The digital economy is growing rapidly, but so are the risks that come with it.
As more Filipinos embrace digital banking and e-wallets for everyday transactions, cybercriminals are finding new opportunities to commit fraud, exploiting users and businesses alike.
While the speed and convenience of digital payments have transformed how consumers manage their finances, they have also made financial platforms attractive targets for cybercriminals.
According to Accenture, digital payment fraud increased by 25% during the first three years of the 2020s, while fraud-related losses continue to affect both businesses and consumers. The firm also noted that some financial services customers have closed their accounts due to concerns over fraud and security.
The Philippines is no exception.
In 2024, the country ranked second among global markets for suspected digital fraud rates, trailing only India, which recorded a cybercrime rate of 19%.
The impact on Filipino consumers
IMAGE CREDIT: Magnific
The growing prevalence of cyber scams is taking a financial toll on consumers.
In a survey conducted between November and December 2024, around 74% of Filipinos reported being targeted by various digital payment scams, while 34% said they had lost money to such attacks.
The average reported loss exceeded ₱44,700 (approximately USD 768), an amount equivalent to more than two months’ salary for many Filipino households, according to Yogesh Daware, chief commercial officer at TransUnion Philippines.
Beyond financial losses, fraud incidents can also undermine trust in digital financial services, potentially slowing broader efforts toward financial inclusion and digital transformation.
How digital fraud schemes operate
Most financial scams begin with social engineering attacks designed to manipulate victims into revealing sensitive information.
Fraudsters commonly use phishing and smishing tactics, impersonating legitimate organizations, financial institutions, or trusted individuals to convince users to disclose login credentials, one-time passwords (OTPs), or other personal information.
These attacks are not limited to emails and text messages. Cybercriminals can also create fraudulent online stores and fake websites to capture customers’ payment details and account credentials. In some cases, stolen information is traded on dark web marketplaces, enabling further fraudulent activity.
Malware also remains a key tool in the cybercriminal arsenal.
Threats such as infostealers, man-in-the-middle attacks, and man-in-the-browser attacks can be used to intercept sensitive information, monitor user activity, or gain unauthorized access to accounts.
Once credentials are compromised, fraudsters may exploit digital wallets and financial accounts to conduct a range of illicit activities. Common forms of deceptive schemes include credit card scam, peer-to-peer (P2P) payment scam, identity theft, account takeovers, and money laundering.
Efforts to combat cyber threats
IMAGE CREDIT: Pexels / Leeloo The First
The Philippines has been strengthening its legal and regulatory framework against cybercrime for more than two decades.
One of the country’s earliest legislative responses was the Philippine E-Commerce Act (Republic Act No. 8792), signed into law in 2000 following the global impact of the ILOVEYOU computer worm, which originated in the Philippines and affected millions of computers worldwide.
Since then, lawmakers and regulators have introduced additional measures to address emerging digital threats.
The Cybercrime Prevention Act of 2012 (Republic Act 10175) criminalizes offenses such as hacking, online identity theft, system interference, and other illegal online activities.
More recently, the Anti-Financial Account Scamming Act (Republic Act 12010) was enacted to address money mule operations, phishing attacks, and other financial scams. Meanwhile, the Data Privacy Act of 2012 (Republic Act 10173) establishes safeguards for personal information and holds organizations accountable for data breaches and privacy violations.
Enforcement agencies have also intensified efforts against organized cybercrime groups.
In 2025, the Presidential Anti-Organized Crime Commission (PAOCC) continued operations targeting online scam syndicates. These efforts have been supported by cooperation with international organizations such as the United Nations Office on Drugs and Crime (UNODC), particularly following the government’s move to ban Philippine Offshore Gaming Operators (POGOs), some of which had been linked to scam compounds and illicit activities.
An evolving challenge
Despite these initiatives, combating cyber threats remains an ongoing challenge.
As financial institutions continue to strengthen security controls, cybercriminals are adapting their methods, increasingly leveraging artificial intelligence, automation, and other advanced technologies to execute more sophisticated attacks.
The rapid growth of digital payments and online financial services has created significant opportunities for economic inclusion and innovation.
At the same time, it has underscored the need for stronger cybersecurity measures, greater consumer awareness, and continued collaboration among regulators, financial institutions, technology providers, and law enforcement agencies.
As fraud tactics continue to evolve, safeguarding trust in the digital financial ecosystem will remain a critical priority for both the public and private sectors.
