found)

If filed, the case proceeds in the appropriate court. Cyber-related offenses can affect venue and procedures, but the prosecutor/investigators will guide the proper filing location based on facts.

VIII. Regulatory and Consumer Complaint Routes (When You Want Fast Remedies or Enforcement)

A. Bank / E-wallet dispute (plus BSP escalation)

Use when:

  • unauthorized transactions
  • phishing-related losses
  • mistaken transfers induced by fraud (still reportable, even if reversal is uncertain)

Keep:

  • ticket/reference number
  • screenshots of chat showing deception
  • timeline and loss amount

Escalate to BSP consumer channels if the institution’s handling is clearly deficient or unresponsive. Include all your documentation and the institution’s responses.

B. SEC for investment solicitation and “guaranteed returns”

Report:

  • entity name and aliases
  • promoters and pages
  • materials showing solicitation and promised returns
  • proof of payment and recruitment/referrals

Even if you also file criminally, SEC action can help disrupt the scheme.

C. DTI for consumer disputes with identifiable merchants

If the seller is a business with an address or business identity, DTI mediation can be effective—especially where the issue is deceptive practice and you want refunds/settlement leverage.

D. NPC for data privacy harms and harassment

Report:

  • how your data was collected
  • how it was used (spam, harassment, contacting your list)
  • screenshots of messages and proof of data handling

IX. Platform, Telco, and “Takedown” Actions (Important but Not a Substitute)

Platform reports can:

  • remove listings/pages
  • freeze accounts
  • stop ongoing victimization

But platform takedown does not return your money and does not replace criminal/regulatory action.

Telco reports can:

  • help with spam/scam number action
  • address SIM swap issues
  • support account security steps

Still, for prosecution and asset tracing, you’ll typically need law enforcement and/or prosecutor processes.

X. Common Mistakes That Weaken Cases (Avoid These)

  1. Deleting chats out of anger or shame
  2. Only reporting to the platform and stopping there
  3. Reporting late to banks/e-wallets
  4. Submitting evidence with no timeline or no transaction details
  5. Paying “recovery agents” who promise retrieval for a fee (often a second scam)
  6. Posting the scammer’s personal info publicly in a way that may expose you to legal risk—better to report through proper channels
  7. Assuming “small amounts” aren’t worth reporting—patterns matter; reports help link cases

XI. What You Can Realistically Expect

  • Fastest outcomes usually come from account security actions and platform/telco disruption.
  • Money recovery varies heavily by timing, transfer method, and whether funds remain traceable and preservable.
  • Criminal prosecution can be slow, especially if suspects are unknown or offshore, but strong evidence and quick reporting improve odds.
  • Regulatory complaints (SEC/DTI/NPC/BSP) can pressure entities and reduce ongoing harm, even when prosecution is pending.

XII. Simple Checklist: Your “Ready-to-Report” Packet

  • Timeline (1–2 pages)
  • Screenshots of profile/page + URLs + identifiers
  • Complete chat screenshots with dates/times
  • Proof of payment (reference numbers, receipts)
  • Bank/e-wallet ticket numbers and correspondence
  • Any documents the scammer sent (contracts, IDs, “certificates”)
  • Your ID (photocopy)
  • Draft affidavit-complaint with annex list

XIII. Frequently Asked Questions

1) Should I report even if I only lost ₱500 or ₱1,000? Yes. Small losses across many victims are how syndicates operate. Your report can connect with other complaints.

2) What if the scammer used someone else’s bank/e-wallet account? Still report. Investigators can trace account ownership, access patterns, and linked identifiers. Account “mules” can be investigated too.

3) I willingly transferred money—will authorities say it’s my fault? Victim-blaming is not the legal standard. Fraud hinges on deception and damage. Provide the deceptive statements and your reliance.

4) What if the scammer is abroad? Report anyway. Cross-border cases are harder, but documentation helps platform actions, financial tracing, and possible cooperation mechanisms.

5) Can I settle? Some victims recover funds through settlement, but be careful: scammers often “partial refund” to lure more money. If settlement is considered, document everything and avoid paying additional “fees” to obtain your own refund.

XIV. A Practical Reporting Sequence (Best All-Around)

  1. Secure accounts + report to bank/e-wallet immediately
  2. Save evidence and build timeline
  3. Report to PNP-ACG or NBI (bring affidavit + proof)
  4. Report to SEC/DTI/NPC/NTC as applicable
  5. Report the scammer account to the platform
  6. Follow through with prosecutor filing if you want criminal prosecution

XV. Sample Affidavit-Complaint Outline (Short Form)

Title: AFFIDAVIT-COMPLAINT

  1. Personal circumstances (name, age, address, ID details)
  2. How you encountered the respondent (platform, username, link)
  3. Representations made (verbatim key lines when possible)
  4. Payment details (date/time, amount, channel, reference no.)
  5. Acts showing fraud (blocking, refusal to deliver, fake proof, new demands)
  6. Damages (total loss + other harm)
  7. Request for investigation and filing of appropriate charges
  8. Annexes list (A: screenshots, B: receipts, C: chats, etc.)
  9. Jurat and signature

If you want, paste (1) the scam type, (2) how you paid, and (3) what evidence you already have, and I’ll format a clean complaint timeline + annex list + affidavit draft you can print and use.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login