7 Fraud Trends in the APAC Region in 2024
Deepfakes, identity fraud, and APP fraud—what else is a threat to the APAC economy?
Deepfakes, identity fraud, and APP fraud—what else is a threat to the APAC economy?
The Asia-Pacific region is quickly turning into the most digitally advanced region in the world.According to Mordor Intelligence, the APAC e-commerce market size is estimated at USD 4.20 trillion in 2024, and is projected to reach USD 6.76 trillion by 2029, thanks to the region’s high number of mobile users and young population.
The high speed of digitalization in the region certainly has its benefits, but it doesn’t come without risk. This includes fraud.
According to Sumsub’s most recent Identity Fraud Report, Indonesia, Hong Kong, and Cambodia have more than doubled their identity fraud percentages between 2021 and 2023, indicating
a growing regional concern. Let’s discuss the fraud trends relevant to the APAC region, uncovering which countries are especially vulnerable to fraud—and which ones successfully fight it.
Fake IDs are counterfeit or falsified documents that misrepresent the identity of an individual. They’re often used for various illegal purposes, such as purchasing age-restricted products, financial fraud, identity theft, and much more. Fake IDs were among the top five fraud trends last year, according to Sumsub’s Identity Fraud Report.
Sumsub’s 2023 Fraud Report also revealed that, in 2023, Bangladesh and Pakistan had the highest fraud rates in the world, with fraud accounting for 5.44% and 4.59% of all verifications performed in each country, respectively. Vietnam saw a surge in identity fraud cases in 2022, reaching 9.94%, before significantly decreasing to 1.38% in 2023. At the same time, Singapore reduced its fraud cases in 2023, while Japan, Australia, and Thailand remained relatively stable, with percentages staying under the 2% over the years.
Reliable KYC, biometric authentication, document verification, behavioral analytics, and machine learning-driven fraud detection algorithms are the best tools in fighting identity fraud, including fake IDs. Document-free verification methods, such as Sumsub’s Non-Doc and GDV, can also significantly help here.
Suggested read: Document-Free Methods and Their Benefits
Suggested read: Identity Theft Explained: How Businesses Can Detect and Prevent It
As AI gets cheaper and more widely available, it’s being both for good and evil, including fraud.
Deepfake fraud involves the use of artificial intelligence and machine learning algorithms to create highly-realistic audio or video content with the intent to deceive or manipulate.
In the APAC region, the average increase in the number of deepfakes detected in 2023 was 1530%. It is worth noting that the majority of deepfake cases occurred in Vietnam (25.3%* of all deepfakes in the region) and Japan (23.4%*).
*% of fraud attempts among all verifications performed in the country
Japan is known for its use of deepfakes in the entertainment sector, which may enable fraudsters to exploit this technology in other fields. Vietnam, on the other hand, has a growing digital economy and large online population which makes the country attractive for fraudsters.
Among other APAC countries affected by deepfake fraud were Australia (9.2%), China (7.7%) and Bangladesh (5.1%).
Deepfakes are largely used in synthetic identity fraud, which involves the creation of fictitious identities using a combination of real and fabricated information. A criminal can use a valid Social Security Number combined with a fake address, thus creating a synthetic or “frankenstein” identity. This synthetic identity can then be used to open fraudulent accounts, secure loans, and commit other fraud. The emergence of AI generative models makes it even easier to create such fake-but-credible identities.
Ways to spot deepfake and synthetic identity fraud:
According to Sumsub’s 2023 Identity Fraud Report, money muling networks are one of the top-5 global fraud trends, and this trend is observed in Asia as well.
Money muling involves seemingly innocent individuals, known as money mules, who are recruited to transfer illegally obtained funds, disguising their origin.
According to Singapore Police data, 4,800 people were arrested or investigated for money muling in the country in 2020. In 2022, this figure increased two-fold. A study by the Singapore Police Force involving 113 money mules linked to scam cases reported between 2020 and 2022 found that about 45 per cent were 25 or younger.
