It starts with an email. It looks like it’s from your boss, the CEO. The language is spot-on, the tone is exactly how they speak, and the signature is flawless. They’re asking for an urgent funds transfer. But here’s the catch… it’s not really them.
In 2025, AI-powered cyber threats will make scams like these more convincing than ever. Deepfakes, AI-generated phishing emails, and even malicious digital twins (AI-driven clones that mimic real people) will blur the line between reality and deception.
And yet, many Philippine businesses are still in the early stages of AI adoption, focusing on automation and efficiency without realizing the cybersecurity risks that come with it.
These risks became even more apparent during a recent cybersecurity briefing with Trend Micro Philippines, where we gained insights directly from key members of their executive team, including Ian Felipe (Country Manager), Raymond Almanon (Senior Threat Researcher), and Christina Tee-Bautista (Senior Presales Consultant).
During the discussion, they emphasized how AI-powered cybercrime will reshape security challenges in 2025 and beyond.
AI — Friend or Foe?
“Artificial intelligence is predicted to be a primary tool for cybercriminals,” warns Trend Micro’s 2025 predictions report.
And it makes sense.
AI doesn’t just help businesses. It also helps cybercriminals become faster, smarter, and harder to detect. The same machine learning that powers customer service chatbots can also create highly personalized phishing scams, and the same AI that writes marketing emails can generate scam messages indistinguishable from real communication.
The scariest part? AI attacks don’t even need hackers to be involved 24/7. With enough data, AI can run scams on autopilot — identifying targets, crafting messages, and responding in real-time.
So, if AI is both a game-changer and a security risk, how do businesses move forward safely?
“As generative AI makes its way ever deeper into enterprises and the societies they serve, we need to be alert to the threats. Hyper-personalized attacks and agent AI subversion will require industry-wide effort to root out and address,” warns Ian Felipe, Country Manager at Trend Micro Philippines.
His advice? Treat AI security as business security.
#1 — Know What AI is Doing in Your Business
Most businesses adopt AI without fully understanding how it works. A chatbot here, an AI-powered data tool there. But as Felipe puts it, “There’s no such thing as standalone cyber risk today. All security risk is ultimately business risk.”
The first step to AI security? Visibility.
What to do:
▪️Audit your AI tools — What data do they access? Who controls them? Can they be hijacked?
▪️Monitor AI behavior — Ensure AI-driven decisions aren’t leading to security gaps.
▪️Validate AI-generated content — Ensure AI can’t be manipulated into sending fake or misleading information.
Without oversight, AI can accidentally leak data, execute unauthorized actions, or be manipulated by cybercriminals.
#2 — Strengthen Cyber Defenses Before the Attacks Get Smarter
Remember when phishing emails were easy to spot? Bad grammar, weird fonts, generic greetings? Well, those days are over.
“AI enhances the scalability of cyberattacks, leading to more sophisticated phishing techniques,” notes Trend Micro’s security forecast. AI-generated phishing emails can now sound perfectly human — down to using the right slang, sentence structure, and even mimicking a specific person’s tone.
What to do:
▪️Use AI against AI — Adopt AI-powered cybersecurity tools to detect AI-driven threats.
▪️Deploy multi-layered security — Ensure your defenses cover cloud, network, and endpoints, where AI-powered attacks thrive.
▪️Train employees differently — Teach them to spot deepfakes and AI-generated phishing, not just old-school scams.
Traditional security solutions alone won’t be enough. In 2025, businesses will need AI-powered defenses to fight AI-driven attacks.
#3 — Expect Ransomware to Get Faster and More Devastating
Ransomware has been around for years, but AI is making it scarier than ever. According to Trend Micro’s 2025 predictions, cybercriminals are now using AI to automate attacks, personalize ransom demands, and bypass security measures.
“Vulnerable drivers, sometimes pre-installed or from other software, can be exploited by criminals,” explains a Trend Micro report on AI-powered cybercrime.
And it’s not just big corporations being targeted. The Philippine technology sector was one of the hardest-hit by ransomware last year, showing that cybercriminals don’t discriminate.
What to do:
▪️Move beyond traditional security — Adopt AI-driven extended detection and response (XDR) solutions.
▪️Prepare for faster attacks — Ransomware kill chains are now shorter and harder to detect, requiring businesses to respond within hours, not days.
▪️Backup data aggressively — The best defense against ransomware is ensuring criminals can’t hold your data hostage.
If your cybersecurity isn’t evolving, you’re just playing catch-up. AI-powered threats won’t wait for you to adapt.
#4 — Understand That AI Scams Are Now Personal
AI-powered cyberattacks are no longer generic. They’re hyper-personalized and dangerously convincing.
According to Trend Micro’s latest research, criminals are developing malicious digital twins. These are AI-generated versions of real people that use deepfake video and audio to impersonate employees, executives, or even family members.
AI is not only impersonating real people. It’s also fueling large-scale financial scams like “pig butchering.”
In these scams, criminals use AI to identify and groom vulnerable victims, often through fake online relationships. AI-generated personas chat with targets, build trust, and eventually manipulate them into fake investments or cryptocurrency frauds. By the time the victim realizes the truth, their money is gone.
What to do:
▪️Verify before trusting — Never authorize transactions or share sensitive data based on video/audio alone.
▪️Adopt voice and video authentication tools — Use multi-factor authentication (MFA) beyond biometrics.
▪️Educate employees about deepfake scams — Ensure they know AI can mimic real people with terrifying accuracy.
“Deepfakes and AI could be leveraged in large-scale, hyper-personalized attacks,” warns Trend Micro. Businesses must prepare now before deepfake scams become mainstream.
Smarter AI Needs Stronger Security—No Exceptions
AI isn’t the future. It’s already here. And businesses that adopt AI without securing it first are playing a dangerous game.
Philippine companies must stop seeing cybersecurity as just an IT concern.
It’s a business survival issue. Deepfake-powered fraud, AI-driven phishing, and ransomware on steroids are rapidly evolving threats that businesses must keep up with.
The question isn’t if AI-powered cybercrime will affect your business. It’s when.
