Fraud with danger: The rise of cyber scams in Southeast Asia
The prevalence of cyber scams in the region presents challenges in responding to them while protecting ASEAN’s digital transformation, writes Lance Wu.
17 December 2024
Digital advancements in Southeast Asia have become a key strategic focus for ASEAN. Initiatives like the Digital Economy Framework Agreement (DEFA) seek to empower regional businesses and stakeholders to leverage digital technology to spur economic development through digital trade, cross-border e-commerce, and digital payments.
However, as the region becomes more integrated and hyper-connected via digital technology, nefarious individuals and criminal syndicates are exploiting this development through cyber scams.
According to the State of Southeast Asia 2024 Survey Report, the rise of global scam operations is the third-most concerning geopolitical trend for regional respondents. Thai respondents form the most concerned group (58.2 per cent), reflecting Thailand’s vulnerability as a gateway for individuals trafficked into scam operations in neighbouring Myanmar and Cambodia. Scams and monetary fraud are hardly novel crimes but the increasingly widespread reach of digital technology like smartphones and computers means that Southeast Asians have become more accessible targets.
For many, it is almost impossible to get through a month without receiving calls from unknown numbers or suspicious web links in messages. Common scams today include phishing scams, where scammers send emails or messages with malicious web links; e-commerce or fake investment scams, where victims are deceived into paying for fraudulent products and services; and job scams, where employment benefits seem (and often are) too good to be true.
Cyber scams have accelerated since 2020 with the onset of Covid-19. According to a 2023 policy report compiled by the United Nations Office on Drugs and Crime (UNODC) titled Casinos, Cyber Fraud, and Trafficking in Persons for Forced Criminality in Southeast Asia, the pandemic drove casinos in border regions and special economic zones (SEZs), run by either foreign or local crime syndicates, to offset revenue losses from high-rolling Chinese clients.
Crime syndicates in SEZs, especially the notorious Golden Triangle Special Economic Zone where Laos, Myanmar and Thailand meet at the Mekong and Ruak rivers, have reportedly been involved in illegal activities like narcotics, wildlife smuggling and cyber scam operations. Unstable political and economic environments exacerbate illicit activities along border regions like Kokang in Shan State, Myanmar, where syndicates collude with local authorities and the military due to a complicated history of splintering territorial control by syndicates and rebel groups. Scam syndicates run by the “four big families” in Kokang were overrun by the Brotherhood Alliance in October 2024.
Additionally, advancements in digital technology such as artificial intelligence (AI), blockchain technology, malware, and Virtual Asset Service Providers (VASPs) have accelerated criminals’ ability to scam victims and finance illegal operations under the radar. These tools and their new modus operandi allow cyber scams to evolve faster than law-enforcement agencies can adapt. For example, stablecoin cryptocurrencies and blockchain technology have facilitated underground banking and cross-border financial transfers through online gambling accounts. These advancements have resulted in a sprawling scam industrial complex, where fraud factories run large-scale and lucrative operations.
Scam operations are multidimensional and multi-modal, affecting individuals through different means. One of the most prevalent schemes is the use of manipulation to transfer exorbitant sums of money to love and impersonation scams, popularly known as “pig butchering”. Victims are first “fattened” by being convinced into spending money on fraudulent investment products before getting “butchered” when scammers cut off contact. Victims are then drained of their “invested” funds. The UNODC estimates that between US$7.5 billion and US$12.5 billion are lost yearly to scam industries in the Mekong region. UNODC analyses report that scammers have targeted Thai, Vietnamese, and Singaporean victims in recent years.
A grim dimension of these operations involves human trafficking. Individuals get lured in by fake job advertisements on social media. They become victims of human trafficking as they are forced to work in scam compounds disguised as legitimate businesses. Testimonies from freed captives recount torture if quotas are unmet and having to pay off loans through debt bondage. Victims are also subject to horrendous working and living conditions and even sexual exploitation.
Meanwhile, the rise of AI and deepfake technology has enabled a new wave of scams where victims are extorted using images or videos of them in “compromising” situations or enabling identity fraud through digitally manipulated images. In 2024, Singapore recorded the Asia-Pacific region’s largest spike in identity fraud, aided by advanced deepfake technology.
As cyber scams are transnational in nature and intersect with broader issues like human trafficking, they are difficult to eradicate. Overlapping legal or territorial jurisdictions and weak domestic regulations worsen the situation. In 2024, Interpol declared human trafficking activities by Southeast Asian cyber scam centres a global crisis, with the UN reporting over 100,000 people being trafficked into Cambodia’s scam industry in 2023 and over US$2 trillion in accumulated illegal capital.
ASEAN has responded by establishing the ASEAN Regional Computer Emergency Response Team (ASEAN Regional CERT) at the ASEAN Ministerial Conference on Cybersecurity on 16 October 2024. This initiative represents the region’s steadfast commitment to counter cyber scams. Backed by US$10 million committed by Singapore over the next decade, the ASEAN Regional CERT aims to develop partnerships with industry and academia, conduct cyber exercises, and exchange information to remain updated on cyber threats.
Despite this notable effort to formalise a centralised response team to tackle cybercrime, raiding fraud factories comes with unique challenges. Fraud factories are located within border regions or SEZs, often straddling vague territorial jurisdictions. For instance, SEZs in the Golden Triangle Special Economic Zone in Laos and KK Park in Myanmar’s Kayin State have become hubs of criminal activity controlled by armed groups.
Such crimes flourish within a weaker regulatory environment and limited law-enforcement presence where states may not have resources or clear mandates to infiltrate compounds to rescue victims or shut down illegal operations. To navigate these difficulties, bilateral exercises and operations, such as those between Thailand and Cambodia in mid-2024, can allow law enforcement in multiple countries to share intelligence and improve the possibility of successful raids.
National-level responses are equally important. Preventing potential victims from losing money to cyber scams or being taken advantage of by human trafficking syndicates should be prioritised. Promoting digital literacy through education is indispensable in this effort. Utilising the ASEAN Framework for Developing Digital Readiness Among ASEAN Citizens and Declaration on The Digital Transformation of Education Systems in ASEAN, national governments can provide basic digital education to prepare their citizens for impending digital transformations and develop their capability to identify and actively avoid cyber threats. Digital literacy tailored to the varying levels of digital education and readiness across Southeast Asia can reduce vulnerability and the likelihood of succumbing to scams.
ASEAN member states have implemented policies to respond to the severity of the threat, with Singapore’s 24/7 anti-scam hotline, Malaysia’s National Scam Response Centre, and Vietnam’s anti-scam mobile application as examples of targeted interventions. As the nature of cyber threats constantly evolves and is unlikely to disappear soon, Southeast Asia must remain agile and united in its efforts. Sustained investment in technological development, cross-border cooperation, and public awareness will be necessary to pull the plug on the debilitating scam industrial complex and safeguard the region’s push towards digitalisation.
Lance Wu is a Research Officer at the ASEAN Studies Centre, ISEAS – Yusof Ishak Institute.
This article originally appeared on the ISEAS–Yusof Ishak Institute's Fulcrum on 16 December 2024.
How can we help? Get in touch to discuss how we can help you engage with Asia
