More than 23% of internet users in Vietnam encountered web-borne threats in 2025, which ranked the country 78th globally in terms of exposure, up two places from 80th the previous year, according to global cybersecurity and digital privacy company Kaspersky.
Web threats are cyberattacks that exploit vulnerabilities in browsers, plugins and online platforms to spread malware and other malicious content.
The most common techniques include drive-by downloads and social engineering schemes.
Drive-by downloads infect users automatically when they visit compromised websites without requiring any action on their part.
Social engineering relies on deception, tricking users into downloading malicious files disguised as legitimate applications, often through phishing emails, fake websites or misleading advertisements.
Across Southeast Asia, exposure to web-borne threats varies across markets. The Philippines recorded the highest rate, 32.9% of users, to rank sixth globally, followed by Malaysia at 26.7% (42nd).
Indonesia, Singapore and Thailand trailed Vietnam with exposure levels of 22.4%, 21.2 % and 20.3%.
Though Vietnam’s rate is comparatively lower than some regional peers, nearly one in four users was still affected, underscoring the continued need for strong web security practices.
Kaspersky also detected millions of web-borne threats across Southeast Asia in 2025.
Vietnam recorded the highest overall number in the six markets analysed, followed by Malaysia and Indonesia.
Thailand and the Philippines each reported more than 10 million incidents, while Singapore saw the lowest number in the region.
Differences in total detections reflect varying levels of digital activity and threat exposure across markets.
According to the latest report from the Kaspersky Security Network, 23.84 million web-borne threats targeting users in Vietnam were blocked last year, equivalent to more than 65,000 internet-based attacks per day on average.
But the threats have been on a consistent downward trend in recent years, including in 2025, suggesting gradual improvements in the country’s cybersecurity resilience, it said.
Simon Tung, Kaspersky’s general manager for Southeast Asia, said: “Vietnam has made measurable progress in strengthening its cybersecurity ecosystem, supported by clear national strategies and close collaboration between the public and private sectors.
“The downward trend in web-borne threat exposure observed in recent years suggests that these collective efforts are moving in the right direction.”
He noted that while overall exposure rates are improving, the threat landscape itself is evolving.
“Attackers are becoming more targeted and sophisticated, particularly through browser-borne exploits and highly convincing phishing campaigns. Cybercriminals are increasingly leveraging publicly available data and AI-driven tools to craft scams that blend seamlessly into legitimate digital experiences.
“This evolution means cybersecurity can no longer rely solely on reactive defences.
“Organisations and individuals must adopt behaviour-based detection, exploit prevention and real-time threat intelligence to identify suspicious activity even when no known malware signature exists. Strengthening national frameworks is important, but sustainable cyber resilience ultimately depends on continuous technological adaptation at the operational level.”
For individuals, Kaspersky recommended downloading applications only from trusted sources, keeping software regularly updated, and avoiding sharing personal information with strangers.
Users should also avoid clicking links from unknown sources or suspicious online advertisements, create strong and unique passwords combining upper- and lower-case letters, numbers and symbols, enable two-factor authentication, and use a reliable cybersecurity solution appropriate for their devices, it warned.
For businesses, it advised using strong passwords for corporate services and implementing multi-factor authentication, particularly for remote access.
Companies should ensure that all software is kept up to date to prevent attackers from exploiting vulnerabilities, it said.
Organisations are also encouraged to deploy solutions that monitor and mitigate security incidents in real time, access up-to-date threat intelligence to better understand the tactics, techniques and procedures used by threat actors, and train employees on cybersecurity best practices to reduce the risk of social engineering attacks, it added./.