Between January and June 2023, more than 4,700 people were arrested or investigated for being money mules in Singapore.
Customer Due Diligence (CDD) is the first remedy businesses should utilize to spot money mules. CDD verifies the customer and their documents, assigns a behavioral risk score, searches blocklists, and does adverse media screening.
An AI-powered anti-fraud solution with anomaly detection algorithms and behavior analysis would also be able to identify patterns indicative of money mule activities. Moreover, transaction monitoring, along with ongoing monitoring, can notice even slight changes in customer behavior and detect a money mule.
Check the following article to learn about the most frequent money muling red flags:
Suggested read: What’s Money Muling and How Does It Affect Businesses?
One of the frequent consequences of social engineering is Authorized Push Payment (APP) fraud, which is also a growing trend in APAC. APP fraud, also known as bank transfer fraud, occurs when individuals or businesses are tricked into authorizing a payment to an account that they believe belongs to a legitimate payee. The fraud typically involves social engineering tactics to deceive the victim into making the payment willingly.
Just recently, a finance worker in Hong Kong, employed by a multinational corporation, fell victim to APP fraud, where criminals utilized deepfake technology to impersonate their company’s Chief Financial Officer during a video conference call, resulting in a fraudulent payout of $25 million.
These tactics involve manipulating individuals psychologically to divulge confidential information or perform actions that may compromise security. Social engineering is largely employed by criminals to commit further crimes, such as phishing or payment fraud. Verizon’s Data Breach Investigations Report 2023 revealed that, in the Asia-Pacific region, social engineering, system intrusion, and web application attacks together accounted for 93% of breaches.
As India’s Central Bank advised, “inadequate customer awareness is a key contributory factor” that enables digital fraud. Thus, banking, fintech and e-commerce platforms should safeguard against such tactics to prevent unauthorized access and fraud. Initial steps should involve customer education, employee training, and the implementation of relevant security measures, such as multi-factor authentication and behavioral analytics.
Phishing is when fraudsters trick people into disclosing sensitive information, including login credentials, payment info, and sensitive personal data. To do this, fraudsters use malicious links, emails, or texts that appear to be legitimate—impersonating, for instance, a bank. This results in identity theft and account takeover.
According to Singapore’s Cyber Security Agency, phishing attempts targeting local businesses more than doubled in 2022, rising from 3,100 to 8,500 cases.
Payment fraud aims to exploit vulnerabilities in payment systems and compromise financial transactions. It can include credit card fraud, card testing, triangulation scams, online gaming scams, investment scams, and more, resulting in unauthorized transactions, purchases, or fund transfers. According to the recent BioCatch report, scams constitute 54% of all digital banking fraud in the APAC region.
According to the Reserve Bank of India,nearly half of the fraud committed involving Rs100,000 ($1,200) or more were classified as ‘card/internet’ frauds in 2022, up from just over one-third in 2020-21.
In the APAC region, remote access scams—when fraudsters connect to a victim’s computer remotely—accounted for 51% of victims targeted in investment scams.
Check the following article to learn the ways of fighting payment fraud:
Suggested read: What You Need to Know about Online Payment Fraud in 2024
According to Sumsub’s internal statistics, global account takeover incidents increased by 155% in 2023. This fraud trend affected Asia as well.
Account takeovers involve unauthorized access to user accounts, often achieved through the use of stolen login credentials. To do this, fraudsters exploit weaknesses in security measures.
To prevent account takeovers, organizations must implement sophisticated anti-fraud systems. These systems include ongoing scrutiny of user behavior, instant alerts, as well as biometric authentication and device intelligence.
The rise of the APAC digital economy is likely to lead to an increase in fraudster attacks. Furthermore, fraud schemes are getting more complex, often involving AI, and relying on a single countermeasure at the onboarding stage is no longer sufficient. Therefore, the following steps should be taken by companies to combat and prevent complex fraud schemes: