LexisNexis Risk Solutions’ 2026 Cybercrime Report, derived from analysis of more than 116 billion online transactions in 2025, documents an 8% rise in global fraud rates, with Asia-Pacific registering a 12% year-on-year increase in its fraud attack rate, reaching 1.7% and exceeding the global average. The findings arrive as digital banking and payment platforms across Southeast Asia continue to expand rapidly, placing the region squarely within the escalating threat landscape described in the report.
Key Facts At A Glance
- The 2026 LexisNexis Risk Solutions Cybercrime Report analyzed more than 116 billion online transactions detected through its Digital Identity Network in 2025.
- Asia-Pacific cybercrime attack rates rose 12% year-on-year to 1.7%, pushing the region above the global average of 1.6%.
- Desktop browser attacks in APAC rose sharply as fraudsters deployed more sophisticated automation tools.
- The ecommerce fraud attack rate grew 64% year-on-year globally, and the attack rate at login jumped 216%; gaming and gambling sites experienced a 76% rise in global attack rate in 2025.
- First-party fraud remained the leading type globally for the second year running, comprising 38.3% of all reported frauds.
- Reports of generative AI-enabled scams rose 456% between May 2024 and April 2025, with deepfake activity rising sharply across APAC.
- A LexisNexis Risk Solutions and Global Anti-Scam Alliance webinar focusing on APAC-specific findings was scheduled for June 11, 2026.
APAC Fraud Rates Exceed Global Average
LexisNexis Risk Solutions reported that cybercrime attack rates in Asia-Pacific rose 12% year-on-year to 1.7%, pushing the region above the global average of 1.6%. The increase was most visible in desktop browser channels, where attacks climbed 25% to 6.9%, driven by more sophisticated automated activity.
The report found an 8% rise in global fraud rates, with cybercriminal networks scaling automation, shifting tactics, and probing for weaknesses across the digital customer journey. Attackers increasingly rely on advanced bots and AI-driven tools to mimic human behavior and test defenses with unprecedented speed and accuracy. These trends are particularly consequential for Southeast Asia, where digital payment transaction volumes are at record levels. The Philippines recorded PHP 24.74 trillion in e-payment transfers in 2025, while Indonesia’s QRIS system and Thailand’s PromptPay platform each process tens of millions of daily transactions, creating large attack surfaces for automated fraud campaigns.
Synthetic Identity Fraud And Agentic Bots
The 2026 report documents that synthetic identity fraud has grown significantly, with fraudsters constructing coherent fabricated identities by combining stolen data attributes into personas that have never existed. This approach bypasses conventional identity verification systems that rely on point-in-time checks rather than continuous behavioral monitoring.
First-party fraud comprised 38.3% of all reported frauds globally, remaining the leading fraud type for the second consecutive year, while synthetic identity fraud showed rapid growth alongside bot-driven account takeover activity. For digital banks and payment platforms operating across Southeast Asia’s diverse regulatory environments, synthetic identity fraud presents a compounded challenge: onboarding controls in markets with less mature national identity infrastructure are more vulnerable to fabricated credentials, and the cross-border mobility of fraud networks complicates jurisdictional enforcement.
In Latin America, synthetic identity fraud accounted for 48.3% of fraud, compared to first-party fraud comprising 51.7% of fraud in EMEA, reflecting significant regional variation in the dominant attack vectors that financial institutions must prioritize.
Deepfake Threats Intensify Across APAC Financial Services
Generative AI-enabled scams rose 456% between May 2024 and April 2025 in the region, while deepfake activity has also risen sharply across APAC. Banks and fintechs across the region are under growing pressure to tighten fraud controls and strengthen identity checks, including through stronger biometric verification and advanced liveness detection.
During the first half of 2025 alone, deepfake-related fraud losses exceeded USD 410 million globally, with some individual incidents exceeding USD 680,000. Industry projections estimate that generative AI-enabled fraud across the financial sector could reach approximately USD 40 billion annually by 2027.
In 2026, deepfakes are no longer an isolated tool but part of an industrialized AI fraud ecosystem, where models that generate documents, voices, or video are paired with automation and fraud-as-a-service marketplaces. The implications for Southeast Asian financial institutions are direct: digital onboarding flows, remote know-your-customer processes, and mobile-first account access — features central to the region’s digital banking expansion — represent the precise attack surfaces deepfake tools are designed to exploit.
Sector And Login Vulnerabilities
The ecommerce fraud attack rate grew 64% year-on-year and the attack rate at login, where fraudsters work to gain control of customer accounts, jumped 216%. Growth occurred across all regions, particularly in APAC. The account takeover vector is especially relevant for Southeast Asia, where embedded finance platforms and super-apps combine banking, payments, and commerce under a single login, meaning a compromised credential carries far greater value than in a single-service environment.
Gaming and gambling sites experienced a 76% rise in the global attack rate in 2025. While this figure is global, its relevance to Southeast Asia is notable given the region’s significant online gaming and digital entertainment sector, which frequently intersects with digital wallets and peer-to-peer payment flows.
Institutional Response And Outlook
Financial institutions in APAC are responding by investing in stronger biometric checks and advanced liveness detection, and by exploring how to balance fraud prevention rigor with frictionless customer onboarding experiences.
LexisNexis Risk Solutions Vice President of Fraud and Identity Stephen Topliss noted that while organizations are strengthening defenses across channels, cybercriminal networks are continuing to scale automation and shift tactics with unprecedented speed. For regulators across the region, the report’s findings add empirical weight to ongoing policy discussions. Singapore’s Monetary Authority of Singapore has issued guidance on agentic AI risk management, and the Bangko Sentral ng Pilipinas has flagged cybersecurity threats as a primary constraint on its digital payments adoption target of 70% by 2028.