by John Mark “JM” Santos, Correspondent
According to a recent report by global cybersecurity and digital privacy company Kaspersky, the Philippines faces a growing cybersecurity crisis as phishing attacks reach alarming levels, fueled by sophisticated tactics and the exploitation of popular online platforms.
Kaspersky also revealed a staggering 26% increase in blocked phishing attempts globally in 2024 compared to the previous year, a trend mirrored and amplified in the Philippines. This surge underscores the evolving threat landscape and the increasing vulnerability of Filipinos to online scams.
Cybercriminals capitalizing on popular platforms online — Kaspersky
Cybercriminals are capitalizing on the popularity of e-commerce platforms
Cybercriminals are capitalizing on the popularity of social media and e-commerce platforms like Airbnb, TikTok, Telegram, and Booking.com, which have become fertile ground for malicious activity.
Kaspersky’s research indicates these platforms were implicated in over 125 million cyberattacks designed to deceive users and pilfer sensitive information. The Philippines, a nation with high social media penetration and a burgeoning digital economy, has become a prime target for these attacks.
The problem intensifies during peak shopping seasons and holidays, when Filipinos flock to online marketplaces. Scammers frequently impersonate popular local platforms such as Lazada, Shopee, Facebook Marketplace, TikTok Shop, and even mobile payment services like GCash, luring unsuspecting victims with fake promotions and fraudulent offers. These scams often involve phishing emails, SMS messages containing malicious links, and the theft of user credentials.
This data from Kaspersky paints a stark picture of the escalating threat.
In 2023, the company blocked nearly 710 million phishing attempts worldwide. That number skyrocketed to over 893 million in 2024. These attacks range from simple attempts to steal data and money to more sophisticated schemes designed to install malicious software. Cybercriminals frequently create counterfeit websites that meticulously mimic legitimate platforms, blurring the lines between genuine and fraudulent online experiences.
Last year, Kaspersky also reported that it has blocked over 61 million attack in SEA, even as it warned Philippine businesses to strengthen their digital defenses.
Rise of AI complicating fight against cybercrime
The rise of artificial intelligence (AI) has further complicated the fight against cybercrime. Experts have observed a disturbing trend of deepfake scams, where AI-generated images and videos of celebrities and influencers are used to promote fraudulent investment schemes or endorse fake products, often disseminated through platforms like TikTok and Instagram.
These platforms are also exploited for fake giveaways, promising valuable prizes that never materialize.
Beyond deepfakes, AI is being used to create highly convincing fake websites that mimic legitimate financial institutions, government portals, e-commerce platforms, and other online services.
These meticulously crafted sites are designed to trick victims into divulging sensitive information, such as login credentials, bank details, and personal identification numbers, often leading to financial losses and identity theft.
Even phishing emails have become more sophisticated, with AI-powered tools enabling cybercriminals to craft highly personalized and deceptive messages that are difficult to distinguish from genuine correspondence. These emails often contain malicious links or attachments that, when clicked, can infect devices with malware or steal personal data.
Olga Svistunova, a Kaspersky security expert, emphasizes the evolving nature of these threats. “While the core mechanics of phishing and scams remain unchanged,” she explains, “attackers continuously refine their disguises. They exploit trending news and hype-driven topics, even combining branding from multiple companies on a single phishing page to maximize the effectiveness of their campaigns.”
“AI-driven tools enable them to create highly convincing fake websites, making fraud harder to detect. These evolving tactics pose an increasing risk—not only to financial security but also to personal identity protection. As a result, vigilance and the use of robust cybersecurity solutions have never been more crucial,” the Kaspersky security expert further stated.
The threat extends beyond phishing and fake websites. Spam emails have also evolved, now often containing fraudulent job offers, fake invoices, counterfeit official notices, and password-protected malware-laden attachments. This underscores the critical need for user awareness and vigilance in the face of ever-present cyber threats.
In light of this surge in cybercrime, Filipinos must take proactive steps to protect themselves. Experts recommend verifying senders before opening emails and clicking on links, carefully checking website URLs, being cautious of suspicious emails and messages, using reliable cybersecurity solutions, and staying informed about the latest cybersecurity threats.
By adopting these practices, Filipinos can significantly reduce their risk of falling victim to these increasingly sophisticated cyberattacks. For further cybersecurity tips, individuals are encouraged to visit the DICT and Bangko Sentral ng Pilipinas (BSP) websites.