Sri Lanka is rapidly emerging as one of Southeast Asia’s newest scam hubs. As regional crackdowns intensify—most notably in Cambodia—international cybercrime networks have simply relocated. Sri Lanka, with its infrastructure strengths and regulatory gaps, has become an attractive new base of operations.
Why Sri Lanka?
Organised scam syndicates did not arrive by accident. They found favourable conditions:
- Free tourist visas for citizens of China, India, Russia, Thailand, Malaysia, Indonesia, and Japan
- 30-day visas are extendable up to six months, allowing long-term operations under the guise of tourism
- Reliable telecom and internet infrastructure capable of supporting high-volume scam activity
- Low-cost apartments and hotels, ideal for setting up concealed scam centres
- Outdated cybercrime laws that do not effectively address modern fraud methods, such as “pig butchering” romance-investment scams or crypto-related fraud
These factors combined to create an environment where sophisticated cybercriminal operations could flourish with minimal resistance.
THE RAIDS: 2026 Tells the Story
In just the first few months of 2026, Sri Lankan authorities uncovered multiple large-scale scam centres:
- March 2026: 135 Chinese nationals arrested for operating scam operations
- April 2026: 152 foreign nationals—mostly Chinese—arrested at a hotel in Chilaw, north-western Sri Lanka, running a fully operational scam centre
- 2 May 2026 (Rajagiriya, Colombo):
- 120 foreign nationals were arrested from a multi-storey apartment on Meda Welikada Road
- Nationals from China, Vietnam, Malaysia, Cambodia, the Philippines, Thailand, and Madagascar
- Large quantities of laptops and mobile phones were seized
- 3 May 2026 (Talangama, Colombo):
- 37 Chinese nationals arrested
- 35 tablets, 147 mobile phones, and 100 SIM cards confiscated
In Q1 of 2026 alone, arrests exceeded over 50% of all cyber-scam-related arrests recorded in 2025.
If this trend continues, Sri Lanka could see 600+ such cases by the end of the year, more than double the combined figures of 2024 and 2025.
WHILE SCAMMERS OPERATED FROM SRI LANKA, SRI LANKA WAS HACKED
Even as foreign scammers operated from within the country, Sri Lanka itself became a target.
Between December 2025 and March 2026, hackers infiltrated the Ministry of Finance’s External Resources Department email systems.
- Five official payment tranches were intercepted
- USD 2.5 million, intended for Australia’s debt repayment, was diverted to unknown accounts
- Australia only detected the fraud when the funds failed to arrive
- This represents the largest cyber theft from a Sri Lankan state institution in history
- Four to five senior officials from the Public Debt Management Office were suspended
- Days later, another USD 625,000 payment intended for the US Postal Service went missing
- A further attempt to divert a payment to India was narrowly detected and stopped
At the very same time, the Ministry of Finance was running newspaper advertisements warning citizens about cyber scams, while its own systems were being exploited through basic email-based authorisation failures.