Sri Lanka Faces Rising Cybercrime Threat As Scam Networks Shift From South-East Asia

Sri Lanka is facing a sharp rise in cybercrime as international scam networks appear to be relocating from established hubs in South-East Asia, raising concerns that the country is becoming a new base for transnational online fraud.

Authorities have warned that foreign-run cybercrime operations are increasingly being set up by people entering the country on tourist visas, then using rented properties, local internet connections and large numbers of devices to target victims overseas.

The trend follows intensified crackdowns on scam compounds in countries including Cambodia, Myanmar and Laos, where industrial-scale online fraud networks have operated for years. Rather than disappearing, experts say many of these networks are adapting by moving to jurisdictions where enforcement is weaker, entry requirements are easier and telecommunications access is less tightly controlled.

Sri Lankan police have carried out more than a dozen raids on alleged scam operations since the beginning of the year. Hundreds of foreign nationals have been arrested, detained or deported over alleged involvement in cyber-enabled fraud. Many of those detained have reportedly been Chinese nationals, though authorities have also identified suspects from other countries, including Vietnam, India and Laos.

The latest raid took place in Colombo, where police detained 18 Chinese citizens and one person from Laos. Investigators reportedly found evidence consistent with a sophisticated fraud operation, including fake documents, digital devices and materials allegedly used to support online scams.

The operations are believed to involve fraud schemes targeting victims around the world, including romance scams, investment scams, fake business documents, impersonation fraud and cryptocurrency-related schemes. These scams often rely on social media, messaging platforms and convincing fake identities to build trust with victims before persuading them to transfer money.

Experts say Sri Lanka may be attractive to criminal groups because of its relatively accessible tourist visa system, affordable rental market, reliable internet infrastructure and gaps in regulation around SIM cards and internet connections. These factors can make it easier for foreign groups to establish temporary scam centres, move between locations and avoid detection.

Unlike the large, heavily guarded compounds associated with some South-East Asian scam hubs, the Sri Lankan operations appear to be more dispersed. Smaller groups operating from apartments, hotels or rented homes can be harder for law enforcement to identify, particularly if they move frequently and use local digital services to mask their activity.

The shift highlights the adaptability of the global scam industry. Law enforcement pressure in one country can disrupt operations, but it can also push criminal networks into new markets. This creates a moving target for authorities and makes regional cooperation essential.

Sri Lanka’s emerging cybercrime problem also sits within a broader global crisis. Scam networks in South-East Asia have been linked not only to financial fraud, but also to human trafficking and forced labour. In many cases, people working inside scam operations are themselves victims, having been lured by fake job advertisements and then coerced into carrying out online fraud.

That complexity presents a challenge for law enforcement. Authorities must identify and prosecute the organisers of these networks while also recognising that some low-level participants may have been trafficked, deceived or forced to work under threat.

For Sri Lanka, the sudden rise in alleged scam operations creates legal, diplomatic and security challenges. Police, immigration officials, telecommunications providers and financial regulators may need to work more closely to identify suspicious activity, tighten controls on telecommunications access and prevent foreign criminal networks from embedding themselves in the country.

The issue also has international implications. Victims of these scams are often located far from the country where the operation is based. A scam centre in Colombo may target people in Australia, the United States, Europe or elsewhere, using fake identities, remote payment systems and encrypted communications to conceal its operators.

That makes cybercrime increasingly difficult to contain within national borders. A single scam network may use workers from one country, operate from another, launder funds through a third and target victims across multiple continents.

The rise of Sri Lanka as a possible new hub shows that cybercrime is not static. Criminal networks are mobile, well-resourced and quick to exploit regulatory gaps. When one route becomes too risky, they search for another.

For internet users, the warning is clear. Online scams are becoming more professional, more global and more convincing. Fake profiles, forged documents, investment promises and impersonation tactics can be produced at scale, making it harder for ordinary users to recognise fraud before it is too late.

As cyber threats continue to evolve, improving your own cybersecurity awareness is one of the most practical ways to protect yourself and your organisation. Strengthen your digital defences, learn how common scams work and build the skills needed to recognise online risks by taking The Hack Academy’s online training programme. Better cybersecurity starts with better knowledge.