A Cat and Mouse Game: How Cyberfraud Syndicates Evade Responsive Policing by Adapting Motivational Postures in China and the Golden Triangle

Abstract

How have cyberfraud syndicates in China and the Golden Triangle adapted to intensified policing campaigns since 2023? Drawing on Braithwaite’s motivational postures theory, we examine three fraud typologies—concert ticket scams, airline refund fraud, and transnational kidnapping for ransom—mapped to their adaptive postures of tactical disengagement, tech-driven game-playing, and defiant resistance, which are used to evade responsive policing. In-depth interviews with 66 victims, police officers, chamber members, and informants reveal how cyberfraud syndicates exploit enforcement gaps and vulnerabilities in victims to evade detection and law enforcement campaigns. The study addresses a critical gap by bridging motivational posturing and responsive policing, underscoring the need for more effective enforcement strategies to counter cyberfraud syndicates’ efforts to evade detection and responsive policing.

Keywords

cyber crime policing qualitative restorative justice

Introduction

In recent years, cybercrime has emerged as a pressing and widely discussed topic in academia (Fissel & Lee, 2023; Lee, 2021, 2022; Manning et al., 2025; Zhou et al., 2024a). While substantial criminological research on cybercrime has analyzed and deconstructed various crime forms such as romance scams (Dickinson et al., 2023) and victimization (Kim & Lee, 2025), few have examined the evolving subjective strategies of cybercriminals, which have persisted and even adapted despite repeated enforcement efforts in recent years. Particularly following the targeted policing enforcement on the global cyberfraud hub in the Golden Triangle (the mountainous areas bordering Myanmar, Thailand, Laos, and China) between 2023 and 2025, many cyberfraud syndicates have relocated to neighboring countries such as Cambodia, the Philippines, and Laos, where they have become smaller and more covert (U.S. Embassy in Cambodia, 2024). It is unclear how cyberfraud syndicates adapted to intensified policing campaigns since 2023.

Why does cyberfraud persist despite enforcement? How do cyberfraud syndicates adapt (Zhou et al., 2026) and “upgrade” their criminal strategies to evade policing to ensure their continued operation? What challenges do they pose to existing policing frameworks? These questions serve as the starting point for this study. By adopting an offender-centric approach, this study seeks to reconstruct the adaptations of cyberfraud syndicates in the Golden Triangle amid intensive policing in recent years. To address this gap, this study introduces the motivational postures theory, originally developed in the context of tax compliance (V. Braithwaite, 1995, 2003; V. Braithwaite et al., 1994), into the field of cybercrime research. By bridging regulatory theory and criminology, this study aims to reinterpret and renew cybercrime theories through the lens of criminal adaptation. Drawing on the core tenets of motivational postures theory, we identify three contemporary cyberfraud motivational postures: (1) concert ticket fraud, (2) airline refund scams, and (3) transnational kidnapping for ransom, and map them respectively to tactical disengagement, tech-driven game playing, and defiant resistance. We further elaborate on these postures by integrating the regulatory pyramid, offering a gradient model to illustrate how cybercriminal behavior evolves and escalates in response to law enforcement. Motivational postures theory is particularly apt for this analysis, as it adeptly captures the spectrum of offender attitudes toward regulatory authority, mirroring the adaptive behaviors observed in cybercrime syndicates facing responsive policing (J. Sun et al., 2026).

The following article is structured as follows: we begin by reviewing the academic literature on cyberfraud, policing enforcement, and motivational postures. We then propose a pyramid of motivational postures to analyze three new types of cyberfraud that are used to evade responsive policing. We then introduce our methods and data in this study. Following that, we illustrate tactical disengagement in concert ticket fraud, tech-driven game playing in airline refund scams, and defiant resistance in transnational kidnapping for ransom, based on empirical evidence from mainland China, Hong Kong, and Myanmar. We finally discuss policy implementations and conclude by acknowledging the limitations of this study.

Literature Review and Theoretical Framework of Cyberfraud Policing

Cybercrime: Patterns, Processes, and Implications

Victim vulnerability remains a central theme in cybercrime research. The evolution of online romance scams illustrates how traditional fraud adapts to digital platforms. Studies emphasize the reciprocal communication between offenders and victims, revealing impression management, emotional manipulation, and dynamic risk-resilience factors (Wang, 2024; Wang & Topalli, 2024). Rhetorical and persuasive strategies in “Pig-Butchering” scams demonstrate that cyberfraud is often premeditated and systematic (Wang & Zhou, 2023). Offenders exploit vulnerabilities such as diminished information processing and emotional preferences, particularly among the elderly (Xu et al., 2024; Zhou et al., 2024b). Victimization also produces profound psychological impacts, including multi-stage responses observed in cyber sextortion (Wang, 2025). These insights support victim-sensitive crime control policies and restorative governance that address evolving online harms (J. Braithwaite, 2002; J. Sun & Gu, 2026; Zhang, 2021; Zhang et al., 2023; Zhang & Xia, 2021). From the offenders’ perspective, dark web forum research shows cyberfraudsters conceptualize money in multifaceted ways—easy, difficult, tangible, initial, and risky—challenging simplistic rational choice theories (Wang et al., 2025). Effective deterrence thus demands nuanced understanding of the symbolic and instrumental meanings attached to digital proceeds.

Furthermore, emerging cybercrimes introduce fresh complexities for offenders and regulators (Kim & Lee, 2025; J. Sun & Gu, 2026). Distinctive features like global reach, anonymity, virtual-to-physical attacks, and avatar liability mark rapid shifts in the landscape (Zhou et al., 2024a). Analysis of e-commerce cyberfraud in China reveals evolving patterns linked to specific media types amid technological change (Lee, 2021, 2022). These developments underscore the need for tailored, forward-looking regulations that tackle epistemological, ethical, and practical challenges of responsive policing.

