Cybercrime Orgs Increasingly Use Human Trafficking to Staff Scam Mills

Interpol breaks up Southeast Asian cybercrime rings, rescuing 149 victims of human trafficking, but the agency warns the human cost of cybercrime is mounting across the globe.

A group of trafficked people's hands grab on to metal bars
Source: agefotostock via Alamy Stock Photo

Interpol has announced Operation Storm Makers II, a coordinated effort among 27 individual Asian countries targeting cyber-fraud operations engaging in human trafficking to perpetuate their scams. But it appears that this kind of insidious operation is expanding to other parts of the world as well.

Victims are promised well-paying jobs across Southeast Asia, but are instead forced to "commit online fraud at an industrial scale, while enduring abject physical abuse," according to Interpol's announcement of the operation. These cybermills have been identified as staffing call centers for social engineering, running fake gaming sites, or working on cryptomining, among other things.

After a five-month investigation, law enforcement was able to arrest 281 as perpetrators, and rescue 149 victims of human trafficking, Interpol said. The information gathered through the busts also allowed law enforcement to open an additional 360 investigations, Interpol added.

Troublingly, cyber fraud fueled by human trafficking was once limited largely to Southeast Asia, but it is quickly growing beyond the region.

Human Cost of Cyber Scams Mounts

"The human cost of cyber-scam centers continues to rise," Rosemary Nalubega, assistant director for vulnerable communities at Interpol said in the statement about the operation. "While the majority of cases remain concentrated in Southeast Asia, Operation Storm Makers II offers further evidence that this modus operandi is spreading, with victims sourced from other continents and new scam centers appearing as far afield as Latin America."

Last August, the United Nations released a report on the growing issue in Southeast Asia, estimating that cybercrime operations were responsible for holding 120,000 human trafficking victims in Myanmar, 100,000 in Cambodia, and thousands more across Laos, the Philippines, and Thailand.

Beyond law enforcement, nonprofits are also calling on the cybersecurity community to help track down victims of human trafficking used to fuel cyber scams, wherever these insidious operations may be found around the world.

Calling Civil Cyber Defenders

Tiffany Rad, an attorney and cybersecurity expert, teamed up with Austin Shamblin, founder of the nonprofit Traverse Project, for a presentation at Black Hat USA 2023, aimed at appealing to infosec experts of all levels to pitch in to help protect the privacy and identity of those who are trying to track down human traffickers. It's a role they called "Civil Cyber Defenders."

Rad pointed out that members of a student-volunteer lab she runs at the University of California at Berkeley tracking human trafficking with the Traverse Project were recently the victim of a highly sophisticated Pegasus spyware attack.

"By utilizing academic resources, and OSINT skills and free/open-source tools, Civil Cyber Defenders are supporting vulnerable nonprofits, protecting volunteers, journalists, and activists, while defending human rights," they said in the Black Hat USA presentation on human cyber trafficking. "There is a need in the cybersecurity industry for more Civil Cyber Defenders."

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights