Interpol has revealed the dark side of the digital economy.
Internet scammers in Asia no longer work as singles with fake emails, but as large criminal enterprises with call centers, malware and artificial intelligence. Interpol has issued a report on cyber threats in the Asia-South Pacific region for 2025/2026 and warned that digital crime there is rapidly growing in scale, complexity and damage.
The digital economy in the region is growing rapidly and makes it especially attractive to criminals. Mobile payments, cloud services, remote work and online banking have evolved faster than protecting many companies and agencies. In less trained countries, criminals find weaknesses not only for attacks on local targets, but also to reach larger regional and international networks.
The most massive threat Interpol calls online fraud and phishing. The survey involved 18 countries in the region, and more than half of them reported that cybercrime already accounted for more than 30 per cent of all reported crimes. At the same time, 33% of the countries surveyed recorded more than 10 000 cases of online fraud. Such schemes are increasingly being built not on technical vulnerabilities, but on people’s confidence. Criminals forge emails, messages, sites, calls, and business correspondence to force the victim to transfer money or disclose data.
Separately, INTERPOL highlights the industry of fraudulent centers in Southeast Asia. In Cambodia, Laos, Myanmar and the Philippines, transnational criminal groups have deployed major sites where people are often forced to work by force. It is estimated that such schemes bring almost $40 billion per year. Criminals use romantic scams, fake investment projects and illegal online casinos.
AI has significantly strengthened such operations. From February to June 2024, at criminal forums and in Telegram channels, popular among criminals from Southeast Asia, deepfakes began to discuss 7 times more often. Fake videos, voices and images help to impersonate scams as CEOs, public figures or familiar victims. The report provides an example from ГонконгаHong Kong, where an employee of an international company transferred $ 25 million after a video call with diplomats of executives. In Singapore, the financial director almost lost more than $499 000 after a similar call with fake top managers.
Encryptors remain one of the most dangerous threats to business and the state. In 2024, more than 135 000 attacks related to such programs were identified in the region. One of the most notable incidents occurred in Indonesia, where an attack on the National Data Center disrupted more than 280 government services, including immigration and airport systems. Criminals are increasingly not only encrypting files, but also threaten to publish data, and sometimes try to put pressure on companies through the risk of fines and claims of regulators.
The second most important type of cybercrime after phishing Interpol called bank Trojans and programs for data theft. Among the most common families in the region are RedLine, LummaC2, Loki, Negasteal and ZBot. Such malware steals passwords, bank card details, crypto wallets, browser information and other personal information. The stolen data is then sold on underground sites and used to capture accounts, financial fraud, extortion and new attacks.
The number of denial of service attacks is also growing. In 2024, their number in the region increased by 92% compared to the previous year. In the first half of the year, the main goals were government websites, which Interpol attributed to major elections in the region. In the second half of the year, financial organizations were under more intense pressure.
Interpol believes that cybercrime in the region is getting faster, more flexible and harder to predict. Criminals use AI, rented malicious services, cryptocurrencies, cloud infrastructure and weaknesses in identity verification. In response, law enforcement agencies are strengthening international cooperation, launching campaigns to prevent citizens and introducing their own AI-based tools. According to the report, 66.7% of the surveyed departments already use such technologies in their work.
In February 2025, the SECURE operation brought together 26 countries in the region against the infrastructure of data captors. As a result, there were detentions, server seizures, disconnected more than 20 000 malicious IP addresses and domains, and hundreds of thousands of potential victims received warnings. Interpol emphasizes that the fight against such groups can no longer remain the case of one country. Criminal networks operate across borders, which means that protection should also be based on the rapid exchange of data, joint investigations and constant readiness for new schemes.
Internet scammers in Asia no longer work as singles with fake emails, but as large criminal enterprises with call centers, malware and artificial intelligence. Interpol has issued a report on cyber threats in the Asia-South Pacific region for 2025/2026 and warned that digital crime there is rapidly growing in scale, complexity and damage.
The digital economy in the region is growing rapidly and makes it especially attractive to criminals. Mobile payments, cloud services, remote work and online banking have evolved faster than protecting many companies and agencies. In less trained countries, criminals find weaknesses not only for attacks on local targets, but also to reach larger regional and international networks.
The most massive threat Interpol calls online fraud and phishing. The survey involved 18 countries in the region, and more than half of them reported that cybercrime already accounted for more than 30 per cent of all reported crimes. At the same time, 33% of the countries surveyed recorded more than 10 000 cases of online fraud. Such schemes are increasingly being built not on technical vulnerabilities, but on people’s confidence. Criminals forge emails, messages, sites, calls, and business correspondence to force the victim to transfer money or disclose data.
Separately, INTERPOL highlights the industry of fraudulent centers in Southeast Asia. In Cambodia, Laos, Myanmar and the Philippines, transnational criminal groups have deployed major sites where people are often forced to work by force. It is estimated that such schemes bring almost $40 billion per year. Criminals use romantic scams, fake investment projects and illegal online casinos.
AI has significantly strengthened such operations. From February to June 2024, at criminal forums and in Telegram channels, popular among criminals from Southeast Asia, deepfakes began to discuss 7 times more often. Fake videos, voices and images help to impersonate scams as CEOs, public figures or familiar victims. The report provides an example from ГонконгаHong Kong, where an employee of an international company transferred $ 25 million after a video call with diplomats of executives. In Singapore, the financial director almost lost more than $499 000 after a similar call with fake top managers.
Encryptors remain one of the most dangerous threats to business and the state. In 2024, more than 135 000 attacks related to such programs were identified in the region. One of the most notable incidents occurred in Indonesia, where an attack on the National Data Center disrupted more than 280 government services, including immigration and airport systems. Criminals are increasingly not only encrypting files, but also threaten to publish data, and sometimes try to put pressure on companies through the risk of fines and claims of regulators.
The second most important type of cybercrime after phishing Interpol called bank Trojans and programs for data theft. Among the most common families in the region are RedLine, LummaC2, Loki, Negasteal and ZBot. Such malware steals passwords, bank card details, crypto wallets, browser information and other personal information. The stolen data is then sold on underground sites and used to capture accounts, financial fraud, extortion and new attacks.
The number of denial of service attacks is also growing. In 2024, their number in the region increased by 92% compared to the previous year. In the first half of the year, the main goals were government websites, which Interpol attributed to major elections in the region. In the second half of the year, financial organizations were under more intense pressure.
Interpol believes that cybercrime in the region is getting faster, more flexible and harder to predict. Criminals use AI, rented malicious services, cryptocurrencies, cloud infrastructure and weaknesses in identity verification. In response, law enforcement agencies are strengthening international cooperation, launching campaigns to prevent citizens and introducing their own AI-based tools. According to the report, 66.7% of the surveyed departments already use such technologies in their work.
In February 2025, the SECURE operation brought together 26 countries in the region against the infrastructure of data captors. As a result, there were detentions, server seizures, disconnected more than 20 000 malicious IP addresses and domains, and hundreds of thousands of potential victims received warnings. Interpol emphasizes that the fight against such groups can no longer remain the case of one country. Criminal networks operate across borders, which means that protection should also be based on the rapid exchange of data, joint investigations and constant readiness for new schemes.
