According to the Global Anti-Scam Alliance (GASA), scammers stole an estimated US$1.03 trillion in just one year. To grasp the scale: that’s enough to fund Singapore’s entire healthcare budget for the next 70 years.
Fraud is no longer a petty crime of opportunity. It’s a billion-dollar industry that is run like a business, scaled by automation and supercharged by AI. In today’s hyper-connected world, a scam launched in a backroom in Bucharest can reach victims in Jakarta, Sydney or Seoul within minutes.
At the recent Global Anti-Scam Summit (GASS) Asia 2025, Singapore made history. Its Government Technology Agency (GovTech) became the first public body worldwide to formally commit to the Global Scam Data Exchange, joining over a hundred organisations in a landmark show of cyber solidarity.
The message was clear: no nation can fight this war alone.
Why intelligence sharing is our best defence
The brilliance of scams lies in fragmentation. The more disconnected our systems, the more isolated our responses, the easier it is for bad actors to slip through unnoticed. For example, a single domain — the web address behind fake sites and phishing links — used to scam victims in Manila today might be repurposed to launch attacks in Mumbai tomorrow. Without intelligence sharing, these signals remain siloed, dots left unconnected.
See also: OCBC steps up anti-scam measures with in-app calling feature
This is where initiatives like the Global Scam Data Exchange come in. Intelligence sharing transforms isolated incidents into patterns. A phishing domain uncovered by analysts in one market can be flagged and blocked by Internet Service Providers (ISPs) on the other side of the world. A fake app discovered by one cybersecurity firm can be taken down faster when reported across a global network of partners, regulators, and platforms.
At the GASS summit, the idea of “shared intelligence” emerged not just as a tactic, but a paradigm shift: from reactive containment to preemptive coordination.
Smarter tools, stronger together
See also: Silent intrusions, lasting damage: APTs are redefining cyber risk in Southeast Asia
The tools to fight back are already in place – we just need to use them smarter, together.
DNS, often called the “phonebook of the internet”, offers a powerful early warning system. It helps trace malicious infrastructure, spotting clusters of suspicious domains and linking them to broader scam campaigns. At the same time, endpoint protection flags malware attempts, while AI-driven tools are improving at detecting synthetic content and deepfakes.
But none of these tools work in isolation. According to the Infoblox 2025 DNS Threat Landscape Report, 88% of AI-generated malware evades traditional detection tools. It’s only through collaboration between vendors, researchers, governments and industry peers, that we can close those gaps.
Each node in the cybersecurity ecosystem sees a different part of the elephant. Intelligence sharing allows us to step back and see the beast in full.
From intel to impact
Of course, intelligence is only useful if acted upon.
A threat report shouldn’t be the final destination; it should be the starting point for disruption. Carefully crafted public disclosures force adversaries to abandon or rebuild their infrastructure, and that costs them time, resources and operational momentum. When this intelligence is shared with law enforcement or industry peers, it becomes a force multiplier, turning what could have been an isolated incident into a coordinated response. It’s a fine balance: you want to release enough information to the public to keep them safe, while not revealing so much that you lose the actor altogether.
To stay ahead of the latest tech trends, click here for DigitalEdge Section
Across the cybersecurity landscape, industry players appoint threat intelligence teams to better analyse the infrastructure enabling fraud, credential theft and other malware. These teams work behind the scenes to uncover the infrastructure that fuels cybercrime, often before it’s put to use.
At Infoblox, we do this by combining DNS expertise with advanced data science — the team spots patterns that suggest malicious activity early in its lifecycle, track how threat actor infrastructure evolves and identify high-risk domains before they become weapons. This proactive intelligence has supported the public exposure of 13 global threat actor groups over the past three years — insights that have been passed on to authorities and the wider cybersecurity community to aid takedown efforts and disrupt attacks at their source.
But we believe intelligence shouldn’t be hoarded. When our team publishes research on emerging threats or dissects the tactics of specific actors, the goal isn’t just awareness—it’s collective readiness. Every shared indicator, every uncovered pattern, is a chance to help others see what’s coming next.
A call to collective vigilance
The fight is far from over. Scammers will continue to innovate — but so can we, if we commit to a mindset of collective vigilance.
Governments must forge international partnerships. Security providers must share what they see, not hoard it. Technology platforms must prioritise safety by design. And civil society groups must continue educating the public.
Singapore’s GovTech has taken a bold first step. Its participation in the global scam data exchange sends a strong message — that intelligence is not a competitive asset, but a public good. Collaboration, not isolation, is our best chance at reclaiming safety in the digital age. Because in this fight, the winning side isn’t the one with the most advanced tools, it’s the one that refuses to fight alone.
Renée Burton is the vice president of Threat Intelligence at Infoblox
