digital identity

Feb 03, 2026

The New Digital Crime Economy: Why AI-Driven Fraud Syndicates are the 'Startups' of the New Era

AI-powered attacks—such as large-scale deepfake attacks, synthetic identity fraud, and automated device farms—are effectively eroding traditional security models.

Niki Luhur at CISO Malaysia 2026

On February 2, 2026, Niki Luhur, Founder and Group CEO of VIDA, delivered a powerful keynote at CISO Malaysia 2026 in Kuala Lumpur, challenging security leaders to fundamentally rethink their defense strategies.

 

The message was clear: digital scams in Southeast Asia has evolved from isolated, opportunistic scams into highly commercial operations run by sophisticated, organized syndicates.“Fraud today is no longer about individuals seeking quick profits; it has become a business, a billion-dollar business,” said Niki Luhur. “When crime operates like an industry, security cannot rely on assumptions built for a different era.”

 

Artificial Intelligence (AI) is the key engine of this transformation, automating, repeating, and scaling criminal activity into a structured industry complete with supply chains, specialized roles, and cross-border infrastructure that mirrors the efficiency of modern, legitimate businesses. The AI-Powered Threat & The Regulatory Imperative

 

The result is an industrialized threat landscape. AI-powered attacks—such as large-scale deepfake attacks, synthetic identity fraud, and automated device farms—are effectively eroding traditional security models. These attacks are no longer random; they are strategically timed to target moments of high trust and liquidity, such as salary payments or festive bonus periods.

 

This urgency is magnified in Malaysia. Bank Negara Malaysia's (BNM) mandate to phase out SMS OTPs by June 2026 recognizes that legacy authentication is insufficient against modern threats like SIM swap fraud and AI-powered social engineering. This regulatory shift forces banking security leaders to fundamentally redesign their fraud defense strategies now. The answer: Layered and Coordinated Identity Defense. 

 

Many organizations remain stuck in fragmented defense models, attempting to address individual attack vectors. But as Niki Luhur argued, "Modern attacks don't come one layer at a time. Syndicates combine compromised devices, manipulated biometrics, stolen credentials, and human psychology in a single flow. If defenses aren't connected, attackers will always find the weakest point.”

 

This reality demands a Layered and Coordinated Identity Defense. This strategy is about unification, integrating multiple independent checks into a cohesive system where each layer reinforces the next.

 

The core pillars of a resilient defense strategy include:

  • Blocking Attacks at the Point of Entry (Device Trust): Detects emulated, compromised, or tampered devices before biometric or identity checks even occur.
  • Mitigating Deepfake and Injection Attacks (Presence Detection): Verifies the presence of real humans using advanced liveness detection technology.
  • Replacing Vulnerable SMS OTPs (PKI Authentication): Uses cryptographic proof of identity tied to the device for stronger security, integrity, and non-repudiation.
  • Identifying Coordinated Syndicate Activity (Fraud Analysis): Analyzes transaction behavior and patterns to detect organized fraud operations at scale.

As fraud syndicates continue to scale and coordinate their operations, the discussion emphasized that security can no longer be treated as a collection of standalone tools. Modern defense must be designed as an integrated system, where signals across identity, device, and behavior are continuously connected and reinforced.

 

With AI-generated content making fraud increasingly difficult to detect, organizations can no longer depend on user awareness as a primary line of defense. Protection must be engineered to hold even when human judgment is compromised, particularly during high-pressure moments involving financial access and sensitive transactions.

 

VIDA’s engagement at CISO Malaysia 2026 reflects our commitment to supporting security leaders across Southeast Asia to achieve rapid growth of digital economy. Resilient digital identity systems will be essential to reinforcing trust and enabling sustainable economic growth across the region.

VIDA - Verified Identity for All. VIDA provides a trusted digital identity platform.

Latest Articles

What Is Account Takeover Fraud and Why Is It Surging Across Industries?
account takeover

What Is Account Takeover Fraud and Why Is It Surging Across Industries?

Learn what account takeover fraud is, how ATO attacks exploit weak authentication, and proven account takeover prevention strategies to sto...

July 09, 2026

How to Prevent Deepfakes: A Complete Guide to Detection and Defense
identity verification

How to Prevent Deepfakes: A Complete Guide to Detection and Defense

Learn how to prevent deepfakes with liveness detection, AI-powered deepfake detection, and identity verification strategies that stop AI-ge...

July 08, 2026

What Is Biometric Authentication? A Complete Guide to Identity Security
verifikasi identitas

What Is Biometric Authentication? A Complete Guide to Identity Security

Learn what biometric authentication is, how fingerprint and facial recognition work, and why liveness detection and multi-factor authentica...

July 05, 2026