In 2025, Asia's digital economy is a powerhouse, with Southeast Asia alone surging beyond $330 billion. Yet, this rapid growth presents a golden opportunity for cybercriminals.
Escalating threats, particularly in the communications channel, loom large for business, finance, and security leaders. SMS fraud is projected to intensify, with over 50% of telecom providers anticipating growth fuelled by AI-enhanced smishing and Artificially Inflated Traffic (AIT), costing billions globally.
The conversation is shifting from mere defence to proactive resilience. We sat down with Igor Mostovoy, product director of CPaaS at 8x8, to explore how organisations can build a proactive fraud defence underpinned by real-time visibility, a critical capability for navigating the complex threat landscape of 2025 and beyond.
The escalating cost of SMS fraud in Asia
The financial impact of communications fraud is staggering. "Globally, we project around US$2.1 billion impact on organisations, and a big portion of this comes out of Southeast Asia simply because Southeast Asia is a mobile-first economy," states Mostovoy.
The region's reliance on SMS, WhatsApp, and other messaging platforms for daily communication and customer engagement makes it a prime target. Fraudsters are acutely aware of this dependency, leading to increasingly sophisticated campaigns that exploit these very channels businesses use to build trust.
Beyond financial loss: The erosion of trust and operational stability
While direct financial loss is a clear motivator for action, the quantifiable effects of major SMS fraud incidents run much deeper. Mostovoy highlights a critical, often overlooked casualty: customer trust.
"When you receive an unsolicited SMS from a brand, you know, pretending to be that brand, you lose trust with this brand," he explains. This erosion of trust directly fuels customer churn, leading to significant long-term financial losses.
Furthermore, the operational impact is severe. A single phishing SMS can trigger a flood of calls to contact centres, overwhelming agents and supervisors.
This forces the organisation to scramble, dedicating precious resources to manage the fallout, communicate with customers, and implement emergency policies—all reactive measures that drain productivity and inflate operational costs.
The illusion of success: How AIT and smishing undermine business
One of the most insidious threats is Artificially Inflated Traffic (AIT). Mostovoy describes a scenario familiar to many marketers: "You may get excited that, hey, I have acquired so many customers... my traffic through Google Analytics has gone up. I've seen so many more SMS sent out for registrations. But in reality, these are not real registrations."
This "silent drain" blows out customer acquisition costs and completely skews marketing analytics, leading to misguided strategic decisions.
For e-commerce and supply chain operations, AIT and AI-powered smishing attacks create confusion, undermine marketing efforts, and introduce additional operational costs to filter legitimate traffic from fraudulent noise, directly impacting profitability.
Are current fraud defences still reactive?
A central question for leaders is whether their current defences are fit for purpose. Unfortunately, the answer in many Southeast Asian organisations is not encouraging.
"Definitely the measures are more reactive," confirms Mostovoy. "You see an incident; you deal with an incident."
This reactive model means that by the time a threat is identified, the damage may already be done—whether it's funds spent on fake traffic or customer trust already compromised.
The delay inherent in this approach, often requiring developer intervention to implement fixes, creates a critical window of vulnerability.
Essentials to building a proactive defence
Shifting to a proactive stance requires specific capabilities. The cornerstone is real-time visibility and monitoring, powered by platforms that can analyse traffic patterns and detect anomalies as they occur. However, as Mostovoy points out, "real time is not just what you see in terms of spikes."
It is about enriching that visibility with contextual data—understanding regional benchmarks for SMS conversion rates, identifying phone number ranges associated with previous attacks, and leveraging global threat intelligence.
Crucially, these tools must be accessible to non-technical teams. No-code platforms empower operations and product managers to build and modify authentication flows or block suspicious traffic without waiting for engineering prioritisation. This agility allows business teams to act in minutes, not weeks, turning a reactive process into a dynamic, proactive defence.
