Only one in three Filipinos knows about cybersecurity or data privacy issues, according to the Philippine Statistics Authority’s 2024 National ICT Household Survey, even as six in ten Filipinos who use a phone, computer, or other device say they’ve already been hit by a cybersecurity incident.
The PSA report covers individuals aged 10 and above and breaks down both awareness levels and actual incident exposure across regions, age groups, and education levels nationwide. For Filipinos juggling GCash transfers, online banking, and social media on the same device, the gap between awareness and exposure is the headline number here: most people using these platforms have already run into some kind of cyber threat, but most still don’t fully understand what they’re up against.
Nationwide, 33.4 percent of individuals aged 10 and over – about 30.55 million out of 91.38 million Filipinos in that age bracket – said they were aware of cybersecurity or data privacy issues in 2024. Metro Manila led all regions at 53.6 percent awareness, followed by Central Visayas at 43.9 percent. BARMM trailed every other region at just 6.5 percent.
Awareness skewed slightly female (35.8 percent versus 31.1 percent for males) and was highest among 25- to 34-year-olds (42.6 percent), followed closely by 15- to 24-year-olds (41.6 percent) and 35- to 44-year-olds (41.2 percent). Filipinos 75 and older reported the lowest awareness at 11.3 percent. Urban residents were almost twice as likely to be aware (42.9 percent) as rural residents (22.7 percent), and college-educated Filipinos reported awareness at 62.6 percent – more than six times the 9.6 percent rate among those with primary education or less.
The exposure numbers tell a different story. Among the 38.86 million Filipinos aged 10 and over who actually use an ICT device, 62.5 percent – roughly 24.28 million people – experienced at least one cybersecurity incident in 2024. MIMAROPA posted the highest incident rate at 73.6 percent, followed by Bicol Region at 72.0 percent and Central Luzon at 67.0 percent. Zamboanga Peninsula had the lowest rate, at 35.7 percent.
Incidents hit hardest among device users aged 25 to 34 (68.0 percent), 35 to 44 (65.7 percent), and 55 to 64 (65.3 percent). Unlike awareness, incident rates barely differed between urban (62.7 percent) and rural (62.1 percent) device users – and education level didn’t protect people either: those with tertiary education had the highest incident rate of any group, at 68.0 percent.
SMS fraud was by far the most common type of incident, affecting 57.1 percent of the 24.28 million Filipinos who reported being victimized. Hacking followed at 7.8 percent, phishing at 6.1 percent, and cyberbullying or cyber libel at 1.1 percent. BARMM had the highest SMS fraud rate among victims at 87.7 percent, followed by Ilocos Region at 85.0 percent and Cagayan Valley at 78.5 percent. BARMM also led in phishing exposure at 17.3 percent.
Despite how widespread these incidents are, the PSA found that only 1.9 percent of victims reported the incident to authorities.
The PSA has not announced a release date for the next NICTHS cycle, but the 2024 results mark the third report in the series tracking cybersecurity and data privacy awareness nationwide.
