A new report from INTERPOL has revealed a “dramatic increase” in cybercrime in Asia and the South Pacific, fueled by rapid digitalization, internet penetration, new technologies, organized criminal networks, and a disparity in cybersecurity maturity.
According to INTERPOL’s 2025/2026 Asia and South Pacific Cyberthreat Assessment Report, phishing has emerged as the most widespread and financially damaging form of cybercrime, with a third of countries in the region reporting more than 10,000 cases between January 2024 and March 2025. In all, over half of INTERPOL member countries have reported that cybercrime accounted for no less than 30% of all crimes recorded nationally.
“The findings in this report highlight a rapidly evolving cyber threat landscape across Asia and the South Pacific, where cybercriminals are leveraging artificial intelligence, ransomware-as-a-service models and sophisticated social engineering techniques on an industrial scale,” Neal Jetton, INTERPOL Cybercrime Director, said in a statement.
“As digital adoption accelerates across the region, strengthening operational cooperation, information sharing, and cyber resilience remains essential to protecting communities and critical infrastructure.”
The growing sophistication of cybercriminal tradecraft has led to a surge in ransomware attacks, as well as deepfake and artificial intelligence (AI)-driven scams that involve impersonating business executives to authorize fraudulent transactions. The region is estimated to have registered more than 135,000 ransomware-related attacks in 2024. A vast majority of the incidents impacted the real estate, manufacturing, and financial services sectors.
This has been complemented by the industrialization of cyber-enabled scams by transnational organized crime syndicates in countries like Cambodia, Laos, Myanmar, and the Philippines, who have set up extensive scam centers that make use of forced labor to carry out investment scams, preying on people across the world after building friendly or romantic relationships with them.
“Organized crime in Myanmar, Cambodia, and Laos used deepfakes in ‘romance baiting’ scams, blending AI personas and social engineering to fuel $37 billion in regional cybercrime losses,” INTERPOL said.
Some of the other regional trends captured by the report include the following –
- Banking trojans and information stealers materialized as the second most prevalent type of cybercrime, with malware families like RedLine, Lumma, LokiBot, Negasteal, and ZBot taking up the top spots.
- 5.5 out of every 1,000 individuals in the Asia and South Pacific region clicked on phishing links monthly, nearly double the global average of 2.9 per 1,000.
- Distributed denial-of-service (DDoS) attacks surged by 92% in 2024 compared to the previous year.
- System intrusions accounted for approximately 80% of all data breaches in 2024.
- Use of deepfake technology for sexual exploitation, blackmail, or coercion.
- Exploitation of misconfigured systems, weak encryption, insecure APIs, and insufficient monitoring to breach target networks.
- Ransomware groups weaponize companies’ regulatory obligations to intensify pressure during extortion attempts.
“In response, law enforcement organizations across the region – supported by INTERPOL – are scaling up joint efforts to combat cybercrime,” INTERPOL said. “These include the coordination of operations against cybercriminal infrastructure, collaborative investigations, specialized training initiatives, and the creation of policies to improve cyber resilience.”