Dismantling silos: Fraud prevention as a team sport
Proactive fraud defence cannot be the sole responsibility of the security team. Mostovoy emphatically states, "Fraud prevention is a new sport... it requires everyone in the organisation to be on board." This means breaking down persistent silos between security, finance, and operations.
The CISO must focus on integrating modern authentication methods like silent mobile authentication and passkeys into the company's portfolio.
Simultaneously, finance and operations leaders need to work with security to establish clear processes for incident response: how to block attacks quickly to curb costs, and how to communicate with customers transparently.
A laid-out, cross-functional process ensures there is no scrambling when an incident occurs.
The regulatory tide and cross-industry collaboration
The regulatory environment is also evolving to support this proactive shift. Mostovoy cites a pivotal development: "The Philippines Central Bank has come out with a directive to basically step away from SMS-OTP."
This regulatory push is accelerating the adoption of more secure and user-friendly authentication methods across the region. Furthermore, telcos and governments are tightening sender ID registration processes globally, making it harder for fraudsters to impersonate trusted brands. These cross-industry collaborations are vital in creating a more hostile environment for fraudsters.
An integrated approach from TCO to competitive edge
When evaluating solutions, leaders must look beyond point products to integrated platforms. Fragmented tools lead to higher total cost of ownership (TCO), integration gaps, and, most critically, slower response times. "Slower action leads to higher cost," notes Mostovoy.
An integrated platform, such as 8x8's Omni Shield, connects detection with prevention. If a traffic spike is detected, the system can automatically signal a customer identity platform to shift authentication methods, all without impacting the user experience.
For an e-commerce company, this means conversions continue uninterrupted during an attack. In this context, a robust, proactive defence is no longer just a cost centre; it becomes a competitive advantage, directly protecting revenue and reinforcing customer trust.
The way forward for Asia's c-suite
As we look towards 2026, the advice for CISOs, CFOs, and other leaders is clear. "Make sure that you have systems in place," urges Mostovoy.
This means moving beyond SMS-OTP as the sole method and actively testing modern authenticators like passkeys and silent authentication. Leverage platforms that allow for A/B testing to find what works best for different regional audiences.
Ultimately, organisations must choose vendors that offer not just technology, but consultative expertise to help integrate, scale, and continuously adapt their defences. In the relentless digital economy of Asia, proactive fraud defence with real-time visibility is the new foundation for sustainable growth and customer trust.
Click on the PodChats player to listen to Mostovoy share practical insights for deploying your proactive fraud defence.
- What is 8x8?
- What are the latest projections for SMS fraud costs in Asia by 2026, including the impact of sophisticated threats like AIT on customer acquisition and operational margins?
- Beyond direct financial losses, what quantifiable effects do major SMS fraud incidents have on brand reputation and customer churn rates in key Asian markets?
- How might artificially inflated traffic and AI-powered scams like smishing affect e-commerce profitability and supply chain operations in logistics?
- Are our current fraud defences reactive, requiring developer intervention and causing delays, or can business teams detect and act in real time?
- What strategies can finance, and operations leaders employ to maintain customer trust amid rising threats, whilst ensuring secure communication channels during Southeast Asian expansion?
- How can we better integrate fraud management across operations, finance, and security teams to dismantle internal silos and enhance organisational agility?
- What capabilities are essential for proactively blocking fraudulent SMS traffic before it impacts customers or systems, including the use of no-code tools for non-technical teams?
- What role will regulatory changes and cross-industry collaborations play in combating digital fraud and strengthening security in retail and finance sectors?
- How would real-time visibility into SMS traffic patterns, powered by behavioural analysis, improve data-driven decisions on marketing spend and channel reliability?
- What is the total cost of ownership of fragmented fraud tools compared to integrated platforms, and how can robust defences be leveraged as a competitive trust advantage?
- Into 2026, what is your advice for CISOs, CFOs and marketeers on the topic Proactive Fraud Defence?
