INTERPOL Warns of Industrialized Cybercrime Across Asia and the Pacific
Online scammers across Asia are no longer working alone with fake emails. Many now operate as organized enterprises, complete with call centers, custom malware, and artificial intelligence tools. INTERPOL released its 2025/2026 Asia and South Pacific Cyber Threat Assessment Report this week. The report warns that digital crime in the region is accelerating in scale, sophistication, and financial damage.
A Region Built for Cybercrime
The region’s digital economy is expanding rapidly, and that growth has made it an attractive target. Mobile payments, cloud services, remote work, and online banking have all outpaced the security defenses many companies and government agencies have in place. In less-prepared countries, criminals exploit these gaps for local targets. They also use them as a gateway into larger regional and international networks.
INTERPOL surveyed 18 countries across the region for the report, covering the period from January 2024 to March 2025. More than half of those countries reported that cybercrime now accounts for over 30 percent of all recorded crime nationally. A third of surveyed countries logged more than 10,000 online scam cases each.
Phishing Remains the Top Threat
INTERPOL identifies online scams and phishing as the most widespread cybercrime category in the region. These schemes increasingly rely on exploiting human trust rather than technical vulnerabilities. Criminals fake emails, messages, websites, phone calls, and business correspondence to pressure victims into transferring money or revealing sensitive data.
Inside the Scam Center Industry
The report singles out the scam center industry operating across Southeast Asia. In Cambodia, Lao PDR, Myanmar, and the Philippines, transnational criminal groups have built large-scale operations. Workers inside these centers are frequently coerced into participating. The report compares conditions there to forced labor. INTERPOL estimates these operations generate close to $40 billion annually. Common tactics include romance scams, fake investment schemes, and illegal online gambling.
AI Supercharges Fraud Operations
Artificial intelligence has noticeably amplified these operations. Between February and June 2024, discussions about deepfakes increased 600 percent on criminal forums and Telegram channels popular among Southeast Asian threat actors. Fake videos, voices, and images now let scammers convincingly impersonate company executives, public figures, or people known to the victim.
The report highlights a striking case from Hong Kong. An employee at a multinational firm transferred $25 million after a video call featuring deepfakes of company executives. A similar case unfolded in Singapore. There, a finance director very nearly lost more than $499,000 after a video call featuring deepfake impersonations of senior leadership, including the CEO and CFO.
Ransomware Remains a Top-Tier Threat
Ransomware continues to rank among the most damaging threats to business and government alike. The region recorded over 135,000 ransomware-related attacks in 2024. One especially significant incident struck Indonesia’s National Data Centre, disrupting more than 280 government services, including immigration and airport systems. Beyond simply encrypting files, attackers increasingly threaten to leak stolen data publicly. Some now also pressure victims by raising the risk of regulatory fines and legal exposure.
Banking Trojans and Infostealers Rank Second
INTERPOL ranks banking trojans and infostealer malware as the second most significant cybercrime category in the region, just behind phishing. The most prevalent malware families identified include RedLine, LummaC2, Loki, Negasteal, and ZBot. These tools steal passwords, banking card data, cryptocurrency wallets, browser information, and other personal data. Stolen information is then sold on underground marketplaces. Criminals use it to fuel account takeovers, financial fraud, extortion, and further attacks.
DDoS Attacks Surge
Denial-of-service attacks also grew sharply across the region. Their number rose 92 percent in 2024 compared to the previous year. Government websites were the primary target during the first half of the year, a pattern INTERPOL links to major elections held across the region. Financial institutions faced heavier pressure during the second half of the year.
A Faster, Harder-to-Predict Threat Landscape
INTERPOL describes regional cybercrime as becoming faster, more adaptable, and increasingly difficult to forecast. Criminals are leveraging AI, rentable malware-as-a-service tools, cryptocurrency, cloud infrastructure, and weaknesses in identity verification. Law enforcement agencies are responding by deepening international cooperation and launching public awareness campaigns. They are also adopting their own AI-driven tools. According to the report, 66.7 percent of surveyed agencies have already integrated such technology into their work.
Operation SECURE Shows Coordinated Response Is Possible
In February 2025, INTERPOL’s Operation SECURE brought together 26 countries from the region to target infostealer infrastructure. The operation led to arrests, server seizures, and the takedown of more than 20,000 malicious IP addresses and domains. Hundreds of thousands of potential victims received warnings as a result.
INTERPOL stresses that combating these criminal networks can no longer be the responsibility of a single country. Criminal networks operate across borders, so defense must rely on rapid information sharing, joint investigations, and constant readiness for emerging tactics.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
