A sharp rise in phishing and mobile-based scams is reshaping the cyber threat landscape in the Philippines, as attackers move from small-scale operations to what researchers describe as industrialized fraud.
New data from Check Point Software Technologies Ltd. shows that phishing websites in the country jumped by 423% year-on-year, climbing from 731 in 2024 to 3,824 in 2025.
The findings are detailed in the company’s newly released Philippine Threat Landscape Report 2025, unveiled during the inaugural CXO Elite Club Philippines dinner attended by senior business and technology leaders.
The report paints a picture of a fast-expanding digital attack surface, driven by the country’s mobile-first population and the rapid adoption of cloud services. As organizations rely more on third-party vendors and digital platforms, researchers warn that cybercriminals are exploiting these gaps with greater speed and coordination.
Smishing becomes dominant threat
While phishing remains a core tactic, the data shows a decisive shift toward smishing, or SMS-based phishing, as the dominant attack vector. Criminal groups are now using telecom-level manipulation to bypass mobile trust barriers, making fraudulent messages appear legitimate to users.
Ransomware activity also surged, nearly doubling from nine recorded incidents in 2024 to 17 in 2025. The Qilin ransomware group emerged as the most aggressive actor, deploying cross-platform malware and double-extortion techniques against industries ranging from finance and retail to healthcare, manufacturing, and real estate.
Social media impersonation followed the same upward trend, rising 37% from 940 to 1,291 cases. Banks were identified as the hardest hit, with attackers using AI chatbots and fake executive profiles to push investment scams and scale financial deception.
Data exposure and supply-chain risks grow
Beyond direct fraud, the report points to accelerating data exposure risks. Leaked source code more than doubled from 38 to 81 incidents, while third-party breach cases climbed from eight to 29, underscoring the country’s growing vulnerability through supply-chain connections.
Check Point’s research suggests that fraud linked to finance and e-gaming has evolved into cross-border operations powered by underground SIM card markets and the use of celebrity deepfakes — marking a shift from isolated scams to structured ecosystems.
Key sectors under pressure include:
- Government and public sector, facing politically motivated DDoS attacks and defacements
- Financial services, exposed to account takeovers, brand impersonation, and credential theft
- Critical infrastructure, targeted during periods of geopolitical tension
- Education platforms, often used as testing grounds for new threat actors due to lower cyber maturity
AI to accelerate scams in 2026
Looking ahead, Check Point expects artificial intelligence to amplify existing fraud methods, making scams more convincing and faster to deploy rather than replacing current techniques.
NFC payment fraud is projected to increase alongside wider adoption of Google Pay and local e-wallets, while supply-chain breaches are expected to rise as organizations integrate AI tools and cloud services.
Deepfakes and disinformation are also forecast to become more prominent, targeting brands, corporate leaders, and political institutions.
The report concludes that the country’s threat environment is now defined by high-impact, high-visibility, and low-complexity attacks, centered on phishing, identity abuse, and cloud misconfigurations — requiring a rethink of how digital risks are managed.
“Cyberattacks in the Philippines are no longer defined by technical sophistication, but by scale, automation, and deception,” said Ritchelle Santos, senior cyber threat intelligence analyst at Check Point Exposure Management Research. “In an environment where identity, trust, and mobile channels are the new battleground, the safest organizations will be those that protect their digital footprints as carefully as their networks. Staying safe now means verifying everything — every message, every transaction, and every identity — every time.”
With scams becoming more automated and believable, the findings highlight a growing challenge for Philippine businesses and consumers alike: defending not just systems, but trust itself in an increasingly digital economy.
