Sri Lanka is witnessing an alarming rise in cybercrime in 2025, with over 5,400 incidents already reported this year. From social media hijackings and AI-driven scams to ransomware attacks targeting government bodies and banks, the threat landscape has grown more sophisticated. As digital crimes evolve from phishing to human trafficking networks, authorities urge the public to adopt strict online safety measures to protect personal data and national infrastructure.
Cybercrime in Sri Lanka is escalating at an unprecedented rate in 2025, with the Sri Lanka Computer Emergency Readiness Team (SLCERT) confirming more than 5,400 reported incidents to date. The sharp increase points to a dangerous trend of digital threats evolving in complexity, reach, and impact.
Social media remains the biggest vulnerability, with nearly 90% of all cybercrime cases linked to Facebook. Other popular platforms WhatsApp, Instagram, Snapchat, TikTok are also frequently exploited. Authorities have also recorded a troubling rise in the misuse of artificial intelligence (AI) to create deepfake content, design malware, and launch highly personalized phishing attacks.
Common complaints include malware infections, phishing scams, data breaches, and online financial fraud. With over seven million internet users in Sri Lanka and 90% of them active on social media, the population is a ripe target for scammers, hackers, and digital manipulators.
Recent months have seen a surge in fake profiles, account hijackings, and increasingly sophisticated WhatsApp scams. Cybercriminals are leveraging AI-generated phishing links, cloned login pages, and deepfake emergency messages to manipulate victims into giving up account access or financial information.
Government institutions have not been spared. Several key departments faced cyberattacks earlier this year, including the Department of Government Printing and the Sri Lanka Police, which faced service disruptions after unauthorized access.
In June, hackers took control of the SMS gateway of the National Water Supply and Drainage Board (NWSDB). Citizens received alarming ransom demands for Bitcoin payments via the board’s official shortcode, raising urgent concerns over cybersecurity preparedness in state institutions.
March witnessed one of the year’s most damaging incidents multiple banks fell victim to ransomware attacks, leading to a massive leak of 1.9 terabytes of confidential data. This included national ID scans, financial transaction histories, and internal employee documents.
Phishing and social engineering attacks targeting WhatsApp and Telegram users have also surged. Many victims have unknowingly handed over one-time passwords (OTPs) and personal details, which hackers used to hijack accounts and launch fraud schemes.
Beyond the digital sphere, cybercrime has morphed into a real-world threat. Authorities have uncovered human trafficking operations where Sri Lankans, lured abroad with fake job offers, are coerced into working in scam syndicates. These individuals are forced to run online fraud operations under duress, often using encrypted messaging platforms and cryptocurrency.
The Sri Lanka Police have flagged a marked increase in crime via social and messaging apps like Facebook, WhatsApp, Telegram, Skype, and WeChat. Investigations by the Criminal Investigation Department (CID) reveal two dominant strategies used in financial cyber fraud.
The first involves fake online jobs or investment schemes. Victims are enticed with fake profit dashboards and gradually pressured into sending larger amounts. Once trust is established, scammers vanish after demanding “additional processing fees” or taxes.
The second method involves collecting bank details under the pretense of remote job offers. These accounts are then used for laundering stolen or illicitly acquired funds.
Authorities urge the public to avoid clicking unfamiliar links, sharing banking information with unknown individuals, or transferring funds received from unverified sources. The CID warns that even helping someone transfer “emergency funds” could implicate victims in money laundering activities.
SLCERT emphasizes digital vigilance. Users should never share OTPs or passwords, even with familiar contacts, and always verify unusual requests. Enabling two-factor authentication and adjusting privacy settings on all social media platforms are strongly recommended.
As Sri Lanka moves deeper into the digital age, the need for public awareness, institutional cybersecurity, and legislative reforms to counter online threats has never been more urgent.