Cyberfraud and Policing Enforcement in China

Contemporary criminological scholarship increasingly recognizes the complex interplay between social institutions, economic forces, and the public’s relationship with law enforcement in shaping patterns of crime and policing. Recent studies offer valuable frameworks for understanding cybercrime and policing. In highly commercialized environments, economic motivations may override other institutions (I. Y. Sun et al., 2011). This may be relevant for cybercrime trends amid the growing digital divide and political inequalities. The adaptability of borderland criminal groups in Kokang, Myanmar (Peng, 2026) mirrors how cyberfraud syndicates exploit jurisdictional and enforcement vulnerabilities. Studies on Chinese university students further show that while routine online activities increase exposure to cyberfraud, financial victimization risk is more closely linked to target suitability and policing effectiveness (Li et al., 2021; Lin et al., 2025; Qu et al., 2024; I. Y. Sun et al., 2013).

Meanwhile, the rapid expansion of China’s digital economy has unfortunately been accompanied by a significant rise in cyberfraud, particularly in customer-to-customer (C2C) marketplaces. Detailed crime script analysis of C2C fraud on prominent Chinese digital platforms reveals a systematic approach in which syndicates can adapt to maximize impact and evade detection (Lee, 2022). Crucially, the success of many C2C and related consumer-facing frauds hinges on manipulating trust (Lo & Kan, 2023). This trust-building process represents a sophisticated “motivational posture” (V. Braithwaite, 1995, 2003) designed to lure victims into subsequent, larger frauds, which is a central theme in understanding how cyberfraud syndicates adapt and, critically, how they evade responsive policing efforts in China and beyond. This dynamic has evolved alongside a severe surge in cyberfraud in China and Southeast Asia over recent years, resulting in substantial economic losses and widespread public concern about cybersecurity.

Motivational Postures of Cyberfraud Syndicates in Evading Responsive Policing

A nuanced understanding of compliance and non-compliance is essential for effective policing strategies, particularly in cybercrime. Motivational postures theory offers a sophisticated framework for analyzing how individuals and organizations respond to regulatory authorities (V. Braithwaite, 1995, 2003). Originally developed in tax compliance research, the theory identifies five distinct postures: commitment, capitulation, resistance, disengagement, and game playing (V. Braithwaite, 1995, 2003). Commitment reflects a genuine moral obligation and goodwill toward compliance, viewing it as a civic duty that benefits society. Capitulation involves pragmatic compliance based on trust that authorities will respond with respect and fairness. In contrast, the remaining three postures embody defiance. Resistance is characterized by skepticism and active opposition, perceiving regulators as adversarial and deriving value from standing against perceived overreach. Disengagement denotes emotional detachment, where individuals feel indifferent to rules and see little personal consequence in violation. Game playing treats compliance as a strategic contest, with satisfaction gained from exploiting loopholes and outsmarting the system.

Collectively, these postures reveal the complex, dynamic nature of regulation, showing that compliance is not merely a response to deterrence or persuasion but is rooted in the perceptions and motivational complexity of regulatees (V. Braithwaite et al., 1994). In the tax context, commitment and capitulation often “disable defiance,” while resistance, disengagement, and game playing typically “enable resistant/dismissive defiance” (V. Braithwaite, 2009, p. 38). These insights underscore the need to view regulatees as dynamic, multidimensional actors (V. Braithwaite, 2003).

Theoretical Framework: Pyramid of Motivational Posture of Cybercrime

In China, transnational cyberfraud has emerged as a paramount threat to financial security (Mallard & Sun, 2022, 2024; J. Sun, 2025) and social stability (Lee, 2021, 2022; Tiwari et al., 2025a; Tiwari et al., 2025b; Zhou et al., 2024a). Cyberfraud syndicates operating in the Golden Triangle region of northern Myanmar pose particular risks to Chinese citizens. The area’s porous borders, armed factions, and weak regulatory oversight have fostered criminal enclaves disguised as industrial parks or economic zones. These operations encompass cyberfraud, kidnapping for ransom, and human trafficking, with Chinese victims suffering substantial economic losses. According to the United Nations Office on Drugs and Crime (UNODC, 2025), the online fraud industry in Southeast Asia generated approximately 37 billion USD in losses across East and Southeast Asia in 2023, surpassing drug trafficking profits. Since 2023, Chinese police have intensified crackdowns, shutting down several large-scale scam parks (e.g., KK Park, Myawaddy, and Myanmar) previously protected by local warlords.

Despite these efforts, many syndicates have relocated to Cambodia, the Philippines, and Laos. Cybercrime continues to evolve into novel forms as syndicates develop countermeasures to evade responsive policing (Hine et al., 2025; J. Sun & Gu, 2026). Yet academic literature still lacks a systematic review of enforcement efforts against what has become the world’s largest cyberfraud hub. It remains unclear how these syndicates have adapted to intensified campaigns since 2023. This reveals a critical research gap: both academia and policing lack robust frameworks for analyzing the rapid evolution of cybercriminal tactics.

A nuanced understanding of regulatory environments is essential for effective cybercrime policing, where traditional theories often fail to capture the dynamic offender-regulator interplay. This study applies the motivational postures framework (V. Braithwaite, 1995, 2003; V. Braithwaite et al., 1994) to conceptualize cybercriminals’ postures and link them to responsive policing (J. Sun & Gu, 2026). Analysis identified three postures—disengagement, game playing, and resistance—rather than the full five. All three orient toward “enabling defiance,” in contrast to commitment and capitulation, which “disable defiance” in conventional settings (V. Braithwaite, 2009, p. 38). Unlike tax regulation involving ordinary citizens, cybercrime concentrates defiance among criminal actors. The study therefore differentiates these three defiant postures and examines how each reflects the step-by-step strategic adaptation and escalation by cyberfraud syndicates to evade current responsive policing measures (Figure 1).

Figure 1.

Pyramid of responsive policing and the proposed pyramid of motivational posture of cybercrime.

We identified three typical motivational postures among cyberfraud syndicates across different crime types. Tactical disengagement is prevalent in concert ticket fraud. Offenders display emotional detachment, numbness, and self-exempting strategies, disregarding moral and legal norms (V. Braithwaite, 2003). Under intensive policing pressure, they have abandoned traditional activities likely to trigger enforcement. Instead, they exploit thresholds in restorative policing through minor offenses and guerrilla tactics, keeping crimes below the level that activates police response. This type features low technical barriers, high concealment, repeated quick-profit offenses, and unknown victims, making tracing difficult.

