“The findings in this report highlight a rapidly evolving cyber threat landscape across Asia and the South Pacific, where cybercriminals are leveraging artificial intelligence, ransomware-as-a-service models, and sophisticated social engineering techniques on an industrial scale.” —Neal Jetton, cybercrime director at Interpol
Interpol’s ASP Cyberthreat Assessment Report — cybercrime at more than 30%
Interpol’s latest ASP Cyberthreat Assessment Report finds that cybercrime now accounts for more than 30 percent of all recorded offenses across the Asia and South Pacific (ASP) region. The organisation describes a “dramatic increase” in recorded cybercrimes driven by faster digital adoption, new technologies and increasingly organised criminal networks. Data covering 2024–2025 shows phishing and online scams dominate the regional threat picture, with campaigns shifting from mass, indiscriminate email blasts to more targeted and convincing techniques.
Organised scam compounds in Cambodia, Laos, Myanmar and the Philippines
The report highlights an entrenched problem with organised scamming gangs operating large camps across parts of Southeast Asia. A United Nations report published last year described these scam call centres as an epidemic “metastasizing across the region ‘like a cancer.’” Interpol notes that compounds can be found in countries such as Cambodia, Laos, Myanmar and the Philippines, and that vulnerable people are often trafficked into these centres to work under poor conditions or effectively as slaves. Singaporean research cited by Interpol estimates the regional scam industry generates close to $40 billion each year.
Deepfakes and AI-assisted social engineering: real-world, high-value fraud
Interpol’s assessment documents how AI tools and deepfake imagery have been used in high-value fraud. In 2024, scam compounds were using deepfake imagery to support romance scams, and in February 2024 an employee at a multinational business in Hong Kong authorised a $25 million payment after fraudsters deepfaked faces of company executives on a video call. In March 2025 a finance director at a different multinational in Singapore was tricked into transferring more than $499 million following a Zoom call in which fraudsters assumed the identities of company chiefs including the CEO and CFO. The report says the growing use of AI enables even low-skilled actors to add a layer of authenticity to scams, while spear-phishing and more tailored social engineering are replacing the older “spray-and-pray” mass-email model.
Capacity constraints in developing countries and small Pacific island states
Interpol warns that many law enforcement agencies in the region are struggling to keep pace with the rise in cybercrime. The problem is particularly acute in developing countries and small island states in the Pacific, which face “significant resource and capacity constraints” and are therefore more vulnerable to being targeted and to criminals evading consequences. The report frames these shortfalls as a regional problem: as cyber threats scale up, they are “evolving into large-scale challenges for multiple jurisdictions,” rather than isolated incidents.
What this means for technologists, policymakers, and affected enterprises
- Technologists and security teams: expect phishing and AI-enabled authenticity tools to remain primary vectors. Interpol’s emphasis on spear-phishing and AI suggests defenders will need more advanced detection and verification controls tuned to socially engineered, multimedia-led fraud.
- Policymakers and regulators: some jurisdictions have introduced new legal and institutional measures. Interpol praises Hong Kong and the Republic of Korea for introducing new cybersecurity legislation, and notes others have created national task forces, action plans and awareness campaigns — a partial response that the report says needs broader operational cooperation and information sharing.
- Affected enterprises and procurement leaders: the documented $25 million and $499 million cases underscore that deepfake-enabled identity fraud can cause catastrophic financial loss even at large organisations; procurement and finance controls, identity verification on calls and supplier/payment authorisation processes are in the spotlight.
Interpol concludes that, as digital adoption accelerates across the ASP region, strengthening operational cooperation, information sharing, and cyber resilience remains essential to protecting communities and critical infrastructure. The facts in the report — the scale of organised scam camps, the near-$40 billion estimate of the scam industry, and multi-hundred-million-dollar single incidents — make clear that the problem is no longer marginal: it is industrial in scope and transnational in effect.
