In 2024, the Department of Information and Communications Technology (DICT) reported monitoring over two million cyber threats daily.

With this data, the Philippines is accelerating its digital transformation and stepping up efforts to combat the growing number of cybersecurity threats. The Cybercrime Investigation Coordinating Center (CICC) has been actively raising awareness about online scams to help the public protect themselves.

To help individuals safeguard their online data, Norman Ng, Google Asia Pacific’s Head of Trust and Safety Global Engagements, shares these essential tips:

1. Be cautious of emails

Cyberattacks often begin with seemingly harmless emails. Phishing scams, for example, use deceptive messages that direct users to fake websites and prompt them to update personal information.

Ng advises checking the sender’s email address carefully. If it looks unfamiliar, avoid opening it. For added caution, users can review the email's source information and search for the IP address following the line “Received: from.”

2. Check link destinations

Suspicious links are common tools for online scams, especially those mimicking legitimate websites. Clicking on unfamiliar links can lead to malware or phishing attempts.

To verify a link’s destination, Ng recommends copying and pasting the URL into a new browser window. For shortened links, tools like URL X-ray can reveal the actual website before clicking. Always ensure the website is secure by looking for “HTTPS” and a padlock icon in the address bar.

3. Avoid opening unverified attachments

Never open email attachments unless you are absolutely certain of their source. Malicious files often contain viruses that can compromise devices and networks.

Ng warns that file types like Word documents, PDFs, and .EXE files are particularly risky. Cybercriminals use these formats to distribute malware that can spread across systems through a single, unsuspecting employee.

4. Use two-factor authentication (2FA)

With large-scale data breaches becoming more frequent, passwords alone are no longer enough. Two-factor authentication adds an extra layer of security by requiring a secondary code, often sent to a mobile device.

Users are encouraged to enable 2FA wherever possible, particularly for sensitive accounts like email and banking apps.

5. Strengthen your passwords

Simple passwords are easy targets for cybercriminals. Ng advises using complex combinations of uppercase and lowercase letters, numbers, and symbols. Avoid using personal details like names or birthdays, and never reuse passwords across different accounts.

Password management tools like LastPass or 1Password can help generate and store strong passwords securely. Ng also stresses the importance of regularly updating passwords for critical accounts.

6. Exercise caution with cloud storage

While cloud services are convenient, they also present security risks. Ng reminds users that any information stored online could potentially be exposed in a data breach.

Additionally, ensure deleted files are removed from both cloud backups and local devices.

7. Avoid sharing sensitive data on public Wi-Fi

Public Wi-Fi networks, such as those in coffee shops, hotels, and airports, are notoriously vulnerable to cyberattacks. Hackers can intercept data transmitted over these unsecured connections, including login credentials and financial details.

Ng suggests using a virtual private network (VPN) when accessing sensitive accounts on public Wi-Fi. Alternatively, users can opt for a personal mobile hotspot to avoid relying on untrusted networks.

With these strategies, Filipinos can better protect themselves from cybercrime and navigate the digital world with greater confidence.