Tech-driven game playing dominates airline refund scams. Offenders treat crime as an intellectual challenge, deriving satisfaction from identifying system flaws, exploiting security gaps, and outsmarting technology and victims (V. Braithwaite, 2003). By obtaining accurate personal information through ticketing system loopholes, they create highly convincing scams. Intelligence-led deterrence proves ineffective against such sophisticated countermeasures. The approach relies on technological evasion, systematic data theft, and high operational skill, enabling further economic offenses.

Defiant resistance is most evident in transnational kidnapping for ransom. Offenders perceive policing authorities as adversaries and engage in calculated conflicts, fully aware of incapacitative policing power. They blend anger, provocation, and caution while securing subsistence through crime. This posture is reflected in their shift from severe crimes (murder, rape, or reselling victims) to kidnapping for ransom (property crime). They deliberately avoid direct confrontation by using indirect third-party negotiations for victim release, seeking economic rewards while mitigating risk under policing pressure. This crime type is more technically complex and organizationally advanced, posing significant challenges to political and legal systems.

These three postures form a continuous spectrum, revealing distinct psychological mechanisms, behavioral strategies, and authority relationships. Through theoretical migration, the study confirms the explanatory power of motivational postures theory in cybercrime research (V. Braithwaite, 2003). Empirical findings also show that a significant proportion of cyberfraud targeting university students remains unreported due to tracing and enforcement difficulties. These insights can refine responsive policing frameworks. The persistent cat-and-mouse dynamic between syndicates and policing demands agile regulatory approaches that anticipate criminal adaptations and evolve alongside shifting motivational postures.

Data and Methods

Southeast Asian cyberfraud syndicates are mainly concentrated in northern and eastern Myanmar (e.g., the Kokang and Myawaddy regions), along the Thai border, in Sihanoukville, Cambodia, and the Golden Triangle Special Economic Zone in Laos, among other sites. These compounds are often disguised as industrial parks or special economic zones, where internal criminal operations include telecommunications and online fraud, kidnapping for ransom, and human trafficking. The emergence of these syndicates dates back to the 2000s, when China’s gambling bans drove criminal groups to relocate to Southeast Asia. They initially focused on illegal gambling before shifting into online fraud. Many operations enjoy patronage from local armed groups and criminal syndicates (e.g., the “Four Families” in northern Myanmar: the Bai, Liu, Wei, and Ming clans). In 2023, cases of Chinese citizens being trafficked into these scam parks surged. Victims were coerced into cyberfraud activities such as romance scams and fake investment schemes; those failing to meet quotas faced beatings, detention, or even organ harvesting. These incidents sparked boycotts by millions of Chinese against countries including Thailand. In response to domestic anxiety and damage to its international image, Chinese police launched a joint cross-border policing campaign in 2023, collaborating with Southeast Asian nations to combat local cybercrime. Through tripartite efforts by China, Myanmar, and Thailand, over 60,000 Chinese nationals suspected of involvement in cyberfraud have been repatriated from Southeast Asia since 2023. Chinese provinces bordering the Golden Triangle, such as Yunnan, have rapidly strengthened surveillance and interception measures. In 2024, registered cyberfraud cases and associated financial losses in Yunnan decreased by 8.56% and 22.82%, respectively (Ministry of Public Security of the People’s Republic of China [MPS], 2025a). Targeted enforcement against Myanmar-based syndicates led to the arrest of key high-profile leaders from the notorious “Four Major Families” in Kokang. Dozens of scam parks were dismantled (e.g., Myanmar’s KK Park, comprising 494 buildings related to gambling and fraud across hundreds of hectares; MPS, 2024, 2025b). The operations covered northern to eastern Myanmar and targeted an industry worth tens of billions of dollars. Despite the extensive crackdown, many fraud compounds have relocated to places like Cambodia, Laos, and the Philippines, operating on smaller scales and in more concealed forms, making complete eradication difficult.

To further capture the dynamics of the cybercriminals in the current context, this study employs qualitative research methods to explore the adaptive strategies and motivational postures of cyberfraud syndicates, as well as the responses of law enforcement and intermediary actors in the evolving cybercrime landscape between China and Southeast Asia. Through in-depth and semi-structured interviews (Xu et al., 2024), official archives, judicial decisions, and media reports. The interview protocol was informed by preliminary fieldwork and a review of prior literature on cybercrime adaptation and policing challenges.

Participants were recruited through purposive and snowball sampling to ensure access to key informants with relevant knowledge and experience. Recruitment continued until thematic saturation was reached, defined as the point at which subsequent interviews yielded no substantively new insights into the core research questions. Interviews adhered to ethical standards, with informed consent obtained and data anonymized. Interviews were conducted in Chinese or English, depending on the participant’s preference, and were audio-recorded with prior informed consent. All recordings were transcribed verbatim and thematically analyzed to identify patterns in strategies, postures, and regulatory interactions.

A total of 66 interviews were conducted in 2025 (Table 1). We conducted 15 interviews with officials from government regulatory agencies, including the Bureau of Culture and Tourism and the Civil Aviation Administration of China, and Guangdong police officers who have frontline experience in handling cybercrimes. These interviews focused on enforcement strategies, regulatory considerations, and the practical challenges involved in combating transnational cybercrime. Moreover, six interviews were conducted with members of the Chaoshan Chamber of Commerce from mainland China and Hong Kong, given their unique intermediary role in ransom negotiations and victim rescue in transnational kidnapping-for-ransom cases. Furthermore, five informants from Myanmar provided first-hand insights into the criminal infrastructure and evolving tactics of cyberfraud syndicates, particularly as these groups shifted operations deeper into Myanmar in response to intensified Chinese law enforcement pressure. We conducted a survey of university students in Guangzhou’s University Town to identify the most common types of cyberfraud they encounter (Figure 2). A further 30 interviews were conducted with university students from four randomly selected institutions in Guangzhou’s University Town, China, including both victims of cyberfraud and non-victims, to capture a range of experiences and risk perceptions. University students have been identified as a key target group for concert ticket fraud and airline refund scams, owing to their high demand for cultural and travel consumption but limited financial resources. Interviews with 10 student affairs counselors complemented this data, providing perspectives on student vulnerabilities and cross-generational trends in victimization.

Table 1.

The Respondents’ Profile in the Fieldwork.

Respondent category	Number	Primary role/focus
Government Regulatory Officials	6	Enforcement strategies, regulatory challenges, and inter-agency coordination in combating transnational cybercrime.
Guangdong Police Officers	9	Frontline experience in prevention, investigation, and the practical limitations of policing frameworks.
Informants from Myanmar	5	First-hand insights into criminal infrastructure and tactical shifts of cyberfraud syndicates post-enforcement.
University Students (Guangzhou)	30	Experiences and risk perceptions related to concert ticket fraud and airline refund scams; victim perspectives.
Student Affairs Counselors	10	Perspectives on student vulnerability and institutional responses.
China Chaoshan Chamber of Commerce	6	Intermediary role in ransom negotiation and victim rescue in transnational kidnapping for ransom cases.

Figure 2.

Statistical overview of common cyberfraud targeting university students.

Our fieldwork was primarily conducted in Guangdong, the most economically dynamic and populous province in mainland China, with a resident population of 127.8 million as of the end of 2024. Guangdong, as a magnet for internal migration and a hub for digital economy activity, is a focal point for both cybercrime victimization and innovative policing responses. Specifically, Guangzhou’s University Town, which hosts 12 universities and approximately 200,000 students, served as a key sampling site due to its scale and the high vulnerability of students to cyberfraud. We selected two of the most statistically typical and highly prevalent types of cyberfraud targeting university students for analysis: concert ticket fraud and airline refund scam, as they exemplify low-threshold crime and tech-driven cybercrime, respectively. Although part-time job fraud ranks as the second most identified category, it shares fundamental characteristics with concert ticket fraud. The inclusion of regulatory officials and police officers ensured access to the perspectives of those directly involved in policy implementation and enforcement. Furthermore, the unique involvement of the China Chaoshan Chamber of Commerce, identified during fieldwork, emerged as a critical component of our study. With a history spanning over six centuries and an extensive network in Southeast Asia, the Chamber has played a pivotal role in negotiating with cyberfraud syndicates and securing the release of kidnapping victims, often with the tacit coordination with local police. Their ability to mediate with cyberfraud syndicates, rooted in deep local connections and mutual economic interests, offers a rare window into law enforcement in high-risk, transnational cases.

Tactical Disengagement of Offenders in Concert Ticket Fraud

Offenders employ tactical disengagement through concert ticket fraud. Tactical disengagement was originally a strategy adopted in law enforcement practice whereby officers could withdraw from the scene or cease interaction, upon reasonable judgment that continued engagement might pose undue risks to the involved parties, the public, or themselves. This approach aims to reduce potential harm, enhance enforcement safety, and, under certain circumstances, help to ease conflicts, build public trust, and safeguard life (Los Angeles Police Department, 2019).

Conversely, concert ticket fraud can be regarded as a reverse imitation of the concept of “tactical disengagement” in law enforcement. Cybercriminals’ strategic focus has shifted to low-harm crimes with high frequency and low confrontation to gain quick money. Facing the continuous high-pressure law enforcement initiatives, cyberfraud syndicates in northern Myanmar have escalated their criminal tactics. Traditional cyberfraud (e.g., impersonation scams and romance scams) with large transfers often triggers a real-time interception mechanism between banks and the police, significantly raising the threshold and risk of criminal implementation. They are therefore gradually shifting from previous high-value and easily traceable fraud models to low-harm fraud to gain quick money. In crimes like “concert ticket fraud,” the amount involved in a single crime is usually limited to under 430 USD (a filing threshold of law enforcement), which utilizes restorative policing and enhances the concealment of the crime. In current law enforcement, for crimes involving a low amount of 430 USD, the police tend to handle them through restorative justice procedures, which often lead to non-enforceable regulations after educational actions. However, concert ticket prices typically fall below 430 USD, with the cheapest nosebleed seats costing several dozen dollars and premium options such as floor seats or VIP tickets ranging from 359 to 430 USD. In cases of concert ticket fraud involving amounts below the threshold, police usually accept reports but do not conduct a formal investigation, which weakens law enforcement’s deterrence. Meanwhile, government agencies also show uncertainty in their responsibilities: cultural and tourism departments often do not view ticket fraud as part of their scope of duty. As the offender confessed:

I found that on a social platform, simply registering an account allowed me to pose as a fan and post ticket resale ads. I used affectionate language to build rapport, collected ticket photos to present myself as an internal agent, and tricked the victim into multiple transfers (Guangming Daily, 2025).

It usually happens when victims pay for concert tickets online, but the seller neither delivers the tickets nor stays in contact, eventually disappearing. As described in a cyberfraud judgment on Ma’s fraud, the criminal confessed to the following method of operation: after receiving payments, the offender spent the funds on personal luxuries and evaded recovery by deleting social media accounts and deactivating phone numbers.¹ Once the concert is over, the number of case leads drops significantly, and the difficulty of investigation and tracking increases markedly. Cyberfraud syndicates often use popular social media platforms (e.g., WeChat and QQ) and tech-neutral sites, pretending to be ticket sellers to capitalize on fans’ urgency to buy tickets. For instance, as documented in a cyberfraud judgment, the criminal described how his upstream contact possessed several QQ accounts and changed them frequently. By constantly rotating these virtual identities, the offender artificially created breakpoints in the chain of contact. This ensures that if any link in the criminal activity comes under investigation, the connections can be swiftly severed, creating conditions for disengagement.² Most platforms rely on the safe harbor principle, positioning themselves as information intermediaries rather than transaction parties, thus avoiding responsibilities. Furthermore, most concerts currently require real-name ticket booking, but do not implement it in conjunction with real-name entry. This is because, although the real-name entry could effectively reduce the secondary resale of tickets, it faces significant resistance from consumers, as audiences would have to take the loss if they are unable to attend on time.

Cyberfraud syndicates precisely identify victims with large numbers and low vigilance as their prime targets for concert ticket fraud. Some young victims, constrained by financial constraints yet facing high expenses from activities such as star-chasing or travel, are particularly vulnerable. Cyberfraud syndicates often create scenarios, such as offering special discounts or exclusive channels, gradually earning victims’ trust before convincing them to transfer money with promises of benefits. Victims often make irrational decisions driven by profit-seeking instincts, ultimately falling into the fraud trap. Below are two typical interview cases.

I lost $460 in a December 2023 concert ticket scam. After transferring payment, the seller became uncontactable, and the case was reported to the police (Fan, a student at Guangzhou’s University Town).

I lost $65 in a similar December 2023 scam. After paying for tickets, I received nothing and could not contact the seller (Luo, a student at Guangzhou’s University Town).

Concert ticket fraud is not accidental. It originates from a significant imbalance between supply and demand in the concert ticket market. Tickets for popular events are in high demand while the supply is limited. Cyberfraud syndicates specifically exploit this supply-demand gap as a business opportunity. The crime process usually occurs in two steps. First, cyberfraud syndicates attract victims with posts like “transferring remaining tickets” or “selling at original price” on social media platforms. They further encourage victims to move to private channels such as WeChat or QQ, to avoid platform regulation. Even on secondary-hand trading platforms with specific regulations, like Xianyu, cyberfraud syndicates claim issues like “high platform fees,” “upgrade options for premium,” or “deposit required” to persuade buyers to switch to a personal private account to contact them. These platforms have large user bases and rapid information flow, which makes it difficult for current monitors to quickly and thoroughly block suspicious content. They may also promise “tickets will be mailed after confirmation of receipt,” then delete their accounts and vanish after receiving payment. From the university management perspective, such fraud usually falls outside the scope of regular student affairs. As one student affairs counselor mentioned in the interview:

Concert ticket fraud preys on student enthusiasm, acting as a ‘tax on intelligence’. University intervention is limited by the large student body, and the region’s proximity to Hong Kong and Macau, with frequent large-scale concerts, further complicates oversight.

Cyberfraud syndicates often claim to have “internal channels” or “scarce ticket sources,” exploiting young victims’ desire to meet idols to gradually establish trust and induce transactions. These so-called “internal tickets” typically refer to approximately 30% of tickets not sold to the public, such as staff tickets or complimentary tickets, which can enter the grey market under names like “gifted tickets,” becoming tools for scalpers to attract potential buyers. After potential buyers take the bait, they will further induce, “If the deposit and balance are not paid as soon as possible, the tickets will be snatched by others immediately (People’s Procuratorate of Zhejiang, 2025).” Use the rhetoric to enhance a sense of urgency and facilitate quick transfers. Furthermore, internet scalpers exacerbate the problem by utilizing technical tools. They often use illegal software and crawler technology to get tickets at once or hire agent ticket-buyers to corner the market. Some ticket-grabbing programs can refresh every 100 ms, making it extremely difficult for ordinary users to book tickets, which leads some victims to turn to unofficial channels, increasing the risk of being exposed to cybercrimes (Peoples, 2024).

Cyberfraud syndicates in concert ticket fraud even exploit victims’ psychological vulnerabilities. Many small-scale fraud victims hold negative attitudes toward reporting, expecting that the costs in time and money to recover could be more than the amount lost. The common belief that recovery of loss is unlikely further discourages reporting. Furthermore, some victims remain silent due to privacy concerns or shame, such as young victims fearing family disapproval for being deceived while pursuing their idols. Moreover, most frauds are carried out using unregistered instant messaging accounts that lack traceable identity information and direct reporting channels, creating practical barriers for victims to report.

Cyberfraud syndicates in concert ticket fraud exhibit moral numbness and emotional detachment. Through self-justifying mechanisms, cyberfraud syndicates dissociate themselves from social norms and do not see the rules as applicable to them:

Exploiting platform and payment loopholes delays detection. Even if blocked, I can change identities and move on.

Although these cybercriminals explicitly acknowledge the criminal nature of their actions, they create psychological shielding through self-rationalizing narratives, such as “a willing buyer and a willing seller” or “I am just selling tickets.” Some offenders even thought it was an economic dispute rather than a fraud (China Internet Information Center, 2026), thereby maintaining emotional detachment.

Tech-Driven Game Playing of Offenders in Airline Refund Scams

Offenders use the strategy of tech-driven game playing in airline refund scams to avoid intelligence-led policing. They perceive crime as an intellectual game, exploiting systemic loopholes with technical confidence to commit fraud and derive psychological satisfaction from outsmarting security measures and victims, thereby challenging intelligence-led deterrence (V. Braithwaite, 2003). Intelligence-led policing refers to the transformation of the policing model from the traditional passive response or prosecution-centered to a more proactive crime prevention. The core lies in placing the broad sense of criminal intelligence information at the key position in crime prevention and control decisions (Burcher & Whelan, 2018).

Despite extensive cybersecurity measures, vulnerabilities persist in systems such as airline ticketing, where interoperability with third-party platforms creates multiple data leak points. In this information-rich environment, offenders exploit large-scale personal data leaks by engaging in tech-driven scams like airline refund fraud, hacking, or impersonating airline systems to precisely target victims using stolen passenger details. A core policing challenge lies in the lack of cross-regional and inter-agency effectiveness (Burcher & Whelan, 2018), as these syndicates operate across jurisdictions without a unified administrative network connecting banks, platforms, aviation systems, and police. Coordinated enforcement is often inefficient and resource-intensive, leading many cases to be shelved. Criminals capitalize on this gap, anticipating that most scams will be dropped and losses will remain with the victims.

A common scam involves victims receiving calls from individuals impersonating airline customer service, warning about flight delays and instructing them to download a specific app to process refunds or changes. Ultimately, this app is used to transfer money out of the victim’s bank account. As one police officer involved in scam investigations stated that:

Audiences booking flights with concert tickets create a natural crime opportunity. Perpetrators use DDoS attacks and the law of large numbers to ensure someone will always fall for it.

