Southeast Asia’s rapidly growing digital economy is increasingly exploited as a staging ground for global cyberattacks, according to Mimecast’s 2025 Global Threat Intelligence Report.
The report analyzed 24 trillion data points from 43,000 organizations, flagging over 9 billion threats, with a sharp rise in AI-driven, human-focused attacks.
Mimecast found that compromised systems in Southeast Asia are being used as proxies to mask the origins of attacks targeting organizations worldwide. The region’s expanding small and medium enterprise (SME) sector, distributed workforces, and uneven cybersecurity make it particularly vulnerable.
“Threat actors are exploiting Southeast Asia’s infrastructure to launch attacks globally,” said David Sajoto, Mimecast VP for Asia-Pacific and Japan.
Key trends include AI-enhanced phishing, ClickFix scams, and exploitation of trusted business tools like DocuSign and Salesforce. Phishing now accounts for 77 percent of attacks, while ClickFix schemes rose 500 percent in the first half of 2025. Attackers are also coordinating across multiple channels, using AI-generated voices and deepfakes to evade detection.
High-value sectors such as education, telecom, real estate, legal, and hospitality are among the most targeted, with campaigns using fake portals and impersonation to harvest credentials.
The report highlights the need for employee awareness, AI-assisted defenses, and stronger regional cybersecurity cooperation to address Southeast Asia’s growing role as a cyberattack hub.
