Security and Operational Risks from Organized Cybercrime Operations Likely to Persist in Southeast Asia

Criminal groups typically promise lucrative job opportunities and attractive benefits in English and multiple regional languages to target victims of various nationalities but instead detain them in heavily fortified compounds. The abductees are then coerced into operating scams involving cryptocurrencies, online love and friendship, and quick-profit investment schemes. The majority of human trafficking victims originate from China, Indonesia, and Malaysia, though there are increasingly victims from other cities, such as Hong Kong, Singapore, and Taipei.  

Recent cases of abduction and trafficking in Cambodia and Thailand have raised concerns about the safety of foreign travelers. The UN estimates that in 2023, over 220,000 people remained forcibly employed in scam operations across Cambodia, Myanmar, and the Philippines. Criminal groups in the area often exploit Thailand's status as a major tourist destination and regional business hub to deceive victims into entering the country before moving them to border areas of Myanmar.

Following the 2021 Myanmar military coup, the Myanmar-Thailand border has become a major scam hub amid a security vacuum, weak governance, and a lack of rule of law. Areas like Myawaddy in Kayin State and Tachileik in Shan State have become safe havens for these illegal operations. Crackdowns have led to the relocation of some scam operations towards the Myanmar-Thailand border region. 

The Philippines has long faced challenges with Philippine Offshore Gaming Operators (POGOs), with many former POGO operations evolving to serve as fronts for cybercrime and scam activities. Hotspots for scam operations include parts of Metro Manila and the National Capital Region (NCR), Northern Luzon, Visayas, and Mindanao. Such operations are typically housed in abandoned malls, condominium buildings, and cheap rented offices to avoid detection. Criminal syndicates evade authorities by using multiple company names and owners, adopting smaller guerrilla-style setups, and bribing local officials for protection.

Scam centers are widespread in Cambodia, including the capital Phnom Penh, Sihanoukville, Preah Sihanouk, and Poipet, located along the Cambodia-Thai border. In Sihanoukville, casino operators have pivoted to establishing scam centers after the 2019 nationwide ban on online gambling and the COVID-19 pandemic, which prevented in-person gambling. Meanwhile, Laos has also seen a rise in similar activities, especially within the Golden Triangle Special Economic Zone (GTSEZ) and its border areas. In the GTSEZ, authorities continue to crack down on scam operations and human trafficking.

Even with crackdowns by regional powers like China and local efforts to dismantle cybercrime operations, deeply entrenched criminal networks, corruption in public service, and weak enforcement mechanisms will likely allow such activities to persist in the medium term. In some regions, these groups receive protection and operational support from armed factions, including military and paramilitary groups. Profits from such illicit operations are used to fund weapons and secure influence. In Cambodia and Myanmar, these criminal enterprises hold considerable influence in some remote and rural areas, where fear of violence and economic dependence often deter local communities from resisting or reporting illegal activities.

The overall threat of kidnapping by crime syndicates remains relatively low for most long-term expatriates and short-term business travelers to the region. Criminal enterprises are more likely to target locals, particularly those in vulnerable socioeconomic conditions. However, expatriates still remain at risk of widespread cyber scams and financial fraud.

For multinational corporations, the main threats from cyber scams include phishing, business email compromise (BEC), and ransomware attacks targeting corporate networks and sensitive data. These threats can lead to reputational and operational risks, including financial fraud, compromised intellectual property, or physical threats like intimidation.

To mitigate such risks, businesses with travelers or operations in locations with known organized cybercrime and human trafficking should implement robust security protocols, as well as comprehensive security training on recognizing, avoiding, and reporting scams.

Learn more about leveraging our industry-leading regional and subject matter experts for intelligence that helps your organization stay ahead of risks to your people and operations.