Check Point Software Technologies Ltd. said cyber threats in the Philippines have become more industrialized, with increasing digitalization among organizations and widespread mobile use by Filipinos giving fraudsters more potential vulnerabilities to exploit.
The company's Philippine Threat Landscape Report 2025, released last week, revealed that cyber threat activity impacting organizations in the country is on the rise, with its mobile-first population increasing the potential attack surface for cyber criminals.
“Cyber attacks in the Philippines will not stop nowfiBy technological sophistication, but also by scale, automation and deception, Richelle Santos, senior cyber threat intelligence analyst at Check Point Exposure Management Research, said in a statement.
“In an environment where identity, trust and mobile channels are the new battlegrounds, the most secure organizations will be those that protect their digital footprint as carefully as they protect their networks. Staying secure now means verifying everything – every message, every transaction and every identity – every time.”
Rise of Aarti this yearfiCheck Point said social intelligence (AI) will make scams faster, more reliable and widespread as cybercriminals can use these technologies as a force multiplier for their attacks.
The growing trend of contactless payments in the country with the entry of Google Pay and increasing use of e-wallets is also an area of concern as threat actors can exploit device-level vulnerabilities for fraudulent transactions.
“As online platforms, mobile payments and AI-enabled technologies become increasingly embedded in everyday transactions, opportunistic threat actors are expected to adapt social engineering and fraud techniques familiar to these environments. Economic incentives, technological adoption and evolving geopolitical narratives will continue to shape threat actor behavior as the landscape evolves.”
“The Philippine threat landscape has shifted toward high-impact, high-visibility, low-complexity vectors focused on phishing, identity abuse, external misinformation.figuration and cloud-based exposure. These systemic changes require fundamental shifts in national defensive strategies to protect the country's digital economy.
The company said in the report that threat activity in 2025 was dominated by phishing, social engineering and cyber-enabled fraud, with key targets being government and public sector, financial services, critical infrastructure and education platforms.
The report shows that phishing website alerts among Check Point customers in the country increased by 423% from 731 in 2024 to 3,824 in 2025. Smishing or SMS phishing was a prevalent attack point, in which fraudsters used telecom-level manipulation to bypass mobile trust barriers.
“Phishing and smishing remain the most common initial access vectors, with SMS-based delivery gaining prominence through large-scale and coordinated campaigns, including those attributed to the Smishing Triad. These operations often act as entry points for credential harvesting, fraud and broader abuse of digital platforms, reflecting the growing risks associated with mobile and messaging-based communications,” it said.
The company also saw attacks via Infostealer malware designed to exploit unsecured portals and systems to expose sensitive information such as browser credentials.
Meanwhile, recorded ransomware attacks increased from nine last year to 17 in 2025, but these “remained largely opportunistic in nature, affecting a wide range of areas rather than focusing on specific ones.”fiC Industry.”
“Analysis shows that ransomware activity in the Philippines primarily affected areas with high operating fiThe financial severity highlights the attackers' preference for organizations where service disruption and data encryption could exert maximum pressure. This trend reflects increasing digitalization in the country's critical industries, which has expanded the attack surface fiFinancially motivated threat actors, Check Point said.
Financial fraud and scam operations were also prevalent, aided by social media impersonation schemes, such as attackers spoofing banks' AI chatbots to defraud consumers.
“While these trends broadly reflect Southeast Asia and APAC (Asia-Pacific) Pattern, the Philippine threat landscape is particularly exposed due to its mobile-first population, rapid growth of digital payments and high engagement with social media platforms,” the company said. – Bettina V. Rock