Phishing attacks in the Philippines surged 423% last year, showing a shift toward industrialized fraud that increasingly targets mobile users, according to a new report from Check Point Software Technologies Ltd., a cybersecurity solutions company.
Check Point’s Philippine Threat Landscape Report notes that cybercriminals are moving from isolated technical attacks to coordinated operations, exploiting cloud adoption and growing reliance on third-party vendors.
“Cyberattacks in the Philippines are no longer defined by technical sophistication, but by scale, automation, and deception,” said Ritchelle Santos, senior cyber threat intelligence analyst, Check Point Exposure Management Research. “In an environment where identity, trust, and mobile channels are the new battleground, the safest organizations will be those that protect their digital footprints as carefully as they protect their networks.”
Santos emphasized that staying safe now means verifying everything, every message, every transaction, and every identity, every time.
The Philippine threat landscape has shifted toward high-impact, high-visibility attacks that exploit phishing, identity abuse, misconfigurations, and cloud exposures, requiring organizations to rethink national cyber defense strategies.
The report shows that phishing websites jumped from 731 in 2024 to 3,824 in 2025, with smishing, or SMS phishing, becoming the main threat as attackers exploit telecom-level vulnerabilities to bypass mobile trust. Ransomware incidents nearly doubled, from nine to 17, with the Qilin ransomware group using cross-platform attacks and double extortion tactics across sectors including finance, retail, healthcare, manufacturing, food, business services, media, and real estate. Social media impersonation increased by 37%, from 940 to 1,291 cases, with banks hardest hit as AI chatbots drive investment scams. Data exposure also increased, with source code leaks more than doubling to 81 cases and third-party breaches increasing from eight to 29, showing growing supply-chain risks.
Fraud ecosystems are now full-scale, cross-border operations rather than isolated scams, often powered by underground SIM markets and celebrity deepfakes. Government agencies, financial institutions, critical infrastructure, and education platforms are key targets.
Check Point expects AI to amplify existing fraud methods in 2026, making scams faster and more convincing. NFC payment fraud, e-wallet attacks, and supply-chain breaches are also likely to increase, alongside misinformation campaigns targeting brands, executives, and political institutions.