The report from INTERPOL indicates that there has been a dramatic increase in Internet crimes in Asia and the South Pacific. This rise in cybercrime has been due to many factors including rapid digitalization, increased access to the internet, new technologies, the emergence of organized crime syndicates, and varying levels of maturity with respect to cyber security across various countries in these regions.
The statistics are staggering; over half of the countries that are members of INTERPOL report that cybercrime makes up at least 30 % of all crimes documented in that country. In some countries, the percentage of crimes accounted for by Cyber Crime is much higher.
Scams involving phishing have been found to be a significant source of cybercrime as approximately One third of all nations in the Asia and South Pacific regions had reported that they experienced over 10,000 separate instances of phishing activity from January 2024 through March 2025.
The regional cybercrime crisis is estimated to have generated $37 billion in losses.
The Phishing Epidemic
The Asia Pacific cybercrime surge INTERPOL report highlights phishing as the dominant threat. The region's phishing click rate is nearly double the global average: 5.5 out of every 1,000 individuals click on phishing links monthly, compared to 2.9 per 1,000 globally.
That means more people are falling for phishing attempts in Asia and the South Pacific than anywhere else in the world. Cybercriminals are taking advantage of the fast-paced digitization of the region and are targeting both individuals as well as organizations who continue developing their awareness of cybersecurity.
Phishing attacks can steal credentials and are also used to initiate ransomware attacks, commit data breaches, and carry out financial crimes.
Ransomware Attacks: A Total of 135,000 Attacks So Far in 2024
As of October 2020, there have been approximately 135,000 ransomware attacks around the world in 2024 (source INTERPOL). The number of ransomware Victims continues to increase and many are continuing to suffer from multiple ransomware attacks.
As the end of 2024 approaches it will be interesting to see which industries will continue to experience the largest volume of ransomware attacks throughout the year.
The three primary industries are:
1. Real Estate
2. Manufacturing
3. Financial Services
Attackers are using ransomware-as-a-service models to scale their operations. They do not need to develop their own malware. They rent it from professionals.
They also weaponize companies' regulatory obligations, intensifying pressure during extortion attempts by threatening to expose compliance failures.
The Industrialization of Scams
Scam operations are multiplying across the region as organized crime groups from the region establish large-scale scam centers in nations such as Cambodia, Laos, Myanmar, and the Philippines for the specific purpose of executing investment scams against people throughout the world using "romantic" relationships created through the use of fake online identities.
The INTERPOL report on the surge of cybercrime in the Asia Pacific region cites deepfake technology being used in "romance baiting" scams. Scam perpetrators utilize AI-generated personas combined with social engineering to perpetrate fraud against victims. The emotional manipulation associated with these scams increases the likelihood of successfully perpetrating fraud against victims.
The utilization of ‘deepfake’ technologies also enables sexual abuse, extortion, and compromising victims’ conditions through the combination of artificial intelligence and the exploitation of other individuals, thereby establishing an effectively completely unavoidable cycle of victimization.
Banking Trojans and Information Stealers
Information stealers and banking trojans are the most commonly used cybercrime methods and account for 2nd most common ransomware in this region.
The most common malware are:
1. RedLine
2. Lumma
3. LokiBot
4. Negasteal
5. ZBot
These types of malware are used to steal log-ins, banking info, and/or personal details from user’s computers. The most common delivery methods for stealing information involve phishing emails and downloading infected files onto devices. After being installed onto a user’s device, these malware programs can take information from that user for many months without any of the information being detected as it is being slowly exfiltrated.
92% Increase in DDoS Attacks
In 2024, DDoS attacks increased 92% from the previous year. Attackers utilize distributed denial of services (DDoS) as a method of disrupting business activities, extorting ransom from businesses or simply to create mayhem.
DDoS attacks are now easier to launch than they ever have been in history. They typically cost only a few dollars to rent the botnets used to launch these type of attacks. Because the barrier to entry is so low, even the most novice of cybercriminals can use DDoS attacks to take down websites or online/Internet based services.
System Intrusions and Data Breaches
System intrusions made up approximately 80% of total data breaches in 2024. Attackers are taking advantage of factors including:
1. Misconfiguration of systems
2. Poorly encrypted data
3. Unsecured APIs (application programming interfaces)
4. Lack of monitoring
Once attackers gain access to a network, they can move laterally, gain higher access levels within the network, and exfiltrate (steal) sensitive data. Networks are typically down for weeks to months before a breach is detected by defense mechanisms, giving the attacker enough time to accomplish the attacker's overall goals.
