Scams have reached crisis levels in Southeast Asia. The Global Anti-Scam Alliance (GASA) estimates that consumers in the region lost US$23.6 billion ($30.3 billion) in the past year, with 63% of adults experiencing a scam attempt and more than one in five losing money.
In Singapore, 21% of adults had their money stolen by scammers in the last 12 months. The average loss is US$2,132 per person, more than triple the Southeast Asia mean of US$660.
The most common frauds are investment scams, followed by unexpected money and impersonation scams. Such scam encounters in the past 12 months have typically taken place on Facebook, WhatsApp, and Telegram, according to GASA’s recent report.
Recognising that its platforms (namely Facebook and WhatsApp) are often the first touchpoint for such schemes, Meta has moved to strengthen its cyber defences.
To counter impersonation, it has rolled out AI-driven facial recognition, which automatically blocked 20% more “celeb-bait” scam ads in January and 100% more by mid-2025. Further tests are underway to stop impersonation scams on Facebook and Instagram using the technology.
Another weakness has been compromised accounts, which drive about 20% of reported scams on Meta’s platforms. Meta has cut account takeovers by nearly half after deploying stronger machine learning to detect cookie theft, rolling out anti-scripting captchas, and promoting passkeys and two-factor authentication. In Q2FY2025, account compromises fell 48% on Facebook and 41% on Instagram.
See also: Identity emerges as cloud’s weakest link: Tenable and Cloud Security Alliance
Taking on multi-step scams
Scams have also evolved into multi-step operations. They may start with a social media post or text, funnel victims to professional-looking websites, then shift the conversation to encrypted apps like WhatsApp or Telegram before ending in fraudulent transfers.
“No one player can see the whole scam and counter it,” says Nathaniel Gleicher, Meta’s global head of Counter-Fraud and Security Policy, at a media briefing on Sept 1. He explains that platforms like Facebook and WhatsApp are often at the start of the attack chain, so they are early enough to take action, but without the full data to confirm whether a contact is fraudulent. Banks, by contrast, detect scams much later, typically through customer complaints or transaction anomalies — by which time the fraud may already have succeeded.
See also: Singapore joins Global Scam Exchange to support a borderless fight against scams
This gap has pushed Meta to build a direct data-sharing mechanism that allows banks to share valuable signals that Meta can expand on. “One seed [or starting data point like a suspicious account] from a bank can lead us to 600 or more assets. That type of pattern detection allows us to get ahead of these multi-step scams that are designed to look benign,” says Gleicher.
This approach underpins Meta’s Fraud Intelligence Reciprocal Exchange (FIRE) programme. When the Australian Financial Crimes Exchange shared just five Facebook groups trading bank accounts through FIRE between April and May 2024, it enabled Meta to remove over 9,000 spam Pages and over 8,000 AI-generated celeb bait scams across Facebook and Instagram.
Gleicher shares that FIRE is now expanding into Asia, including Singapore, through the industry consortium Financial Services Information Sharing and Analysis Center (FS-ISAC).
Meta is taking a similar tack in Singapore through a pilot with the Government Technology Agency of Singapore (GovTech Singapore) and the Singapore Police Force. Gleicher says: “This idea behind this pilot is to build a scalable system where they can share examples of scam URLs that are referenced on our platforms or that might link to our platforms, so that we can then investigate them and take action.”
The goal is to expand such sharing through the Global Signal Exchange (GSE), using AI to turn a single lead into a broader sweep of related assets and circulate takedown intelligence back to partners.
“Scammers lead people to abusive websites off our platforms, which is where the scam is actually perpetrated. Whenever we identify these abusive websites, we block them… but the problem is that they don't [immediately] disappear from the Internet. On average, the websites we block remain active on the broader internet for about three years,” notes Gleicher.
To shorten that exposure, Meta and other GSE members are pooling blocklists, allowing companies to block harmful sites before they spread across platforms. GSE is a global clearinghouse for scam and fraud signals that is co-founded by Oxford Information Labs, Google and the Global Anti-Scam Alliance, with members such as Meta and Microsoft. It tracks more than 400 million threats in real-time.
To stay ahead of the latest tech trends, click here for DigitalEdge Section
Overconfident consumers
According to the same GASA report, 78% of Southeast Asians believe they can spot scams, but two-thirds have fallen victim. Many rely on weak heuristics—such as “if it seems too good to be true, it probably is”—leaving them vulnerable to highly realistic impersonation schemes.
Meta is trying to plug that preparedness gap with “just-in-time education or warnings,” Maxime Prades, Meta’s product management director, shares at the same media briefing. On WhatsApp, new context cards notify users when they’re added to unfamiliar groups, flagging whether the inviter is outside their contacts and how many strangers are present. These nudges are designed to make people pause before engaging, at the exact moment scammers want them to act fast.
“We've noticed that scammers commonly take the conversation from another website to WhatsApp. When that happens, WhatsApp is providing you with group safety overviews and the context around the group (such as the group members). It’s also giving you more tools to exit that group safely. These provide more data at the users' fingertips,” says Prades.
According to Meta, it has removed 12 million scam-centre-linked accounts in the first half of 2025 and cut scam-ad reports by 60% globally.
However, Meta’s enforcement alone will not solve the problem. “We will keep blocking accounts and driving costs up for criminals, but as long as they operate without fear of arrest, they will keep adapting,” says Gleicher before adding that platforms, governments, industry partners, and civil society must continue to work collaboratively to tackle scams effectively.
