Global cybersecurity firm Kaspersky tallied a 28 percent decline in financial phishing attempts in the Philippines in the first half of this year, but warned of a rising threat from fake mobile apps that disguise themselves as legitimate tools to hijack devices, steal data, and drain funds from unsuspecting users.
In a statement on Monday, Kaspersky disclosed it recorded 59,115 attempts in the first half of 2025 compared to 82,565 attempts last year, underscoring that cybercriminal activity remains a persistent threat.
Kaspersky also observed ransomware activity remaining a serious concern across Southeast Asia, with slight declines in overall infection rates between the first half of 2024 and the same period in 2025.
In the Philippines, ransomware detections dropped marginally from 0.24 percent in the first half of 2024 to 0.22 percent in 2025, signaling what Kaspersky called “an ongoing but persistent threat activity.”
Despite the decline in phishing attempts, Kaspersky warned consumers against the rising threat of fake mobile apps. These malicious apps, often Trojan bankers, are designed to look and function like legitimate utilities such as mobile banking apps, government service portals, e-wallets, investment platforms, messaging tools, or even basic apps like flashlights. However, once installed, they silently run in the background, often without the user’s knowledge, and can intercept personal data, manipulate transactions, and enable remote access to both personal and financial information.
Trojan banker malware works by posing as real apps or overlaying fake login screens on top of genuine ones. In more advanced cases, attackers can inject malicious code that allows them to control infected devices and conduct unauthorized transactions undetected remotely.
In 2024, cybercriminals were increasingly targeting mobile platforms and cryptocurrency assets.
Kaspersky’s new Financial Cyberthreats Report showed the number of users encountering mobile banking Trojans rose by 3.6 times in 2024 compared to 2023, while crypto-related phishing detections climbed by 83.4 percent.
“Cybercriminals are constantly refining their tactics, and fake mobile apps have become one of the most effective tools in their arsenal,” Adrian Hia, Kaspersky managing director for Asia Pacific, said in a statement.
“These apps may seem legitimate, but once downloaded, they’re capable of stealing banking credentials, bypassing security checks, and causing serious financial damage,” Hia said
