The Market Monitor Minding the Nation's Business
Global cybersecurity firm Kaspersky has sounded the alarm on the growing number of financial phishing attacks, particularly those tied to cryptocurrency scams and targeting financial institutions—including thousands in the Philippines.
In a statement released Monday, Kaspersky disclosed that it blocked over 10.7 million financial phishing attempts around the world in 2024, reflecting an 83% jump from the previous year. In the Philippines alone, 38,370 of these attacks were directed at banks and financial institutions.
Scammers have become more sophisticated in luring victims, using fake banking websites, SMS phishing messages, and bogus investment platforms to trick users into revealing sensitive data. Kaspersky noted that the Philippines remains especially vulnerable due to low cybersecurity awareness and the increasing number of scam messages posing as legitimate communications from banks or government agencies.
The company explained that financial phishing now commonly takes the form of credential harvesting through counterfeit login pages, social engineering tactics involving deceptive messages that push users to verify their accounts or claim fake refunds, and impersonation of government services, especially during tax filing seasons or during the release of public assistance.
“Banks must view phishing as a strategic risk,” said Sam Yan, Kaspersky’s Head of Sales for Asia Emerging Countries. “It’s not just about blocking suspicious emails anymore. Institutions need to build cybersecurity awareness at every level and strengthen their digital infrastructure against deception.”
Yan added that while cybercriminals continue to adapt, Philippine institutions can stay ahead through proactive investments in cybersecurity technologies and by fostering a culture of digital vigilance.
To address these threats, Kaspersky urges financial institutions to keep all systems and software up to date, use strong and unique passwords while limiting remote access, regularly conduct phishing simulation exercises and staff training, and secure all endpoints and networks with reliable cybersecurity solutions.
Consumers, meanwhile, are advised to create strong and unique passwords for each online account, activate two-factor authentication whenever possible, avoid downloading unknown applications, and install security software such as Kaspersky Premium, which offers real-time protection against phishing, spam, and fraudulent websites.
With phishing scams evolving at a rapid pace, Kaspersky emphasized the need for both institutions and individuals to remain vigilant and informed in safeguarding their financial and digital assets.