• All Articles

Forced cybercrime and trafficking in South East Asia

By Maria_Serra

September 5, 2023

09 Forced Cybercrime and Trafficking in South East Asia

According to the latest United Nations Report online scam violations in South Asia, billions of dollars are being generated each year by gangs who coerce victims into committing cyber crimes globally! According to the report, hundreds of thousands of people in Asia have been trafficked and forced to work for online scamming operations across South East Asia. Most of these victims are migrants in vulnerable situations who face a range of human rights risks, however some countries' nationals are also being targeted. These online scam operations are mainly rooted in the rise of online casinos and gambling pages in the South East Asian region during the Covid pandemic. Such pages are officially banned to varying extents in China, Cambodia, Thailand and Lao PDR, creating the right out of the law environment for cybercriminals to exploit victims using cryptocurrency fraud, illegal gambling and other online scam violations. To help you protect your online business and end users from these dangerous cybercriminal malvertising scams in South Asia, from AdSecure we bring you the top malvertising trends perpetuated by cyber criminals in South Asia in Q1 2023:

Forcibly recruiting victims to become cybercriminals in South East Asia

The main focus by cybercriminal gangs is to exploit online businesses and e-commerce platforms across the world by using cryptocurrencies and online gambling scams, which is why criminal gangs have targeted multilingual individuals across South East Asia, as online casinos have become more popular globally, since the pandemic. While many of the victims were from South East Asia, the UN estimated that about 120,000 victims are in Myanmar and 100,000 in Cambodia, while tens of thousands more people are being forced to work in Laos, the Philippines and Thailand. The report’s author, Pia Oberoi, UN Senior Adviser on Migration and Human Rights for the Asia Pacific region, informs that victims from Southern Asia, Africa and Latin America are also involved.

To make things more complicated, many of the centers in which these targeted victims are forced into online criminal activity, are physically located in jurisdictions where governance and the rule of law are weak, and authority is contested. As mentioned above, individuals are forced or coerced to perpetrate online malvertising threats using a range of platforms including fake gambling websites and cryptocurrency investment platforms, as well as romantic and financial scams (also called “pig-butchering”), where fake romantic relationships or friendships are used to defraud online users of significant amounts of money. The scams are often highly sophisticated, with fake websites built to showcase fraudulent data in order to convince the target that there are significant profits to be made. People who are targeted can also receive small amounts of money to convince them of the legitimacy of the platform.

Now, let’s look into the sort of online malvertising threats detected in South Asia, according to the AdSecure Violation Report South Asia in Q1 2023.

Top 10 online malvertising threats detected in South Asia in Q1 2023

According to the AdSecure Violation Report South Asia in Q1 2023, the following were the top 10 online malvertising threats detected in South Asia in Q1 2023, across all categories:

Copy of Forced Cybercrime and Trafficking in South East Asia 1

As we can see, Ssl-non-compliant is on top, followed by Threat Intelligence. User Experience violations are the most popular, followed by User Advisory and then User Security - Let’s look at what has been going on within each category:

27.60% of scans in South Asia detected User Security Violations: The User Security category covers violations that harm the end user’s safety. The most used User Security violations detected in South Asia in Q1 2023 were Ssl-non-compliant and Malicious URLs with 22.40% and 5.2% respectively of the total top 10 violations.

Insight: Ssl-non-compliant violations are malicious ads that contain at least one unsecured element in their chain of resources, whether it is an unsafe link lacking encryption, no https, mixed content, a ssl version, or a cipher mismatch. This critical violation could cause the end user’s security being compromised, as well as being blocked by Google and flagged as insecure, which directly affects the reputation of the hosting website. The second violation detected within the category is Malicious URL, which are compromised urls used to direct users to dangerous and or non-compliant sites to steal their personal and sensitive information such as bank details and logins, or even trick them into downloading dangerous software. This can once again lead to serious consequences for the end user’s safety.

