Southeast Asia’s cyberfraud industry is outpacing law enforcement with new tools: the UN

Transnational criminal groups in Southeast Asia are integrating new tools such as artificial intelligence and deepfake technology to expand their cyber fraud capabilities, the United Nations Office on Drugs and Crime said Monday.

In a comprehensive report on the evolution of the region’s cyber-scam industry, the agency warned that despite increased media attention and high-profile enforcement actions over the past year, organized crime groups have shifted their operations where necessary and adapted to technological advances. Meanwhile, a ‘crime-as-a-service’ ecosystem has emerged to serve the needs of fraudsters in Southeast Asia.

“It is now becoming increasingly clear that a potentially irreversible shift and spillover has occurred in which organized crime (groups) are able to pick, choose and move values ​​and jurisdictions as needed, with the resulting situation rapidly expanding beyond the ability of governments to keep power in check. it,” the UN said.

The so-called scam complexes are typically found along the border areas of Cambodia, Myanmar and Laos and rely on a workforce of forced laborers who have been tricked into taking jobs abroad. While the Southeast Asian fraud industry is best known for running pig slaughter schemes – where victims are scammed on social media and tricked into sending money or making fraudulent investments – it is increasingly turning to other techniques and relying on marketplaces that sell services that facilitate cybercrime.

“This has meant that criminals no longer have to launder their own money, code malware or steal sensitive personal information to profile potential victims or access their own attacks. Instead, these important components can be purchased on underground markets and forums. and often at very accessible prices,” the UN said.

According to the authors, “strong evidence” shows that data markets are targeting Telegram and are explicitly targeting Southeast Asian criminal groups, supported by the explosion of information-stealing malware. The personal information provided may be used to circumvent ‘know your customer’ anti-money laundering controls and to conduct business email compromise (BEC) and impersonation.

Biometric data is also offered, which could be used for deepfake scams, which the agency says are becoming increasingly common in Asia.

Also concerning is the use of cryptocurrency ‘drainers’ and other sophisticated malware that can empty wallets without the need for the time-consuming social engineering associated with other scams.

“There are worrying indications that the malware-as-a-service model is being integrated into criminal operations in more vulnerable and remote parts of Southeast Asia, and in particular the Mekong region,” they wrote.

The researchers even found potential links between a cluster of banking Trojans, previously called GoldDigger and attributed by cybersecurity firm Group-IB to a threat actor called GoldFactory, and fraud operations in Southeast Asia.

“There is evidence that local criminals or victims of human trafficking for forced crime from Southeast Asian countries are also involved, as evidenced by cases of calls to victims from ‘customer service’ where operators are proficient in the native language used in the intended target group. country,” they said.

Earlier this year, the United States Institute of Peace estimated that scammer syndicates in the region rake in about $64 billion annually worldwide, though researchers admit knowing the full extent of the activities is challenging.

In their report on Monday, the UNODC estimated that in East and Southeast Asia alone, victims lost between $18 billion and $37 billion in 2023 due to cyber fraud.

More information.