A criminal who impersonated the airline customer service to carry out “refund fraud” in a cyberfraud case confessed:

I posed as an airline agent, called victims about flight delays and refunds, guided them into a screen-sharing meeting, and used verbal tactics to confuse them into transferring money to fraudulent accounts.³

Moreover, although civil aviation ticketing systems have firewalls, their open design, which facilitates collaboration among agencies, also makes them vulnerable to hacking. Hackers who break into ticket systems to steal personal information from victims demonstrate the advanced and organized strategies of these scams. They also check real-time weather updates, using alerts about typhoons or heavy rain to trick victims into asking for refunds or ticket changes. Because the weather aligns with what victims expect, trust builds quickly, making it difficult to spot the scam. As the offender confessed:

I make over 100 calls daily. 20-30% believe me because I accurately provide their name and flight details. Rushed travelers fail to verify, and infrequent flyers are most easily deceived.

Driven by profit motives, victims are more likely to take risks, fall prey to cognitive biases, and ultimately become ensnared in the trap. Most cases we examined among students involved such profit-driven incentives:

On July 18, 2025, Student A received a call with accurate flight details, was told of a flight issue and offered compensation. Following instructions, they downloaded “Good Office,” granted screen-sharing access under the guise of recording, then opened a banking app and entered credentials. Instead of compensation, $688 was deducted.

Compared to the concert ticket fraud, the airline refund scam involves higher levels of technical complexity and psychological manipulation. They exploit the fact that some young victims have limited financial resources but strong desires to travel by creating appealing scenarios that lead to trust acquisitions. Once trust is built, cyberfraud syndicates often claim that following their instructions will lead to financial gains. As the offender described:

After contacting the customer, we claimed to offer 300-500 yuan in compensation for flight delays or cancellations, stating that refunds or rescheduling could only be processed once the compensation was received.

After successfully building trust and motivating victims, fraudsters often create fake official websites to trick them into voluntarily entering personal information. They also use remote control tools and malicious apps to secretly obtain critical details, such as bank card numbers, passwords, and verification codes, ultimately transferring funds. The criminal process of evading investigation, as further confessed by the offender:

The compensation is a fabrication to lure victims. Customers are guided to initiate a collection request, but the page shows that the recipient is a corporate account and cannot proceed. The scammer then uses a scripted excuse—‘you did not enable the corporate collection function’—to trick victims into downloading a screen-sharing app.

After downloading the App, the ultimate goal is to transfer the money from the victims’ bank cards:

The ‘gunman’ finalizes the fraud by requesting screen sharing under the guise of anti-fraud monitoring, then guides the victim to enter bank card details and verification codes, checks balances, and targets the card with the largest balance first.

Airline refund scams exploit victims’ anxiety and self-blame. Young victims, a vulnerable group, are often repeatedly targeted and hesitate to report cases, similar to concert ticket fraud. The flight ticket serves merely as a pretext to obtain bank card information and passwords. These cyberfraud syndicates show strong counter-surveillance skills, using deceptive apps with manipulable backend data, overseas servers, and instant evidence destruction by deleting records and dissolving groups after transfers, greatly complicating policing.

Defiant Resistance of Offenders in Transnational Kidnapping for Ransom

Offenders employ the method of defiant resistance in transnational kidnapping for ransom to avoid incapacitative policing. Criminals strategically shift from severe personal crimes to technically sophisticated property crimes, aiming for economic gain while evading direct police confrontation through third-party negotiations. In northern Myanmar, multiple cyberfraud syndicates have been led by the “Four Major Families” and systematically set up the cybercrime infrastructure and openly sheltered their criminal activities with the help of local armed forces. Since the incapacitative policing was launched, the police forces of China and Myanmar have jointly arrested over 57,000 Chinese suspects involved in cyberfraud, dealing a devastating blow to the “Four Major Families” cyberfraud syndicates in Kokang. Among them, the Ming-Family case is the first family-owned crime in northern Myanmar to enter the trial process. The thirty-nine defendants involved are suspected of multiple charges, including fraud, intentional homicide, intentional injury, illegal detention, operating casinos, drug trafficking, and organizing prostitution (China Economic Net, 2024).

After the police’s crackdown on cyberfraud involving multiple serious violent crimes, cyberfraud syndicates of transnational kidnapping for ransom show defiant resistance. They now exhibit a clear tendency to avoid incapacitative policing, focusing on sustained profit and strict avoidance of killing the hostage. For example, their criminal strategies are based on sober predictions of responsive policing:

Going too far, like killing a hostage, would trigger the strongest police crackdown and end us all.

For instance, along the Myanmar-Thailand border, they explicitly prioritize obtaining money and use various tactics to prevent triggering large-scale multinational policing enforcement. In a ruling on the kidnapping for ransom case,⁴ criminals used luring to overseas casinos as a base and took advantage of the differences in judicial jurisdiction abroad to increase the difficulty of investigation. The syndicates feature a clear division of labor (recruiting targets, violent control, and money laundering). These operational segments are deliberately segregated to minimize overall exposure from any single point of compromise. In addition, they exploit jurisdictional differences by operating mobile units in overseas casinos, thereby complicating policing. Recordings of violence on victims (including handcuffs, leg irons, electric shocks, beatings, starvation, and forced nudity for humiliation) are sent to victims’ families for ransom. The syndicates further disguise kidnapping and extortion as “debt collection” by framing demands around alleged “debts,” thereby obfuscating the nature of the crime. Their main goal is to maintain long-term profitability without being completely wiped out by joint police forces. This crime mainly targets Chinese citizens abducted abroad, especially businesspeople, jobseekers, and their family members.

Due to the strong resistance of cyberfraud syndicates to police enforcement, they often involve credible third-party private organizations, such as business associations or chambers of commerce, to mediate negotiations in transnational kidnapping for ransom, which are used to clarify prices and prevent incapacitative policing. For instance, the Chaoshan Chamber of Commerce, which we identified in Guangdong, has emerged as a credible third-party mediator, facilitating the safe release of victims. These organizations often maintain deep economic ties with localities, thereby enabling them to secure opportunities to engage with cyberfraud syndicates and negotiate the release of victims. These organizations maintain a relatively neutral stance and avoid close affiliations with any single party, thereby preserving some mystery. Also, their extensive networks enable them to cultivate trust with cyberfraud syndicates. As the local chamber of commerce once remarked in an interview:

We never reveal our cards openly, but the other side knows who’s backing us.

According to data from the Chaoshan Chamber of Commerce in 2023, they accepted only 17 out of over 100 assistance requests but achieved a 100% success rate. This high success rate reflects a careful balance between capability and risk. One informant provided an in-depth observation of this phenomenon:

The public assumes all Chinese citizens trapped in cybercrime are victims and expects full-scale rescues. In fact, many joined voluntarily, and as commercial organizations, the chambers of commerce prioritize self-interest and lack the capacity to investigate each case.

The Chamber has developed a standardized rescue procedure. The first step is identity verification, confirming the victim’s hometown through cultural details such as dialect accent or ancestral hall name. This step stems from an unwritten internal rule: “priority rescue for Chaoshan natives.” Non-Chaoshan victims are required to pay higher commissions; the cost will be increased by at least 14,340 USD. A respondent explained the reason behind this: “Priority for Chaoshan natives stemmed from a 2024 incident: a non-Chaoshan victim reneged on an agreed ransom, damaging their credibility, and was later resold by syndicates.” This increases the possibility of being discovered by the police and triggering targeted policing. The second step is risk classification. The chamber of commerce categorizes criminal compounds into “negotiable types” (e.g., Kokang Old Street) and “hardline types” (e.g., Myawaddy) and classifies individuals awaiting rescue into categories such as “deceived,” “voluntary participants,” or “deceived but later stayed willingly.” The final step is closed-loop fund management. Families of victims must transfer the ransom to accounts supervised by the chamber of commerce, with payment split into three installments to ensure transaction security. A former “HR” in one cyberfraud syndicate revealed that ransoms generally cover three types of costs:

For a $50,189 ransom: $14,340 for local warlords, $14,340 for compound costs, $7,170 for Myanmar immigration bribes, and $14,340 as the boss’s net profit.

However, this process is only a strategy through which cyberfraud syndicates proactively reduce the harm of their crimes by engaging in transnational kidnapping for ransom to evade targeted policing. Crimes such as transnational kidnapping for ransom now mainly seek financial gain, unlike previous patterns where offenders showed indifference toward violent crimes against persons. In this context, third-party organizations such as the Chaoshan Chamber of Commerce play a supporting role by facilitating ransom payments to help victims avoid severe harm.

Discussion and Conclusion

This study addresses a critical gap in cybercrime research by examining how cyberfraud syndicates adapt to intensified responsive policing, particularly following targeted enforcement in regions such as the Golden Triangle. The aim is to reconstruct these evolving criminal adaptations and understand why cyberfraud persists despite enforcement efforts. To achieve this, we elucidate the evasion tactics against responsive policing by developing a gradient model that integrates the regulatory pyramid with three identified cyberfraud motivational postures.

Tactical disengagement, observed in concert ticket fraud, focuses on exploiting victims’ emotional weaknesses and regulatory gray areas to chase “quick money.” It has a low technical threshold, relying mainly on simple strategies rather than complex tricks to evade intensive policing campaigns and to take advantage of restorative policing. Tech-driven game playing, common in airline refund scams, goes beyond financial gain. Offenders exhibit a strong desire to showcase technical skills and demonstrate intellectual dominance. These syndicates engage in strategic planning, thoroughly studying ticketing system loopholes and opponents (victims and law enforcement). They seek not only money but also intellectual satisfaction, aiming to prove they are smarter than the system. Transnational kidnapping for ransom exhibits defiant resistance, characterized by skepticism and contempt toward regulatory agencies. They view police as adversaries and maintain a purely adversarial relationship. Rather than ignoring responsive policing, they strategically initiate calculated conflicts in a dangerous cat-and-mouse game. These offenders display highly calculated defiance with a deep understanding of political, legal, and economic systems. Their strategies—such as third-party negotiations, adhering to the “no hostage killings” rule, and controlling ransom amounts—are designed to precisely manage the balance between provoking authority and avoiding complete domination by the police.

The policy implications offer critical insights for policymakers, law enforcement, and financial institutions. The findings align with the special issue’s objectives by moving beyond a one-size-fits-all enforcement model toward a differentiated, adaptive global response to online financial crimes. The three motivational postures reveal that cyberfraud syndicates are not a monolithic threat but exhibit distinct operational logics and responses to policing. This necessitates a nuanced and scalable policy framework with three specific implications.

First, tactical disengagement among syndicates engaged in volume-based frauds, such as concert ticket scams, suggests these groups are highly responsive to opportunity structures and perceived risk. For policymakers and law enforcement, even low-level, persistent enforcement can be effective in displacing or deterring this tier of offending. However, the finding that these groups exploit “regulatory gray areas” and restorative justice mechanisms underscores the need for legislative reform. Policy should focus on closing loopholes in consumer protection and digital marketplace regulations, particularly concerning the resale of event tickets and platform liability. For law enforcement, a strategy of consistent, visible, and low-level disruption—rather than solely pursuing high-profile operations—may be most effective.

Second, tech-driven game playing in airline refund scams highlights the failure of current reactive, siloed enforcement models. This has profound implications for public-private partnerships. The strategic, cross-platform nature of these scams requires coordinated policy responses. Law enforcement agencies should be resourced to form dedicated “fusion centers” that combine investigative expertise with deep technological collaboration with the private sector, such as airlines and travel platforms. Policy must move beyond information-sharing to mandate proactive vulnerability assessments and create joint task forces that anticipate and counter technologically sophisticated offenders before they exploit systemic loopholes.

Third, defiant resistance exhibited by transnational kidnapping-for-ransom syndicates reveals a group for whom traditional deterrence and cooperative policing models are not only ineffective but may actively escalate the threat. For these actors, who view police as adversaries, policies must pivot from an exclusively incapacitative approach to one that strategically manages risk. A purely adversarial posture can lead to dangerous escalation of violence. Therefore, policy should formally recognize and regulate the emerging role of informal intermediaries, such as chambers of commerce, in ransom negotiations. Instead of viewing these intermediaries as a challenge to state authority, a more effective global policy response would establish a clear, regulated framework for their operations. This includes developing protocols for third-party negotiation, establishing legal protections and guidelines, and integrating them into a broader, escalatory regulatory strategy. This aligns with the special issue’s call for exploring new enforcement methods by shifting the goal in the most defiant cases from total eradication to containment and harm reduction, leveraging non-state actors as part of a calibrated response.

