Interpol says cyber offenses make up 30% of crime in Asia and South Pacific

Interpol says cyber offenses account for more than 30% of recorded crime across the Asia and South Pacific region, with online scams, phishing and ransomware driving the rise.

The international police agency released its Asia and South Pacific Cyberthreat Assessment Report in June 2026. Interpol said criminal groups have exploited wider digital access, weak enforcement capacity and AI tools that help attackers write convincing messages, create deepfake media and run fraud campaigns at scale. Interpol’s cybercrime program has more background on its work at interpol.int.

The report gives banks, platforms, telecoms, cloud providers and public agencies a clear compliance message: treat fraud, phishing and ransomware as core operational risks. Security teams should review customer verification, payment approvals, phishing reporting, endpoint monitoring, incident response and third-party controls during 2026.

Scams and phishing lead the regional crime mix. Interpol said attackers have moved beyond broad email blasts and now use targeted spear phishing, business impersonation and social engineering. AI tools help lower-skill attackers produce cleaner language, fake images and more credible lures.

Scam compounds across Cambodia, Laos, Myanmar and the Philippines add a human trafficking dimension. Criminal networks recruit or traffic workers, confine them in compounds and force them to target victims through romance scams, investment fraud and account takeover schemes. Interpol cited Singaporean research that estimates the regional scam industry brings in close to $40 billion a year.

Deepfake cases show the payment-control risk. In February 2024, fraudsters tricked an employee at a multinational company in Hong Kong into authorizing a $25 million transfer after they used deepfake video to impersonate executives on a call. In March 2025, fraudsters used a similar video-call tactic in Singapore and persuaded a finance director to transfer more than $499 million.

Those cases give compliance teams a practical rule: staff should treat live video as one signal, not proof of authority. High-value payment requests need out-of-band confirmation, dual approval and call-back checks through trusted numbers. Finance teams should document those controls and test them with tabletop exercises.

Interpol ranked infostealers and banking trojans behind scams as the next major cybercrime categories across the region. Attackers use stolen browser credentials, session cookies and banking logins to drain accounts, open new fraud paths and prepare ransomware intrusions. A single infected home laptop can expose corporate cloud sessions if an employee reuses passwords or syncs work credentials in a personal browser.

Ransomware ranked close behind. Interpol called it a major regional threat and said attackers use double extortion against critical infrastructure, health care and large enterprises. The report cited more than 135,000 ransomware attacks in 2024 and said ransomware appeared in 51% of data breach cases.

Ransomware compliance now reaches beyond backups. Boards and security leaders should track recovery time objectives, restoration tests, privileged access reviews, encryption coverage, vendor incident duties and breach notice timelines. Health care providers, utilities and public agencies need playbooks that name decision-makers before an attack starts.

Capacity gaps create the enforcement problem. Many developing countries and small island states in the Pacific lack trained investigators, forensic tools and cybercrime units with enough staff. Criminal groups use that gap. They route infrastructure through weak jurisdictions, target victims across borders and move funds before police can collect evidence.

Neal Jetton, Interpol’s cybercrime director, said criminals use AI, ransomware-as-a-service and social engineering at industrial scale. He said countries need stronger operational cooperation, better information sharing and greater resilience as digital adoption grows across the region.

Several governments have started to respond. Hong Kong and South Korea have introduced cybersecurity legislation, while other jurisdictions have created national task forces, action plans and public awareness campaigns. Those steps help, but companies should not wait for police capacity to catch up.

Compliance teams should build a 90-day response plan around the threat categories in the report. First, map scam and phishing controls across customer onboarding, account recovery, payment changes and help-desk workflows. Second, require stronger verification for executive payment requests and vendor bank-account changes. Third, review endpoint detection coverage for infostealers, with attention to unmanaged devices and browser credential stores.

Organizations should also refresh ransomware plans before the end of 2026. Security leaders should test backups, restrict administrator rights, rotate exposed credentials, isolate critical systems and rehearse breach notifications. Legal and compliance teams should confirm who contacts regulators, law enforcement, insurers, payment partners and affected customers.

The report also puts pressure on technology vendors. Messaging apps, social platforms, telecoms and cloud providers hold data that can expose scam infrastructure. Those companies should shorten abuse response times, preserve evidence in fraud cases and share indicators with law enforcement through formal channels.

Interpol’s June 2026 assessment frames cybercrime as a mainstream crime problem across Asia and the South Pacific. Regulators and police will push for more reporting, stronger identity checks and faster cooperation. Companies that handle payments, identities or critical services should adjust controls now, because the report shows attackers have already changed their methods.