Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa.

Forced-Labor Camps Fuel Billions of Dollars in Cyber Scams

Greater collaboration between financial and law enforcement officials is needed to dismantle cybercrime scam centers in Cambodia, Laos, and Myanmar, which rake in tens of billions of dollars annually — and affect victims worldwide.

6 Min Read
Woman's bound hands typing on a keyboard
Source: Arturs Budkevics via Alamy Stock Photo

Slammed by borders closures in 2020 due to the COVID-19 pandemic as well as by increased scrutiny by authorities, Chinese crime syndicates posing as investors shifted their operations from illicit gambling houses to online cybercrime fraud.

The strategy has proven to be phenomenally successful.

Four years later, the syndicates continue to take advantage of chaos and corruption in a number of Southeast Asian countries to steal billions of dollars from vulnerable victims worldwide through romance scams and other long-con cyber fraud, aka "pig butchering." Operating from cyber-scam centers in Cambodia, Laos, and Myanmar, the cybercriminals have a second set of victims as well: job seekers from China, India, the Philippines, and other countries in the region, lured with the promise of good-paying jobs at reputable firms, but instead, trapped in camps, forced to conduct the scams.

The cybercriminal operations have likely siphoned off more than $64 billion over the past three years, as governments have struggled to first recognize the problem and then find ways to fight the growth of the operations, Jason Tower, Burma country director at the US Institute of Peace, said in a recently published interview.

"You have these large — they look almost like penal colonies — but you have large numbers, hundreds of thousands of people, that are held inside of these compounds that are basically perpetrating quite sophisticated online scamming called pig butchering," he said. "This is a very new form of crime that the US is only becoming more aware of as a threat to US and regional security."

Nations affected by these cybercrime scams are only starting to get a handle on the scope of the organizations responsible for the attacks. Countries in the region affected by the human trafficking component of these organizations, however, recognized the trend much earlier. In 2022, for example, China, Indonesia, Pakistan, Thailand, and Vietnam issued warnings to their citizens about the compounds, and a coalition of 35 human-rights organizations called for the Cambodian government to shut down the camps, according to the Cambodian League for the Promotion and Defense of Human Rights (LICADHO).

While regional governments have condemned the enslavement of workers, the scam centers are finding protection from a variety of sources — such as militias in coup-ravaged Myanmar or corrupt officials in Cambodia — protection funded by the enormous profits reaped by the criminal organizations behind the scam centers.

Criminal Powerhouse

Estimates of the revenues of the cybercrime syndicates highlight not only how successful the regional groups have been, but how hard they likely will be to eradicate.

The US Institute for Peace estimates that in Cambodia alone, the revenue from cyber scamming tops $12.5 billion, or about half the country's gross domestic product (GDP). For the countries of the Mekong delta — which includes Cambodia, Laos, Myanmar, Thailand, and Vietnam — the annual revenue of the scam centers is estimated at nearly $44 billion, or about 40% of the of the combined GDP of Cambodia, Laos, and Myanmar, the USIP stated in a May report.

Consider this: If the cybercrime syndicates were a country, they would be the eighth largest in Southeast Asia, ahead of Cambodia and its nominal GDP of US $35 billion.

In a separate analysis, two researchers at the University of Texas at Austin — John Griffin, professor of finance for the university's McCombs School of Business, and Kevin Mei, a doctoral student — tracked the cryptocurrency flows of fraud linked to the criminal organizations in the region and found that more than $75 billion traveled through crypto exchanges over the past three years to end up in wallets linked to fraudsters.

Chart of money flows to scammers in Southeast Asia.

While there was a surge of activity in 2021, the cyber scam centers continue to rake in billions in revenues, Griffin tells Dark Reading.

"It is hard to tell if the activity is increasing or decreasing, but there is considerable 2024 activity," he says. "Through various conversations, we believe that the scammers remain very active and continue to find new methods [of transferring money]."

Police Enlist Help From Banks

Since 2020, the media has increasingly covered the scam centers in Southeast Asia as a human trafficking epidemic, yet worldwide, the problem of the lucrative cybercrime campaigns that financed the criminal syndicates has only slowly been recognized.

In Myanmar, for example, the government — brought to power through a military coup in February 2021 — has failed to stem corruption that has supported the cyber scam centers. In Cambodia, complicit officials and the propensity to cover up the problem have led officials to downplay the issue, while unscrupulous businesses have profited. The port city of Sihanoukville in Cambodia, for example, converted ailing casinos into guarded facilities housing cyber scammers, according to reports.

Yet, while the chaotic politics of the region have created significant challenges, signs of regional efforts are starting to bear fruit. Several investigations by China's law enforcement agencies have resulted in the rescue of 45,000 workers, the capture of several major criminal figures, and calls for the arrest of several leaders of the Myanmar military regime, according to an April 2024 USIP report.

In another success, the Singapore Police Force has worked with six banks to identify potential scam victims and alert them of the danger. The effort has prevented fraud in more than 3,000 cases, averting the loss of $100 million Singaporean dollars ($74 million) over a two-month operation in March and April 2024.

Underscoring the need for governments and financial institutions to cooperate on the problem, the Financial Services Information Sharing and Analysis Center (FS-ISAC) issued an advisory to members discussing the latest intelligence on the tactics and locations of the criminal groups, says Andy Chow, intelligence officer for the Asia Pacific region for the cybersecurity group.

"FS-ISAC continues to compile and share intelligence surrounding these scam compounds to ensure its member firms are up to date on the latest developments," he says, adding, "Financial institutions should lean into relationships with public institutions, such as law enforcement agencies, to identify potential scam victims and promptly alert them about ongoing scams."

Cleaning Up Crypto

Overall, the financial infrastructure has to make it more expensive for cyber scam centers to received stolen funds, and a great deal of that effort needs to be directed at cryptocurrency exchanges.

In their research, the University of Texas at Austin's Griffin and Mei discovered that a few large cryptocurrency exchanges accounted for the destinations of most of the money transfers. About $39 billion of the $75 billion landed in Binance accounts, while Huobi accounted for $14 billion and OKX accounted for $6 billion, suggesting that the cybercriminals scams are providing the platforms with both liquidity and profits.

Global regulators and law enforcement need to see the big picture and not just focus on the individual crimes, because the crypto companies that appear legitimate are acting as entry points for the illegitimate activities of these organizations, the two researchers argued in their paper.

"Our analysis suggests that tighter monitoring on the centralized exchanges could be much more effective," Griffin says.

About the Author(s)

Robert Lemos, Contributing Writer

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights