By Patricia A. Pramono • Studio 1080, Published on September 06, 2025
TABLE OF CONTENTS
According to the Ministry of Communication and Digital Affairs (Komdigi), there are over 1,000 scam and spam attempts reported every day across Indonesia, highlighting just how widespread this threat has become (CNN Indonesia, 2025).
Whether you’re a student, a retiree, a business owner, or even a government official, scammers don’t discriminate. Komdigi also added that the daily volume of digital fraud in Indonesia has reached a crisis point (CNN Indonesia, 2025).
The Financial Services Authority (OJK) recently revealed that our country suffered an estimated financial loss of over USD 200 million due to scams in the first half of 2025 alone (Indonesia National Police, 2025). That’s more than Rp 3.2 trillion stolen through phishing links, fake investment platforms, online shopping fraud, impersonation scams, malicious apps, and more.
So the question is: how did we get here?
Scams Don’t Discriminate: Everyone’s a Target Now
It used to be easy to assume that only the “less tech-savvy” were at risk of online scams. That only boomers clicked suspicious links or that education could prevent fraud.
But that assumption doesn’t hold up in 2025 and beyond.
According to Komdigi, the majority of daily scam and spam reports in Indonesia come from lower-to middle-income communities. Still, they’ve also received complaints from high-level officials (including a vice minister) and countless well-educated professionals (CNN Indonesia, 2025). There’s no longer a clear line between who’s “safe” and who’s not.
Cyber scams thrive not because people are clueless, but because we’re human. We trust. We move quickly. We click without overthinking. And cybercriminals are adapting just as fast, using smarter tactics and personalized lures.
Even Gen Z (arguably the most digital-savvy generation) is now one of the most targeted.
A study found that more than half of Gen Z respondents had already experienced a cyber threat, compared to just 21% of baby boomers (National Cybersecurity Alliance, 2021). And while Gen Z might be fluent in digital culture, that fluency can create blind spots.
Also read: Cyber Attacks vs Gen Z: Don’t Get Finessed by Hackers
Today, it’s no longer about your background, but your behavior. We all have digital habits. And that’s what scammers are counting on.
What Scams Look Like in 2025
If you think scams still look like poorly written emails, you’re a few years behind. In 2025, scams are smoother, more subtle, and frighteningly believable.
Many of today’s scams are designed to blend into your everyday digital habits, they look like things you’d normally expect to see. A delivery update. A QR code on a table. An online shop discount. A casual DM on Instagram. That’s what makes them so dangerous, they don’t look like scams.
Here are some of the most common tactics we’re seeing in Indonesia right now:
- Phishing disguised as delivery updates or fake OTPs
You receive a text that looks like it’s from a courier service. “Your package couldn’t be delivered. Click here to reschedule.” But the link steals your credentials or installs malware
- Fake online stores offering massive discounts
Especially during flash sale periods, scammers create entire websites that look like legit fashion or gadget retailers but once you pay, your money and personal info disappear
Also read: Phishing: New Methods and How to Stay Safe
- Scam job offers or crypto investments via social media
These target Gen Z and young professionals in particular. You get a “recruiter” offering high-paying freelance work or crypto returns that sound too good to pass up
Also read: Phishing for Billions: Operation Dream Job
- QR code phishing (Quishing)
A tampered QR code can redirect you to a malicious site that mimics your banking app or asks you to “verify your identity” and just like that, you’ve handed over your data
Also read: Quishing: How QR Code Phishing Attacks Your Business at Every Turn
- “Official-looking” e-wallet or bank messages demanding urgent action
Scammers spoof the logos and tone of voice of real institutions. The message says there’s a problem with your account, and you need to act now, which is a common trick to pressure victims
Also read: Fake Base Transceiver Station (BTS) Scams Are Targeting Your Phone
- Malware hidden in APKs or pirated downloads
Particularly dangerous for Android users, attackers embed spyware or data stealers in pirated apps, cracked games, or modified APKs, often spreading in WhatsApp groups or Telegram channels
Also read: Understanding Malware Threats
In total, Komdigi received over 800,000 reports of fraudulent bank accounts and more than 160,000 complaints tied to scam phone numbers in the past year alone (CNN Indonesia, 2025).
Also read: Indonesia Ranks 2nd with the Most Spam Calls in Asia Pacific
This cybersecurity issue is a national crisis. Scams today rely on people being busy, distracted, and used to acting fast online. When you scroll, shop, or respond without thinking, scammers win. And what’s more worrying? Some victims don’t even realize they’ve been scammed until days or weeks later after their data has been stolen, or unauthorized transactions show up.
OJK’s Indonesia Anti-Scam Center (IASC) has recorded a massive loss of over USD 200 million as of mid-2025 (Indonesia National Police, 2025). But the actual number could be even higher, considering many victims don’t report in time.
What is the key problem here? Delay.
“Only Rp 315.5 billion was frozen from 54,000 scam-related accounts. Most victims reported the scam too late, after the 12-hour golden window had passed.” — Hudiyanto, IASC Secretariat Head (Antara, 2025)
Also read: Top Cyber Attacks in 2024 and How To Prevent Them in 2025
How to Avoid Online Scams
No one can promise total protection. But you can reduce your risk of being scammed online with these simple steps:
- Enable 2FA on all accounts, especially email, e-wallets, and banking apps
- Be skeptical of urgent messages or calls demanding action
- Don’t click unknown links or scan QR codes from sketchy sources
- Shop online from trusted platforms only
- Use unique, strong passwords and a password manager
- Keep software and apps updated to close known vulnerabilities
Also read: 5 Simple Steps to Enhance Your Online Privacy ; Avoiding Online Shopping Scams
What to Do After You’ve Been Scammed
If you’ve been scammed online, what you do in the first 24 hours can change the outcome.
We’ve put together a complete guide on the recovery process: What To Do After a Scam: 7 Steps for the First 24 Hours
Key takeaways:
- Immediately secure your devices and reset passwords
- Run antivirus scans and monitor financial activity
- Gather evidence (screenshots, transaction history)
- Report to CekRekening.id, AduanNomor.id, and the police
- File a dispute with your bank or digital wallet provider
- Educate your circle so they don’t fall for the same trap
Summary
If there’s one thing we’ve learned from the thousands of scam attempts happening every day, is that no one is untouchable.
Not the young, not the educated, not even government officials. Scammers don’t care who you are, they care how you behave. And they’re getting better at slipping into the daily digital routines we no longer think twice about.
In 2025, scams just need to feel normal enough to go unnoticed. And that’s why digital awareness is now a life skill. Whether you’re a college student, an online seller, or a business leader, staying safe online requires more than just knowing what scams are. It means practicing digital caution, slowing down when things feel urgent, and questioning before you click.
Because at the end of the day, cybersecurity is about being prepared. And you don’t have to do it alone.
At Cisometric, we’re here to help individuals and organizations stay one step ahead with practical tips that adapt as fast as the threats do.
For more updates on digital scams, cybersecurity insights, and expert tips, follow our social media:
LinkedIn: Cisometric
Instagram: @cisometric
Youtube: @Cisometric
Reference:
Indonesia Reports $200M Loss from Online Scams, OJK Warns of Crisis
