Manila: The nature of cybercrime in the Philippines is rapidly evolving, with threat actors increasingly using automation, artificial intelligence (AI) and social engineering techniques to conduct phishing campaigns and financial fraud. According to the latest threat intelligence report, the number of phishing websites detected in the Philippines increased by 423% in 2025, raising serious concerns over digital security and the protection of critical infrastructure.
The Philippines has emerged as a mobile-first digital economy, with widespread adoption of digital banking, e-wallets and online payment platforms. However, increasing dependence on digital services has also created new opportunities for cybercriminals. Cybersecurity researchers found that the number of detected phishing websites increased from 731 in 2024 to 3,824 in 2025.
The report highlights that cybercriminals are no longer relying only on technical vulnerabilities but are increasingly targeting human behaviour, trust and identity. Fake websites, counterfeit login pages and malicious mobile messages are being used to steal passwords, banking credentials and other sensitive information from users.
SMS-based phishing attacks, commonly known as smishing, have also witnessed significant growth. Cybercriminals are exploiting mobile networks and digital payment systems to send fraudulent messages that appear to be from banks, government agencies or trusted organisations. These messages often use fake alerts about account suspension, rewards, investment opportunities or official schemes to trick users into clicking malicious links.
The cyber threat landscape is no longer limited to phishing attacks. Ransomware incidents have also increased significantly. While nine ransomware cases were reported in 2024, the number rose to 17 in 2025. Cybercrime groups such as the Qilin ransomware group are using double extortion techniques, where stolen data is threatened with public exposure unless ransom demands are fulfilled.
Financial institutions, healthcare organisations, retail businesses, manufacturing companies and professional service providers have emerged as major targets. At the same time, fake brand profiles and impersonation accounts on social media have increased by 37%. Cybercriminals are using AI-powered chatbots and fraudulent investment schemes to gain victims’ trust and expand their operations.
The growing adoption of cloud services and increasing dependence on third-party supply chains have further complicated the cybersecurity environment. The report indicates a rise in source code leaks and supply-chain-related data breaches. As organisations increasingly rely on external vendors and digital platforms, their exposure to cyber risks is growing faster than their security preparedness.
Government institutions and critical infrastructure have also become targets of cyberattacks. Government websites have faced distributed denial-of-service (DDoS) attacks and website defacement incidents. Some attacks have been linked to hacktivist groups, particularly during politically sensitive periods.
Experts believe artificial intelligence will become a major tool for cybercriminals in the coming years. AI can make fraudulent messages, voice impersonation, fake identities and automated scam campaigns more convincing and scalable. With the expansion of digital payments and e-wallet services, the risk of NFC-based fraud is also expected to increase.
According to a Researcher at Algoritha Security, modern cybercrime is no longer limited to technical attacks but has evolved into a combination of identity theft, psychological manipulation and automated fraud operations. Organisations need to strengthen identity protection, third-party risk management and employee cybersecurity awareness to counter emerging threats.
The increasing cyberattacks in the Philippines serve as a warning for other economies across the Asia-Pacific region. As digital transformation accelerates, cybersecurity strategies must evolve at the same pace. Experts believe governments and businesses need proactive monitoring, stronger security frameworks and faster incident response mechanisms to effectively tackle the next generation of cyber threats.
