Scams are rising across ASEAN and they are getting closer to people’s everyday channels. The equal-weighted share of consumers who say they have ever been scammed climbed from 31% to 43%. Involvement is overwhelmingly mobile and multi-channel: victims most often cite OTT messaging, voice calls, and social platforms, with SMS and email still present. The mix differs by country (for example, social/SMS are more prominent in the Philippines; voice/OTT in Thailand, Singapore, Indonesia), which means countermeasures must be tailored to where scams actually land.
The harm is real and people are reporting it. In 2025, 68% of victims say they lost money, with 11% of people saying they lost a large sum of money and ~76% reported the incident somewhere. Reporting is split across banks/fintechs, police, and platforms, so no single institution sees the full case, slowing recovery and weakening deterrence.
Privacy concerns remain near-universal at ~97%, and demands for broad disclosures have increased (the share saying it is important that companies disclose what they share moved 95% to 98%). The signal from consumers is consistent: keep data use tight, transparent and tied to specific outcomes.
Acceptance of protective mobile-network signals is strong. 72% are comfortable with limited, purpose-bound checks and support rises further from this when sharing is exception-based; this creates a practical path for GSMA Open Gateway–style APIs (e.g., SIM-swap, number verification, device status, coarse location confidence) to harden logins and payments while minimising data point use. In contrast, comfort with conversational-app data sharing has dropped from 53% to 40%, mirroring concerns about impersonation and phishing on those platforms.
Consumers will reward better protection. 81% say they would switch financial providers for stronger security, favouring products that bring verification to the front, confirmation-of-payee, safer payment instruments, and simple “official call-back only” habits.
The way forward is clear: prioritise the hot routes (voice/OTT first; strengthen social and SMS where elevated), make safe behaviours the default, use targeted, transparent, authorised data sharing to verify transactions, and close the reporting loop so every report turns into fast, visible remediation.