Shortly after his divorce, Joe Novak received a Facebook message from an unknown woman who sent him a friend request. Despite some initial uncertainty, Novak and the woman began chatting. Over several months, they established a friendship, got to know each other, and started opening up about their lives.
Or so that’s what Novak thought.
One day, the woman shared an online investment platform with Novak. She claimed that she made thousands of dollars using the platform, and convinced Novak to check it out. He added funds to his account and began investing. Everything was going great, until he got locked out of his account – after he had transferred $280,000 of his own funds to the platform.
When he tried to contact his new friend on Facebook, she was silent. From there, the truth unraveled, revealing that Novak fell victim to a “pig butchering” scam. Pig butchering refers to crypto or investment fraud schemes that start by fraudsters building a relationship with their victim before convincing them to move funds to little-known investment applications or websites, as reported by VICE.
Scams like this one are hiding a lot more than meets the eye. Novak is one of the victims, but underneath, many more people are being exploited – all in the name of cyberattacks. The woman who initially messaged him is a victim, too.
In many areas of Southeast Asia, criminals are establishing scam compounds and building out robust infrastructure for these operations. People from Cambodia, Laos, and Myanmar are coerced, trafficked, and forced to work in these compounds as scammers. They spend hours of their day targeting companies and individuals, but most of the time, it isn’t their choice.
What is a Scam Compound?
In the midst of the COVID-19 pandemic, hotels, casinos, and other tourism-related businesses were facing a crisis. With travel on hold and visitors staying home, criminal networks swooped in, turning these spaces into dedicated cybercrime operations. Many criminal networks operating in Southeast Asia began forcibly recruiting and trafficking people to come to work in their compounds.
The physical space of these compounds varies; some are in apartment buildings, others are using old casinos and hotels. Picture crowded working conditions, terribly victimized people being forced to carry out cyberattacks on targets around the world, and often, cramped living quarters – that’s what scam compounds are like.
Cyber scam operators, the ones who are actually pulling the strings behind major cybercrime initiatives, aren’t just taking advantage of their fraud targets; they’re also exploiting their “employees” who are forced to do this work. With an established scam compound infrastructure, these operations are defrauding people and corporations on a large, multinational scale.
By some estimates, the money made from scam compounds and similar operations accounts for 40% of the combined gross domestic product (GDP) of Laos, Cambodia, and Myanmar, according to a GI-TOC report.
Real-World Scam Compounds
KK Park – Myanmar
KK Park is strategically positioned along the border with Thailand. Started in 2020, this compound employed thousands of workers, quickly turning into a massive cybercrime operation. In 2025, the Myanmar military raided the compound and put an end to operations. Authorities shared that compound employees came from 28 different countries, many of whom were there under duress, as reported by The Guardian.
Huione Group – Cambodia
In 2025, the US Treasury Department accused the Huione Group of working with North Korean cybercrime syndicates to carry out pig butchering scams. Not only did the US ban the group from its financial systems, but South Korea also placed sanctions on the group. In response, Cambodia revoked the business license of Huione Pay — the group’s local payment services provider.
Why Should CFOs Care About Southeast Asia Cybercrime?
These scam operations target financial teams directly. Every wire transfer, vendor change, or urgent request could be a trap. B2B payment fraud can result in massive losses, reputational damage, and regulatory violations.
Vendor Risk
Hackers who alter stored vendor banking details can silently redirect payments — and your company may not know until vendors complain.
Payment Compromise
Without strong controls, your company could process a high-value fraudulent payment due to a spoofed invoice or impersonation scam.
Regulatory Exposure
Sanctioned entities shift constantly. Even an unintentional payment to a flagged recipient could result in fines and legal risk.
Getting Ahead of Industrialized Fraud: How to Protect Operations
- Assessment: Identify high-risk transactions, weak approval points, and gaps in vendor change procedures.
- Technology: Implement automated verification tools that detect unusual or unverified payment details.
- Process: Cybercriminals work really hard to find process vulnerabilities that can be exploited. Is there an approval workflow that isn’t as strict as it should be? You’ll need to pressure test every process that involves financial transactions.
- People: Even with the best processes and technologies in place, employees are your first line of defense against industrialized fraud. Conduct regular training sessions to share potential risks, teach people how to spot suspicious activities, and create an open and communicative culture so issues can be escalated accordingly.
- Partnership: Your cybersecurity ecosystem is much larger than your company alone. Work closely with technology providers, banks, and payment processors that prioritize security just as much as you do.
Southeast Asia cybercrime poses a threat to businesses around the world. One faulty system, one exploited employee, or one mistake is all it takes to expose a company to major financial devastation. Because CFOs oversee all financial operations, it’s up to them to understand current threats and prioritize cybersecurity protections.
For more detailed guidance on how to avoid industrialized fraud, check out Eftsure’s 2026 Cybersecurity Guide for CFOs. We provide new guidance each year because each year brings new risks. Together, we can protect key business ecosystems from the dark operations of scam compounds in Southeast Asia and beyond.
