Cybercrime Epidemic Casts Shadow on ASEAN as Summit Looms

Scam centres in Southeast Asia have become a major concern for countries in North Asia, as well as Western states such as the US, Britain and Australia that are the usual targets of their criminal activities.

More than 60 South Koreans were repatriated from Phnom Penh last Saturday and many were arrested after returning to Seoul, so police can try to establish if they joined scam groups in Cambodia voluntarily or were forced to work there.

Cambodia was thrust into the global spotlight last week when US and UK officials seized bitcoin worth about $15 billion, plus multiple properties and imposed sanctions on 146 people and entities linked to one of the biggest groups allegedly running scam centres in the country.

ALSO SEE: US, Australia Sign $8.5bn Deal on Rare Earth, Gallium Projects

Cambodia is one of three epicentres of scamming in Southeast Asia, along with crime gangs based in southeast Myanmar, near its border with Thailand, and a special economic zone in northern Laos.

But the scale of the cybercrime problem has spread far and wide, allegedly replicating in parts of the Middle East, Africa and elsewhere, and the ugly nature of this business, involving human trafficking, a frightening level of fraud and violence, has begun to cast a dark shadow over ASEAN, just as Southeast Asia’s regional body is set to stage its annual summit in Malaysia this weekend.

South Korea sets up ‘rescue taskforce’

South Korean officials have responded in a far more vigorous way than other Asian states, largely because more than 300 of its citizens were reported as kidnapped or missing in Cambodia in the first eight months of this year, and an outcry over the death of a university student allegedly killed by criminals in the country seeking a ransom.

The death of Park Min-ho in August, who was reportedly lured by a friend to travel to Cambodia to provide his bank account to be used by a scam organisation, spurred public calls for stronger action to protect its citizens from scam centres abroad. Authorities in Cambodia said the 22-year-old university student suffered a cardiac arrest after being tortured and beaten.

Park Chan-dae, a South Korean lawmaker who helped rescue 16 South Koreans in August and September, told Reuters that criminal organisations were exploiting vulnerable people, aged in their 20s and 30s, who were desperate for work.

Family members of three of those 16 South Koreans reached out to Park’s office, pleading for help to rescue their loved ones, Park said.

“We were able to save them miraculously because they were brave, took risks and communicated with us, not done through some kind of system,” said the MP from the ruling Democratic Party, adding the victims secretly shared their location information with him.

South Korea has issued a “code-black” travel ban for parts of Cambodia over recent increases in cases of detention and “fraudulent employment”.

The government has also set up a taskforce to help nationals lured into working in scam compounds and secure the release of those held against their will.

Korean police said 59 people were accused of engaging in online fraud, such as romantic scams, fake investments or voice phishing, apparently targeting citizens in their homeland.

British and US officials have said the scam centres used fake job adverts to lure workers, who were then forced to commit online fraud under the threat of torture. Investigators also say police allegations need to be treated with caution because the bosses of scam groups have links to Cambodia’s most influential leaders.

Scam operations in Cambodia are estimated to have about 200,000 workers, including 1,000 South Koreans, according to estimates from South Korean officials.

The US and UK sanctions last week led to Korean banks freezing about $66.5 million (91 billion won) in Cambodian banks suspected to be proceeds of scam networks allegedly linked to the Prince Group, which has links to Thailand, Taiwan, Hong Kong, Singapore and Dubai, but has denied involvement in criminal activities.

It also led to a rare raid on a notorious compound on the Thai-Myanmar border, where dozens of Starlink internet receivers were found. Critics say it was likely staged for PR purposes, given those compounds are suspected to raise money for help army chiefs fund their war against resistance groups.

Cybercrime pact to be signed in Hanoi

Cybercrime will also be the focus of a convention in Vietnam this weekend. Representatives from dozens of states are due to fly into Hanoi to sign a cybercrime agreement negotiated by the United Nations’ Office on Drugs and Crime (UNODC).

The landmark cybercrime agreement aims to curb offences that cost the global economy trillions of dollars annually, despite criticism over human rights risks, according to Reuters.

The convention, which will come into force after it is ratified by 40 states, is an unprecedented move that the United Nations expects will make responses to cybercrime quicker and more effective.

Activists, major technology companies and the UN Commissioner for Human Rights have warned about possible abuses from its vague language on crime, with some saying it would facilitate rather than combat illegal activities.

The list of signatories has not been released, though the European Union and Canada are set to sign the pact, which they said included safeguards to protect human rights.

UN Secretary-General Antonio Guterres is scheduled to attend the signing ceremony on Saturday, but the State Department has yet to say if a US representative will attend.

Vietnam’s selection as host has drawn criticism due to its human rights record. In a report in August, the State Department cited “significant human rights issues” in Vietnam, including restrictions on online freedom of expression.

Human Rights Watch said at least 40 people have been arrested this year in Vietnam for alleged crimes such as online postings against the state. The one-party Communist nation expects to raise its profile by hosting the event and sees the pact as a tool to boost its cyber defences, local officials say.

‘Surveillance treaty’

The Cybersecurity Tech Accord, a coalition that includes Meta and Microsoft, has labelled the pact “a surveillance treaty” that facilitates the exchange of personal data among governments and risks “making it easier, not harder, for criminals to engage in cybercrime.”

The convention targets a broad spectrum of offences from phishing and ransomware to online trafficking and hate speech, the UN has said, citing estimates that cybercrime costs the global economy trillions of dollars each year.

The UNODC, which led the treaty talks, said the agreement includes provisions to protect human rights and allows states to reject cooperation requests that conflict with international law.

Activists and tech firms have also voiced concern that the treaty could criminalise ethical hackers who test systems for vulnerabilities, especially when their findings expose sensitive government flaws.

The UNODC said the convention “encourages” states to enable legitimate research activities.