According to Charuka Damunupola, Chief Information Security Engineer of Sri Lanka CERT, a large proportion of the complaints involve fake social media accounts, hacked accounts, and financial fraud carried out through social media platforms.
He noted that complaints related to abusive or hateful content and sexually explicit harassment involving adults remain high. In addition, there has been a noticeable increase in general scams and the spread of misinformation affecting individuals and the wider public.
Sri Lanka CERT has observed that cybercriminals often deceive victims into revealing bank account details, OTP codes, passwords, and QR codes, which are then used for fraudulent activities. Criminals are increasingly exploiting the growing public reliance on digital platforms for communication, commerce, and financial transactions by using more sophisticated and deceptive techniques.
Vulnerable groups such as young people with limited awareness of online safety practices, elderly users, and first-time internet users are frequently targeted and are among the most affected by such scams.
Mr. Damunupola urged the public to remain vigilant online, avoid sharing personal or financial information over the internet, verify suspicious messages and links, and enable strong security measures such as two-factor authentication and secure passwords.
He also called on the public to immediately report cyber incidents to Sri Lanka CERT to enable quick response and mitigation.
Sri Lanka CERT, as the national authority for cyber incident response, continues to work closely with the police, law enforcement agencies, service providers, and other stakeholders to strengthen national cyber resilience, enhance public awareness, and improve digital security across the country.