30.5% of scans in South Asia detected User Experience Violations: The User Experience category covers non-critical violations that can provide a poor user experience, driving them away from websites over time, if left unresolved. The following are the top 4 User Experience Violations detected in South Asia in Q1 2023:

Top 1: Back-button-hijack
Top 2: Javascript-dialog
Top 3: Landing-page-error
Top 4: Auto-redirect

User Experience violations affect end users with malicious and annoying activity within the ad campaigns they interact with. For instance, cybercriminals use hijacking back buttons to direct users to a different page when the back button is clicked. They want end users to stay on their page or site longer rather than leaving the website right away. Besides, both landing page error and auto-redirect violations impair user experience by manipulating the end user’s browser history, keeping them stuck on a certain page by inserting one or several redirects in their browser history, to then forward them back to that specific page.

Insight: Auto-redirect was also a popular violation in South Asia. This detection can become a huge problem for a website publisher’s brand reputation, as the Auto-redirect forces a web page to break out of any frame “framing" it, resulting in automatically redirecting the visitor to another website or landing page - This new page the end user gets redirected to can contain anything, from simply annoying or spammy to highly age inappropriate or dangerous content designed to steal the end user’s information.

41.5% of scans in South Asia detected User Advisory Violations: The User Advisory category can be compromised with malvertising trends that can be offensive material not appropriate for all audiences or the potential for suspicious or fraudulent activity. The following are the top 4 User Advisory Violations detected in South Asia in Q1 2023:

Top 1: Threat-intelligence
Top 2: Suspicious-tld
Top 3: Unsafe-content-adult
Top 4: Ad-crypto

Insight: The top violation within the category is Threat Intelligence and is based on AdSecure’s Threat Intelligence service, which reports if a URL is flagged with a violation detected in any AdSecure analysis during the previous 30 days. Malvertisers tend to hide several different types of violations in one single link, which makes it easier for them to sneak malicious activity in, even if 1 or 2 of their violations are detected. For instance, one same URL in an ad can contain a Phishing Threat, covered up by Ad Cloaking, and also contain Crypto Mining or Browser Locker Code. Even if the first 2 are detected, the user’s online welfare would still be at risk.

Top 5 online scam violations in South Asia in Q1 2023

According to the AdSecure Violation Report South Asia in Q1 2023, the following were the top 5 cybercriminal malvertising scams in South Asia in Q1 2023, across all categories:

Copy of Table 2 E1693924871827

As we can see in the table above, end user security was seriously compromised across South Asia in Q1 2023. In fact, supported by the United Nations Report online scam violations in South Asia, many of the online scams are quite sophisticated since they have been designed to convince end users that these fake phishing websites are legitimate. In addition to that, we see that Browser-locker is the top online malvertising scam detected with 36.21%, which shows us that cybercriminal malvertising scams in South Asia are very popular. However, following the ranking, in the second position in online scams we find Permission Geolocation which, simply put, is a permission request to track the user’s location.

Insight: Permission-geolocation requests permission to send notifications to the user to access their device’s geolocation. Permission requests are fairly common, when an end user downloads an app, or gives location access, etc. However, they are unsolicited and possibly alarming for an end user that has just clicked on an ad. Besides, cybercriminals use them in the hope that the end user clicks to accept and then the bad actors can access personal files and data from the end user's device, for instance tracking their location for non compliant targeting purposes.


As we can read in the United Nations Report online scam violations in South Asia, cybercriminal malvertising scams in South Asia are growing due to the underlying governance and socio-economic factors that fuel this growing illicit economy. Online malvertising threats detected in South Asia can be very frightening for both brands and users, making it crucial for ad networks and publishers to protect the end user’s wellbeing, whilst producing a great user experience for them, thus ensuring a great brand reputation. So how can AdSecure help you? If you are an ad network or a publisher and you want to protect your online business or website from criminal gangs and malvertising, AdSecure is the best ad protection solution in the industry. Start a 14-day free trial and let our Customer Success Specialists guide you through our platform and answer any questions you have about while testing our platform!

Share this article on