CYBERSECURITY firm Resecurity has raised the alarm over a surge in near-field communication (NFC) fraud targeting the Philippine financial sector.
It warned that the country’s rapid adoption of contactless payments is being exploited by sophisticated Chinese cybercrime syndicates.
In a recent threat intelligence report, Resecurity said dark web activity linked to Chinese threat actors jumped nearly 230 percent in the second quarter of 2025 compared to a year earlier. The rise is tied to the growing use of mobile wallets and tap-and-go services such as GCash, Maya and BDO Pay.
Resecurity said attackers are leveraging host card emulation and underground tools like Z-NFC and Track2NFC to simulate transactions using stolen card data. These methods bypass traditional authentication and often go undetected. Some terminals, disguised as legitimate point-of-sale (POS) devices and equipped with eSims, reportedly process up to $80,000 a day in fraudulent payments.
Resecurity traced many of these activities to Chinese crime syndicates such as the “Smishing Triad,” which now operates through Crime-as-a-Service models.
Telegram bots like “Panda Shop” and “Hulk Vault” are used to distribute stolen credit card data, phishing kits and fraud tools. One underground shop alone listed over 7,700 compromised Philippine-issued cards for sale.
The firm also flagged growing links between foreign cybercriminals and local operators, who recruit “money mules” to set up fake businesses or deploy fraudulent POS systems in retail and food service outlets, allowing them to move stolen funds discreetly. Data from TransUnion pegged the country’s digital fraud rate at 13.4 percent in 2024 — 150 percent higher than the global average.
To curb the threat, Resecurity is calling for tighter merchant verification, enhanced behavioral analytics and greater threat intelligence sharing among regulators, banks and fintech providers.
It warned that the pace of innovation in NFC fraud is outstripping current defenses. With stronger policies and intelligence capabilities, the firm said, the Philippines risks undermining trust in digital finance and exposing its economy to further disruption. / KOC