The Philippines remains a major target for web threats in 2024, according to Kaspersky’s latest report. Although the overall number of cyberattacks has decreased compared to the previous year, the country has climbed in global rankings.
From 4th in 2023, the country now ranks 3rd when it comes to countries most affected by internet-borne threats, highlighting the persistent vulnerability of Filipino users.
Yeo Siang Tiong, Kaspersky’s General Manager for Southeast Asia, said the Philippines’ rise in the global rankings, despite the drop in detected threats, shows that cybercriminals are becoming more sophisticated and relentless.
“This should serve as a wake-up call for businesses and individuals in the Philippines. Clearly, it’s time to strengthen their defenses and stay vigilant against evolving online threats,” Yeo further said. “Filipinos are known to be really active online so cybersecurity should no longer just an option but a necessity in today’s digital landscape.”
In 2024, Kaspersky Security Network detected 14,101,706 web threats targeting Filipino users, with 42.3 percent of users facing cyber risks. Despite the lower number of attacks compared to the previous year, the Philippines moved up to third place worldwide.
The top 5 countries most affected by web threats in 2024 were:
| Place | Country | Percent of users attacked by web borne threats |
| 1 | Belarus | 43.7% |
| 2 | Moldova | 43.2 % |
| 3 | Philippines | 42.3 % |
| 4 | Russia | 42.0 % |
| 5 | Ukraine | 42.0 % |
In comparison, Kaspersky recorded 26,164,698 web threats in 2023, impacting 48.0 percent of Filipino users. At the time, the Philippines ranked fourth globally, trailing behind Mongolia, Moldova, and Greece.
Web threats refer to cyberattacks that exploit vulnerabilities in web browsers, plugins, and online platforms to deliver malware and other harmful content to unsuspecting users. The most common methods cybercriminals use to penetrate systems include drive-by downloads and social engineering attacks.
Drive-by downloads occur when users visit compromised websites that automatically download malware without their knowledge or consent, while social engineering attacks take place when cybercriminals deceive users into downloading malicious files by disguising them as legitimate programs, often through phishing emails, fake websites, and misleading advertisements.
“The numbers of cyberthreats are fluctuating, not uniformly declining. Perceived decreases can stem from several factors, including improved detection and prevention technologies masking the actual threat volume, a shift in attacker tactics towards more sophisticated attacks, a focus on specific high-value targets and reducing the overall number of less impactful incidents reported publicly, as well as an increased investment in cybersecurity awareness training, leading to fewer successful phishing campaigns. These explanations suggest a complex picture, rather than a simple overall reduction in malicious cyber activity,” Yeo adds.
Kaspersky warned that the decline in total threats detected in 2024 may indicate improved cybersecurity measures among businesses and individuals, but the Philippines’ higher global ranking underscores the need for continuous efforts to strengthen cybersecurity defenses through comprehensive protection strategies.
To address these concerns, Kaspersky recommends the following measures using its industry-leading solutions:
For Individuals:
- Avoid downloading and installing applications from unverified or untrusted sources.
- Refrain from clicking on suspicious links or online advertisements that may lead to phishing or malware.
- Create strong, unique passwords that include uppercase and lowercase letters, numbers, and special characters.
- Enable two-factor authentication for added security.
- Regularly update all software and applications to patch vulnerabilities and prevent exploitation.
- Never disable security systems, even if prompted by messages or notifications.
- Use strong cybersecurity solutions that offer real-time protection against phishing, malware, and ransomware.
For Organizations:
- Ensure all software and systems are regularly updated to prevent attackers from exploiting vulnerabilities.
- Implement strong password policies and enable multi-factor authentication for remote access.
- Deploy solutions that provides behavior-based detection and anomaly control to detect and mitigate sophisticated threats.
- Leverage advanced cybersecurity tools for business to better detect, analyze, and respond to potential cyber threats.
Stay updated with the latest cybersecurity insights to strengthen security strategies and improve incident response efforts.
