Global cybersecurity firm Kaspersky warned that cyberthreats targeting Filipinos in 2025 are increasingly focused on tricking people rather than using traditional malware.
Sam Yan, the company’s head of sales for Asia emerging countries, said cybercriminals now rely more on convincing messages to gain access to accounts and devices, taking advantage of the country’s high level of internet connectivity.
Data from Kaspersky showed that 10.2 million internet-based threats were detected in the Philippines in 2025, ranking the country sixth worldwide for web-related risks. Meanwhile, 19.4 million on-device threats were recorded, placing the Philippines 67th globally in that category.
The Bangko Sentral ng Pilipinas (BSP) reported that human-focused attacks—such as account takeovers, identity theft, and social engineering—made up about 76 percent of cyber fraud losses in the country.
Kaspersky said Filipinos are facing a “dual threat,” where users are both deceived into giving up sensitive information and targeted through their devices at the same time, increasing overall risk.
To stay safe, the company advised users to verify requests for personal information, avoid clicking suspicious links, and instead visit official websites directly. It also recommended enabling multi-factor authentication (MFA) for added protection.
For businesses, Kaspersky stressed the importance of limiting employee access to sensitive data, enforcing MFA, and having a clear response plan in place to quickly handle cyber incidents.
