Cybercrime is taking up a larger share of police caseloads across parts of Asia and the South Pacific, and Interpol says the shift is no longer confined to specialist cyber units.
In a new assessment of 18 member countries, Interpol found that more than half said cybercrime now accounts for 30% of crimes recorded nationally. The report points to phishing, online scams, ransomware, DDoS attacks, infostealers, and AI-enabled impersonation as pressure points for organizations operating across APAC, especially in markets where cybersecurity maturity and law enforcement capacity vary widely.
Phishing, ransomware, and DDoS dominate cybercrime trends
Interpol’s 2025/2026 Asia and South Pacific Cyber Threat Assessment, published June 17, 2026, covers cybercrime trends from January 2024 to March 2025. The report draws on information from 18 member countries, private-sector partners, operational case studies, and emerging-threat analysis.
The 30% figure is not a regional crime average. It comes from survey responses, so country comparisons should account for different reporting standards and definitions of cybercrime.
Online scams and phishing were among the most prominent threats. Phishing remained a common entry point for fraud, account compromise, and follow-on attacks, including malware and infostealer campaigns that use familiar-looking services to lower suspicion.
Recent abuse of fake Claude Code install sites shows how attackers can make malicious delivery paths look legitimate.
The phishing data is especially relevant for cloud-heavy organizations. Across Asia and the South Pacific, 5.5 out of every 1,000 individuals clicked on a phishing link each month, roughly twice the global average. Cloud applications accounted for 28% of phishing clicks.
That overlaps with broader identity and app-security risks, including a recent flaw in Microsoft 365 Android apps that exposed tokens and could put enterprise accounts at risk.
Ransomware and DDoS activity also rose. Interpol said the region recorded more than 135,000 ransomware-related attacks in 2024, affecting sectors including real estate, manufacturing, and financial services. DDoS attacks increased 92% from the previous year, with government websites targeted early in 2024 and financial institutions facing more attacks later.
Between January and December 2024, more than 6.5 billion cyber threats were detected and mitigated across the region, according to Trend Micro data provided to Interpol’s Cyber Fusion Centre.
AI scams are moving faster than enforcement capacity
Interpol framed AI as an accelerant for existing cybercrime. Criminals are using generative tools to create more convincing phishing messages, fake identities, deepfake content, and social engineering campaigns.
Older awareness training built around obvious red flags is less reliable against polished, personalized lures. AI-powered scam operations across Australia and Southeast Asia show how fraud, malware, credential theft, and automation can converge in regional cybercrime.
Deepfake activity is one example. Interpol said discussions about deepfakes on cybercriminal forums and Southeast Asian Telegram channels rose 600% from February to June 2024. The report does not prove every criminal group is using deepfakes at scale, but it shows growing interest in tools that can support impersonation and business email compromise.
Law enforcement capacity is another weak point. Interpol said agencies across the region still face gaps in forensic tools, targeted cybercrime training, and technical capacity. Incident response timelines and escalation paths can vary by jurisdiction, especially when attacks cross borders or involve third-party providers.
Organizations should treat the report as a risk-planning signal, not just a crime-stat update: phishing tests should reflect AI-written lures, cloud access rules should account for account-takeover risk, and incident plans should name market-by-market escalation paths. Regional enforcement coordination will take longer; enterprise defenses do not need to wait.
Read more: A Microsoft Teams file access outage highlights the need for cloud outage plans.