What Makes This Region Vulnerable
According to an INTERPOL report on the rise of cybercrime in the Asia Pacific region, there are several factors contributing to the rise in cybercrime in this region, including:
1. The rapid establishment of digital services throughout both organizations and individuals has exceeded the establishment of protective measures against the risks; therefore, the rate of growth is greater than the establishment of protective services.
2. As larger numbers of individuals become connected to the internet, individuals may represent more opportunities to be targeted for an attack.
3. With the introduction of new technology, including AI and deepfake technology, criminals have access to new ways to weaponize these technologies.
4. Criminal organizations have developed the means to conduct cybercrime with large-scale, organized criminal enterprises and the use of sophisticated and interconnected infrastructures that provide them with the ability to force or traffic individuals into their organizations.
5. Various nations have different levels of cybersecurity maturity; consequently, nations with lower levels will generally become targets of cybercrime at the expense of nations with higher levels of maturity for protection against attacks.
The Response
INTERPOL is scaling up joint efforts to combat cybercrime across the region. Initiatives include:
1. Establishment of a common strategy to develop and coordinate joint operations targeting the cybercriminal infrastructure;
2. Coordinating the conduct of joint investigations;
3. Implementing specific training initiatives; and
4. Developing Policies and Doctrine to support the promotion of cyber resilience.
Law enforcement organizations across the region are working together, but the challenge is immense. Cybercrime is borderless. Criminal networks operate across multiple countries, often with impunity.
The Bigger Picture
INTERPOL's report is a wake-up call. The Asia Pacific cybercrime surge INTERPOL describes is not slowing down. Phishing, ransomware, deepfake scams, and banking trojans continue to grow rapidly.
The increased digitalization within the region has enabled economic growth but has equally opened these same countries up to exploitation by cybercriminals. Many of the region's countries have large gaps between their maturity and that of other regions. As a result, cybercriminals can exploit this lack of maturity in a country to launch their attack on that country's economy.
What can organizations do?
1. Invest in cybersecurity training. The data shows that people are twice as likely as the average person to click on a phishing email in the region, meaning that education does work.
2. Implement multi-factor authentication to mitigate many credential-based attacks. Many credential-based attacks are stopped by requiring the use of two or more separate methods of verifying identity.
3. Monitor for common misconfigurations and misconfigured APIs, as these are the most frequently used points of entry for cybercriminals.
4. Develop incident response plans. Assume you will be breached.
5. Collaborate with law enforcement. Reporting attacks helps build intelligence.
The Bottom Line
The Asia Pacific cybercrime surge INTERPOL report reveals a region under siege. Cybercrime accounts for a significant portion of all crimes in more than half of member countries. Phishing, ransomware, deepfakes, and banking trojans are all on the rise.
$37 billion in losses is just a figure and, behind it, real victims of scams, business closures due to ransomware and identity theft will continue until there is a nationally organized, long-term strategy involving a coordinated response among law enforcement, other agencies, and the private sector. We're not going to be able to achieve this through technology alone; we need all three elements of an effective approach: people, processes and partnerships to succeed.
FAQ Section
What are the findings of the 2025/2026 INTERPOL Cybercrime Report for the Asia Pacific region?
The report demonstrates a significant surge in cybercrime throughout the Asia-Pacfic area, which has been precipitated by the growth of the digital economy, organized crime and uneven security maturity across the continent.
What is the estimated economic impact of cybercrime in Asia?
The estimated impact of cybercrime within the Asia Pacific Region is approximately $37 billion by INTERPOL due to losses resulting from cybercrime.
What is the most common type of cybercrime in Asia?
The most common form of cybercriminal activity within the Asia-Pacific Region is using phishing methods, which have a click-through rate that is almost twice the global rate for clicking through to phishing sites.
What was the total number of reports for ransomware in the 1st half of 2024?
There were in excess of 135,000 ransomware reported in the 1st half of 2024, the highest number of occurrences were in the real estate, manufacturing and financial services sectors.
How do organized crime networks contribute to increased levels of cybercrime?
Transnational organized crime networks in Cambodia, Laos, Myanmar and the Philippines operate large scale scam centres using forced labour and the use of deep fake technology as well as romance scams to defraud individuals worldwide.
How can organizations protect themselves from cybercrime?
Organizations should invest in security awareness training, implement multi-factor authentication, regularly monitor and review their network for misconfigurations, carry out incident response plan development and work closely with Law Enforcement Agencies.
