What’s even more alarming? The United Nations crowned Southeast Asia as “the ground zero for multi-billion-dollar global internet scamming“, a dubious honour that should have every business leader, compliance officer, and financial professional sitting up and paying attention.
The old playbooks aren’t working anymore, because the criminals have evolved faster than defences. They’re using sophisticated technology, exploiting regulatory gaps, and finding creative new ways to separate businesses and consumers from their money at an unprecedented scale.
This critical challenge on fraud trends in Asia Pacific took centre stage at a recent webinar, “Inside Asia Pacific’s Fraud Crisis and the Battle to Stop It”. Fintech News Network’s Chief Editor, Vincent Fong, led a compelling discussion with four leading fraud prevention experts.
The panel brought together Troy, Htwe Nyi Nyi, Senior Vice President and GM for APAC at SEON; Vincent Mok, Group Chief Risk Officer at GXS Bank; Arun Muraleedharan, Senior Vice President for Fraud Program Management at UOB; and Sateesh Reddy, Group CTO at Tonik.
The Never-Ending Cat and Mouse Game
Now, while the tactics for fraud haven’t fundamentally changed, the execution has become devastatingly more sophisticated.
“The majority of these scams remain intact. However, I think the way they manipulate and go around really depends on how banks have stepped up their safeguards.”
Vincent Mok, Group Chief Risk Officer at GXS Bank, points out that while government impersonation scams, love scams, and investment schemes remain the primary choices, fraudsters have become remarkably adaptive.
Fraudsters still prey on the same human vulnerabilities: greed, fear, and urgency, but the moment financial institutions update their controls, criminals pivot with alarming speed to find new workarounds.
It’s an exhausting cat-and-mouse game, and the mice seem to be racing faster to the finish line.
Another particular concern here is how fraud has now transformed from isolated incidents into coordinated, industrial-scale operations.
Troy, Htwe Nyi Nyi
“The criminals don’t wait for the onboarding anymore. They try to probe the parameter through device bombs, or maybe mule accounts, and also multiple account creation. “
He elaborates, saying that just like legitimate businesses, fraud rings now share resources, intelligence and attack strategies, creating coordinated networks that are far more dangerous than individual bad actors ever were.
According to SEON’s research, a staggering 85% of companies increased their fraud prevention budgets last year, yet 43% admit that fraud is growing faster than their ability to stop it.
The problem could be how the money is being deployed.
Troy explains that while many organisations are adding more verification layers and rules at the earlier stage, these are essentially stacking more guards at the door after the intruders have cased the building.
What’s needed is a strategy shift, catching fraudulent intent before criminals even reach the authentication stage. This approach has dual benefits: it blocks threats earlier while creating a smoother experience for legitimate users, reducing friction and operational costs in the process.
From Mule Accounts For Hourly Hire to Fraud-as-a-Service
Arun Muraleedharan, Senior Vice President for Fraud Program Management at UOB, observes that while the playbook for fraud hasn’t shifted much between 2024 and 2025, the scale of personalisation in these attacks has reached newfound levels.
Arun shared first how fraudsters now use AI to craft customised messages and generate real-time scripts tailored to individual victims during job scams, investment fraud, and the like.
In markets like India, for example, deepfake technology has become a common tool for impersonation schemes. It allows criminals to convincingly pose as trusted figures via fabricated audio and videos. He elaborates on the second emerging fraud trend:
Scammers are investing far more time in the grooming stage, up to weeks and even months to build trust with their victims before making a move. This extended cultivation period has two purposes: building deeper psychological manipulation while helping fraudulent transactions appear more legitimate to detection systems.
Think about it: when someone’s been in regular contact with a “romantic partner” or “investment advisor” for months, their eventual large transfer looks less like a scam and more like a normal relationship-based transaction.
Another trend he’s noticed is that the infrastructure supporting these scams has been equally sophisticated and commercialised. In SEA markets, particularly, mule accounts, legitimate-looking bank accounts used to launder fraud proceeds, are no longer being sold as one-time assets.
“Mule accounts are rented by the hour. There is a pre-warming effort sometimes done to make it look like a legitimate account, and then it’s sold. The final trend we see is that more and more proceedings are moving out through crypto, which evades detection and even freeze attempts.”
Interestingly, this AI-enabled scaling has created a bifurcated fraud landscape. While scammers invest months grooming high-value targets for massive losses, they’re simultaneously using automation to cast wider nets for smaller accounts.
The result is this: the average losses per victim may actually be declining as criminals pursue volume over individual payout size. But the total fraud problem continues to explode as they’re successfully targeting more people.
It’s now fraud-as-a-service, operating with the efficiency and scalability of a legitimate tech startup.
Now Anyone Can Commit Fraud
Sateesh Reddy, Group CTO at Tonik, pointed out one sobering reality. While banks have spent the last five years mitigating transactional fraud successfully, they’ve inadvertently created a new vulnerability at the onboarding stage.
Identity fraud has exploded as AI-powered tools have become so sophisticated and accessible. Pretty much anyone can turn a tiny video snippet into a convincing liveliness check that passes verification. Sateesh divulges,
“Anyone can create a ghost profile today, go into one of the LLMs and prompt a ghost profile, and it is there, and use that.”
The infrastructure to create these ghost profiles, complete with Optical Character Recognition-ready documents and fabricated biometrics, is now so cheap and-user friendly. It’s made fraud a low-barrier startup business.
The problem goes beyond the fact that these fake identities can fraud actors through the door. They look perfect on paper, too.
These fraud accounts undergo a “warming” period with small, normal-looking transactions that don’t trigger AML or fraud alerts. By the time the behaviour shifts and the real fraud begins, the account has established enough legitimacy that it’s harder to detect and stop.
Sateesh shares that recent cases have demonstrated the terrifying effectiveness of the approach, with deepfake videos of CEOs being used to authorise fraudulent fund transfers, bypassing multiple layers of verification.
To that end, Troy, Htwe Nyi Nyi, the Senior Vice President and GM for APAC at SEON, emphasises that deepfakes and synthetic identities exploit the same fundamental weakness: an over-reliance on static identity checks.
“What we are trying to do is decouple the fraud retention from document verification. So, instead of asking if the document is real or authentic, we try to assess the intent before the identity is even asserted, like using digital footprint maturity, device intelligence and behaviour signals at the signer stage.”
The question shouldn’t be “Is this document real?”, but rather “Does this pattern of behaviour leading up to this application suggest legitimate intent?” This interchange, Troy says, applies more friction towards a high-risk users, while customers can go through without friction, both at the same time.
Watch the full discussion and discover fraud trends in Asia Pacific and how leading financial institutions are using AI and behavioural signals to block sophisticated scams, while also getting a glimpse into how regulators are reshaping financial crime controls.
