INTERPOL: Cybercrime Now Exceeds 30% of Recorded Crime Across Asia-Pacific

INTERPOL’s 2025/2026 Asia and South Pacific Cyberthreat Assessment Report has found that cybercrime now accounts for more than 30 per cent of all recorded crime in over half of the 18 member countries surveyed. Published on 18 June 2026, the report covers the period from January 2024 to March 2025 and attributes the dramatic increase to rapid digitalisation, new technologies, and the growing organisation of criminal networks operating across borders. Phishing and online scam techniques emerged as the most widespread and financially damaging form of cybercrime, with one-third of surveyed countries reporting more than 10,000 cases each.

AI is materially accelerating the threat landscape. Discussions about deepfakes on cybercriminal forums and Telegram channels popular among Southeast Asian threat actors increased by 600 per cent between February and June 2024. The region recorded more than 135,000 ransomware-related attacks in 2024, with DDoS attacks rising 92 per cent year-on-year. System intrusions accounted for approximately 80 per cent of all data breaches, with malware and ransomware present in the majority of cases. Scam networks operating across the region are estimated to generate close to USD 40 billion annually, according to Singaporean research cited in the report.

Neal Jetton, INTERPOL Cybercrime Director, noted that criminals are leveraging AI, ransomware-as-a-service models, and sophisticated social engineering techniques on an industrial scale. The report also highlights significant disparities in cybersecurity maturity across the region, with developing economies and small island states facing greater exposure due to limited forensic resources, specialised training, and technical capacity. INTERPOL called for a whole-of-society response involving law enforcement, governments, industry, and civil society to detect, disrupt, and deter cybercriminal activity across borders.

Identity Verification as a Frontline Control

The report’s findings on credential theft, phishing, and deepfake impersonation underline why identity verification has become a frontline control rather than a compliance formality across the Asia-Pacific region. When 80 per cent of data breaches begin with a system intrusion, and criminals are deploying synthetic identities at scale, onboarding and authentication controls need to detect manipulation before access is granted. Shufti’s AML screening and identity verification platform operates across 240+ countries, screening against 3,500+ watchlists in real time and integrating deepfake detection and liveness checks within a single verification flow.

Protect your organisation against APAC’s evolving cyber threats. Contact Shufti to learn how our identity verification and AML solutions build resilience into your compliance program.