What happened
INTERPOL warned that cybercrime is rising sharply across Asia and the South Pacific, driven by rapid digitalization, wider internet adoption, new technologies, organized criminal networks, and uneven cybersecurity maturity across the region.
The findings come from INTERPOL’s 2025/2026 Asia and South Pacific Cyberthreat Assessment Report. According to the report, phishing has become the most widespread and financially damaging form of cybercrime in the region.
A third of countries in the region reported more than 10,000 phishing cases between January 2024 and March 2025. More than half of INTERPOL member countries also reported that cybercrime accounted for at least 30% of all crimes recorded nationally.
INTERPOL said cybercriminals are using artificial intelligence, ransomware-as-a-service models, and sophisticated social engineering techniques at industrial scale. The region recorded more than 135,000 ransomware-related attacks in 2024, with real estate, manufacturing, and financial services among the most affected sectors.
The report also highlighted the industrialization of cyber-enabled scams by transnational organized crime groups in countries such as Cambodia, Laos, Myanmar, and the Philippines. These operations use scam centers, forced labor, deepfakes, and social engineering to carry out investment and romance-baiting scams.
INTERPOL said organized crime groups in Myanmar, Cambodia, and Laos used deepfakes in romance-baiting scams that contributed to $37 billion in regional cybercrime losses.
Other major trends included banking trojans and information stealers, phishing link click rates nearly double the global average, a 92% surge in DDoS attacks in 2024, system intrusions accounting for about 80% of data breaches, and the use of deepfakes for sexual exploitation, blackmail, and coercion.
Who is affected
Organizations and individuals across Asia and the South Pacific are affected, particularly in countries experiencing high levels of phishing, ransomware, scams, DDoS attacks, system intrusions, and malware activity.
Businesses in real estate, manufacturing, and financial services are especially exposed to ransomware activity. Individuals are affected by phishing, romance-baiting scams, investment fraud, deepfake-enabled exploitation, and credential-stealing malware.
Governments, law enforcement agencies, critical infrastructure operators, and regional cybersecurity teams are also affected because INTERPOL’s report calls for stronger operational cooperation, information sharing, and cyber resilience across the region.
Why CISOs should care
The report shows that cybercrime in Asia-Pacific is becoming more organized, automated, and financially damaging. Phishing remains the dominant threat, but ransomware, information stealers, DDoS attacks, deepfakes, and AI-enabled scams are all rising in parallel.
For CISOs, the phishing data is especially important. The region’s phishing link click rate was nearly double the global average, which means employee awareness, email security, browser protection, and identity controls remain central to reducing compromise risk.
The ransomware and extortion trends also matter. INTERPOL warned that ransomware groups are weaponizing companies’ regulatory obligations to increase pressure during extortion attempts. Organizations need breach response plans that account for legal, regulatory, communications, and operational pressure, not just technical recovery.
The AI and deepfake angle adds another layer of risk. Criminal groups are using AI personas, deepfakes, and social engineering to impersonate executives, manipulate victims, authorize fraudulent transactions, and intensify scams at scale.
3 practical actions
- Strengthen phishing defenses across email, web, and identity systems: Phishing is the most widespread and financially damaging cybercrime in the region, with some countries reporting more than 10,000 cases. CISOs should combine phishing-resistant MFA, email filtering, browser isolation, user reporting, and rapid credential reset workflows.
- Prepare incident response for ransomware and regulatory pressure: The region recorded more than 135,000 ransomware-related attacks in 2024, and ransomware groups are using regulatory obligations to increase extortion pressure. Security teams should test ransomware playbooks that include legal, compliance, communications, backup recovery, and executive decision-making.
- Add deepfake and AI-scam scenarios to fraud controls: INTERPOL warned that criminals are using deepfakes and AI-driven social engineering in scams and executive impersonation. Organizations should require out-of-band verification for high-risk payments, executive requests, vendor changes, and sensitive data transfers.
John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.