From Sri Lanka’s hijacked debt payments to India’s two million cyber incidents, South Asia is battling a new wave of phishing attacks. And the criminals behind them are often victims themselves.

A rise in phishing attacks across South Asia has exposed cybersecurity vulnerabilities in the region, with a recent attack on Sri Lanka’s treasury underscoring how swiftly hackers can divert public finance and cross-border transactions.

The cyber criminals accessed government email servers to divert $2.5m of Sri Lanka’s bilateral debt repayment, breaching emails of the country’s External Resource Department and its Australian creditors.

 The scam was only detected when Australia notified Sri Lanka about the missing payments.

The latest attack reflects a broader pattern of modern phishing campaigns, which rely on carefully crafted emails, cloned websites, and even real-time digital interaction with their targets. It is also often perpetrated by those who are victims of crime themselves, in a phenomenon known as “digital arrest”.

“It starts off with people being lured to these South Asian countries under the guise of giving them employment and then they are all being imprisoned into these compounds. It is like an industry,” says N.S. Nappini, senior advocate at the Supreme Court of India who pioneered the development of cyber laws in her country. “Those being imprisoned are forced to work as scammers.”

“It starts off with people being lured to these South Asian countries under the guise of giving them employment”

Ms Nappinai says that scammers operate with extensive facilities, often registered as genuine businesses. 

“Digital arrest is one of the latest threats that South Asian countries have started cooperating to combat. The volume of these crimes are so high that the Indian Supreme Court took suo moto cognisance [preemptive action] to deal with it,” she adds. 

The increasing adoption of digital technologies by governments and financial sectors has only served to benefit hackers. 

Switching to open networks through mobile internet access from secured desktop servers has potentially led to a surge in scams, with the rise of social media shopping also creating new opportunities for criminals. 

Abigesh Sangaran, a university student from northern Sri Lanka, said shopping online from well-known brands was once easy and safe. Now “many of my friends trying to buy branded items via the social media links, especially Facebook, have become scam victims”, he said. 

Early last year, Bandaranaike International Airport in Colombo warned the public about a fake social media post falsely claiming that unclaimed luggage was being sold at heavily discounted prices. Issuing a scam alert advisory, the country’s Airport & Aviation Service urged the public to remain vigilant and avoid responding to such advertisements. 

Neighbouring India has also registered a steady increase in phishing-related fraud targeting banking customers and small businesses. The attackers often posed as officials from major financial institutions, prompting recipients to “verify” account details through malicious links.

The country recorded over two million cyber incidents in 2024, according to an annual report from India’s Computer Emergency Response Team (CERT-IN). 

The hackers used methods including phishing, malware, spyware, surveillance, and data theft.

Bangladesh, Nepal, and Pakistan have also faced similar cyber crime challenges. The $81m Bangladesh Bank cyber heist from 10 years ago is still considered the largest online robbery in history.

As part of its probe into the recent treasury attack, Sri Lanka’s Criminal Investigation Department (CID) is exploring whether Australian systems were compromised. The Australian Federal Police and Interpol, among other international agencies, have been approached for assistance.

The heist has intensified growing concerns about substantial vulnerabilities in the world’s digital defences. It also serves as a stark reminder to governments of the need to constantly upgrade cyber security systems and expand robust global cooperation to combat this global menace.

Featured image: Foreign nationals arrested by Sri Lankan police for suspected involvement in criminal activities and around Colombo. Credit: Ishara Kodikara