Check Point Software Technologies Ltd. has released its Philippine Threat Landscape Report 2025, outlining a sharp rise in cyber risks across the country. The findings were first presented during the inaugural CXO Elite Club Philippines dinner, an invitation-only gathering of senior executives and industry decision makers.
Why it Matters: As more services move to mobile apps, cloud platforms, and digital payments, weaknesses in identity verification, messaging channels, and third-party systems can directly affect businesses and consumers nationwide.
The report points to a shift from isolated technical attacks to large-scale, organized cyber operations targeting the country’s mobile-first population. Data from Check Point Exposure Management Research indicates that increased cloud adoption and growing dependence on third-party vendors are expanding the attack surface faster than many organizations can secure it.
Phishing websites recorded a steep rise, increasing from 731 in 2024 to 3,824 in 2025, representing a 423 percent jump. Smishing or SMS based phishing has become the dominant method, with attackers reportedly using telecom-level manipulation to bypass mobile trust safeguards.
Ransomware incidents also increased, rising from nine recorded attacks in 2024 to 17 in 2025. The Qilin ransomware group was identified as one of the most aggressive actors, using cross-platform ransomware and double extortion tactics against sectors such as finance, retail, healthcare, manufacturing, food services, media, real estate, and business services.
Social media impersonation cases climbed 37 percent, from 940 to 1,291 incidents. Banks were cited as among the hardest hit, with attackers using AI-powered chatbots to scale investment scams and financial fraud. Source code leaks more than doubled from 38 to 81 cases, while third-party breach incidents rose from eight to 29, highlighting growing supply chain risks.
The report also noted that financial fraud and e-gaming schemes have evolved into organized, cross-border operations. Underground SIM markets and celebrity deepfakes are being used to make scams more convincing and scalable.
Among the sectors identified as high-value targets are government and public sector agencies, which face DDoS attacks and website defacements linked to political events and hacktivism. Financial services continue to experience account takeovers and credential harvesting. Critical infrastructure faces disruption, focused reconnaissance, and DDoS attempts, particularly during geopolitical tensions. Education platforms are often used as testing grounds by emerging threat actors due to lower cyber maturity.
Looking ahead to 2026, Check Point expects artificial intelligence to amplify existing fraud methods rather than replace them. The company projects an increase in NFC payment fraud as digital wallets and services such as Google Pay expand locally. Supply chain breaches are also expected to rise as more organizations adopt AI tools and cloud-based workflows. Deepfakes and misinformation campaigns are anticipated to increasingly target brands, executives, and political institutions.
According to Ritchelle Santos, Senior Cyber Threat Intelligence Analyst at Check Point Exposure Management Research, cyberattacks in the Philippines are increasingly defined by scale, automation, and deception. The report concludes that the country’s threat landscape now centers on phishing, identity abuse, external misconfigurations, and cloud-based exposures, requiring stronger defensive strategies across both public and private sectors.
With cyber threats growing in scale and automation, how prepared are Philippine organizations to secure their digital footprints beyond traditional network defenses?
