Are Filipinos Aware of Cyber Attacks, and Is the Philippines’ Cybersecurity Ready to Defend?

In this year of 2025, the Philippines isn’t just about the growing digital life — it’s also facing countless cyber attacks. Early this year, a Philippine Coast Guard vessel reported a cyber intrusion on its government workstation, highlighting how even national security operations are vulnerable. Meanwhile, the military contractors also detected a sophisticated “fileless” malware framework that is linked to foreign threat actors and designed to silently spy and steal information.

Beyond government and defense, ransomware groups attack private sectors that paralyze operations until hefty ransoms are paid. With the alarming increase of cybercriminal groups, the law enforcement have traced to large scam hubs operating within Philippine borders — raising urgent questions about the nation’s overall readiness to defend against cybercrime.

Filipinos rank among the most targeted populations for scams and fraud worldwide. Surveys show that over 70% of Filipinos have received fraudulent texts, emails, or calls in recent months — higher than the global average. Everyday citizens face constant risks:

• Phishing scams disguised as package delivery updates, bank alerts, or government advisories.
  
• “Budol-budol” digital scams promising loans, prizes, or investments.
  
• Romance scams, where victims are manipulated into sending money to supposed “partners.”
  
• Fake online stores, promoted on social media, luring buyers with cheap gadgets or trendy items.
  
• Social media hijacking, where compromised accounts scam friends and relatives.
  

Scam warnings circulate widely on Facebook groups, Viber chats, and local news, showing that awareness is high. Yet surveys also reveal persistent risky habits: reusing weak passwords like birthdays or “123456,” failing to enable multi-factor authentication (MFA), oversharing personal details online, and clicking on urgent, suspicious links.

Why is this happening? Because cybercriminals are evolving faster than defenses. They now use Filipino slang in phishing texts, mimic local bank or delivery templates with uncanny accuracy, and even leverage AI to generate deepfake voices and videos. Awareness is rising — but scams are outpacing people’s ability to protect themselves.

The Filipinos know that cybercrime is a threat but if awareness is really high, why are attacks still rising?

Why are people and institutions still falling victim?

The answer lies in the country’s unique mix of rapid digital adoption, cultural habits, underdeveloped defenses, and increasingly resourceful cybercriminals — a gap between awareness and actual protection that leaves both individuals and institutions vulnerable. The Philippines is cyber-aware —- but not yet cyber-ready.

Cultural Factors Behind Cyber Vulnerability

The Filipinos are among the most active social media users in the world, spending hours each day on platforms like Facebook, TikTok, Instagram, and other social media platforms. With this connectivity has strengthened communities and fueled digital growth, it has also created fertile ground for cybercriminals. Fake promotions, bogus giveaways, and clickbait scams spread rapidly across social networks, often disguised as friendly recommendations or viral trends.

The cultural habit of the Filipinos like “bahala na” (come what may) attitude also plays a big role sometimes as it leads to a risky online behavior, such as clicking links without verifying the sources or sharing personal details too freely. Many users also rely on family and friends for cybersecurity advice instead of official channels, which can result in misinformation. Compounding the problem, cybercrimes often go unreported due to fear, shame, or lack of trust in authorities, creating a cycle where threats remain underestimated and unaddressed.

Rapid Digital Adoption Outpacing Security

The Philippines has seen explosive growth in digital services over the past decade. From mobile wallets like GCash and Maya to online shopping platforms such as Shopee and Lazada, millions of Filipinos now rely on digital transactions for daily life. Small and medium-sized enterprises (SMEs) have also moved online to expand their reach. However, this surge in digital adoption has not been matched with equal investments in cybersecurity.

Many Filipinos still use outdated smartphones, unlicensed software, or unsecured public Wi-Fi, making them easy prey for attackers. SMEs, on the other hand, often prioritize business expansion over cybersecurity, leaving their websites and payment systems vulnerable. The gap between digital growth and digital protection means that while more people are connected than ever, they are also more exposed to cyber risks.

The Skills Gap and Lack of Defenders

Another major challenge lies in the shortage of skilled cybersecurity professionals in the Philippines. With cyber threats growing in sophistication, demand for experts in areas such as network defense, incident response, and malware analysis has surged. Yet, the local workforce cannot keep up. Government agencies, banks, and private companies are all competing for a limited pool of talent, driving up costs and leaving many organizations unprotected.

Educational institutions are only beginning to catch up by offering specialized courses in cybersecurity, but the pipeline of graduates remains too small to meet demand. This lack of skilled defenders means that even when threats are identified, organizations often lack the manpower to respond effectively — creating a dangerous lag in protection.

The Increase of Resourceful Cybercriminals

Cybercriminals are no longer relying on simple email scams. In 2025, attacks have become highly targeted and sophisticated. Ransomware groups now cripple company networks, demanding millions in ransom to restore access. Phishing campaigns imitate local banks, telcos, and delivery services with uncanny accuracy, tricking even cautious users into revealing sensitive data.

Perhaps more alarming is the rise of scam hubs within the Philippines itself. These hubs, often linked to larger international networks, operate call centers and online schemes that defraud both local and foreign victims. Weak enforcement, corruption, and the difficulty of tracing online crimes allow these groups to thrive. As criminals become more resourceful, the gap between awareness and defense only widens.

Bridging Awareness and Defense

Awareness of cyber threats is not the problem — the action is. Filipinos are quick to share warnings on Facebook groups, Viber chats, and TV programs. But this informal awareness rarely translates into concrete defense measures. People may know that phishing exists, but still use the same password across multiple accounts. Businesses may understand ransomware risks but fail to invest in backups or cybersecurity training for staff.

Bridging the gap requires both education and infrastructure. Citizens need practical training on identifying scams, securing devices, and reporting incidents. Companies must adopt stricter cybersecurity policies, invest in monitoring tools, and build a culture of vigilance. Without these steps, awareness remains just talk — unable to prevent real-world consequences.

The Way Forward: Is the Philippines Ready?

The fight against cybercrime requires a united front. The Philippine government has taken steps by updating its cybersecurity strategies and investing in the National Computer Emergency Response Team (NCERT). However, enforcement remains inconsistent, and coordination between agencies can be slow. Private firms also need to treat cybersecurity as a business priority, not just an IT expense, by allocating proper budgets and training employees regularly.

On the individual level, Filipinos must take ownership of their online safety. Simple steps like enabling two-factor authentication, avoiding suspicious links, and keeping devices updated can make a huge difference. Ultimately, awareness must lead to action. The Philippines has the potential to strengthen its digital defenses — but only if the government, businesses, and citizens work together to turn awareness into readiness.

Awareness is Not Enough

Filipinos are among Asia’s most cyber-aware populations, yet in 2025, the country faces an escalating wave of cyberattacks that threaten not just individuals but also businesses and national security.

The paradox is simple: knowing is not the same as doing. Awareness has risen, but safe habits, consistent investments, and a deep talent pool are still lacking. This gap between knowing the risks and acting to prevent them is exactly where cybercriminals thrive.

Cybersecurity in the Philippines is no longer just about protecting social media accounts or online wallets. It is a national security, cultural, and economic issue. To truly defend the nation’s digital future, awareness must evolve into concrete action — stronger government policies, smarter business investments, and everyday vigilance from ordinary citizens.

The question is not just whether Filipinos are aware — but whether the Philippines is truly ready to defend.