In sum, these policy implications answer the special issue’s call for empirical research informing policy for businesses, law enforcement, and legislation. By shifting to a stratified, responsive regulatory approach—calibrating intervention according to the offender’s motivational posture—policymakers can develop more effective strategies against evolving online financial crimes.

Finally, this study has several limitations. While it provides a macro-level analysis of strategic shifts among cyberfraud syndicates, the conclusions are drawn from a focused set of crime types. Although these crimes are prevalent and illustrative of broader adaptive dynamics, they do not encompass the full spectrum of cyberfraud. The identified patterns should therefore be interpreted as indicative rather than exhaustive. Future research incorporating a wider range of offenses is needed to refine and generalize observations regarding syndicate-level adaptation versus niche opportunism. Moreover, while the study highlights the emerging intermediary role of chambers of commerce in ransom negotiation, it does not fully resolve whether such informal actors undermine, complement, or reconfigure formal policing. Further investigation into transnational governance of public-private cooperation is necessary to understand how such intermediaries can be responsibly integrated into responsive regulation (Su & Sun, 2025; J. Sun et al., 2026).

Footnotes

Acknowledgements

We would like to thank the reviewers and the guest editor, Prof. Fangzhou Wang, for their particularly helpful comments and suggestions, and the research assistance provided by the following student assistants at Guangzhou University Town (including Guangdong University of Finance and Economics, Guangdong University of Foreign Studies, Southern Medical University, and Guangdong Pharmaceutical University): Su Qishun, Huang Yunshi, Ao Jinwei, and Qiao Shirao.

ORCID iD

Jin Sun

Ethical Considerations

All procedures performed in this study involving human participants were in accordance with the ethical standards of the research committees of the authors’ university and with the 1964 Helsinki Declaration. We obtained the research ethics approval from the Survey and Behavioural Research Ethics (SBRE) Committee at The Chinese University of Hong Kong (SBRE-25-0140).

Consent to Participate

Informed consent to participate was obtained from all participants in the study.

Consent for Publication

Consent for publication was obtained from all participants in the study.

Funding

The authors disclosed receipt of the following financial support for the research, authorship, and/or publication of this article: The research was funded by the research fund for Prof. Jin Sun at The Chinese University of Hong Kong.

Declaration of Conflicting Interests

The authors declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Data Availability Statement

Requests for access to the study data should be directed to the corresponding author*. Sharing data is subject to the approval of The Chinese University of Hong Kong.

Notes

Author Biographies

Prof. Jin Sun is Assistant Professor of Sociology, Executive Director of the Social Governance & Sustainable Development Lab, and Deputy Director of the Public Policy Research Center at the Chinese University of Hong Kong (CUHK). His articles have been published by the American Journal of Sociology, Annual Review of Law and Social Science, Socio-Economic Review, Asian Journal of Criminology, Journal of Chinese Governance, Policing & Society, Asian Journal of Public Policy, and other peer-reviewed journal. He obtained the best article award of Political-Economy of the World-System and that (Honorable Mention) of Economic Sociology at the American Sociological Association.

Ms. Shiyu Gu is a PhD student in the Department of Sociology at the Chinese University of Hong Kong. Herarticles have been published by the Asian Journal of Criminology, and Policing & Society.

Ms. Ruotong Su is a PhD student in the Department of Sociology at the Chinese University of Hong Kong. Her articles have been published in the Asian Journal of Criminology, and Asian Journal of Public Policy.

Dr. Yan Zhang serve as Deputy Director, Balzan Project at RegNet in the Australian National University. He obtained his PhD in criminology from the Australian National University. His research focuses on restorative justice, qualitative research, regulation and governance, and environmental justice. His publications appear in leading criminology and criminal justice journals. He has served as the managing editor of the Asian Journal of Criminology since 2012 and has been elected an executive board member of the Asian Criminological Society (2022–2027).

References

Braithwaite

(2002). Restorative justice & responsive regulation. Oxford University Press.

Braithwaite

(2003). Dancing with tax authorities: Motivational postures and non-compliant actions. Taxing Democracy, 3, 15–39.

Braithwaite

(2009). Defiance in taxation and governance: Resisting and dismissing authority in a democracy. Edward Elgar Publishing.

Braithwaite

(1995). Games of engagement: Postures within the regulatory community. Law & Policy, 17(3), 225–255.

Braithwaite

Gibson

Makkai

(1994). Regulatory styles, motivational postures and nursing home compliance. Law & Policy, 16(4), 363–394.

Burcher

Whelan

(2018). Intelligence-led policing in practice: Reflections from intelligence analysts. Police Quarterly, 22(2), 139–160.

China Economic Net. (2024). Northern Myanmar Ming Family cyberfraud syndicate indicted. http://www.ce.cn/xwzx/gnsz/gdxw/202412/30/t20241230_39251975.shtml

China Internet Information Center. (2026). Deceived out of over 50,000 yuan by trusting “internal channels” for tickets: Hubei Zaoyang hears a concert fraud case. https://www.toutiao.com/article/7595508831594005046/?&source=m_redirect

Dickinson

Wang

Maimon

(2023). What money can do: Examining the effects of rewards on online romance fraudsters’ deceptive strategies. Deviant Behavior, 44(9), 1386–1400.

10.

Fissel

E. R.

Lee

J. R.

(2023). The cybercrime illusion: Examining the impact of cybercrime misbeliefs on perceptions of cybercrime seriousness. Journal of Criminology, 56(2–3), 150–169.

11.

Guangming Daily. (2025). Star-chasing girl loses 6,280 yuan: Wuhan police arrest “ticket scalper” fraudster across provinces. https://m.gmw.cn/2025-11/10/content_1304219560.htm

12.

Hine

Davenport-Klunder

Creamer

Lattas

Burton

(2025). From evasion to retaliation: Exploring the motivations behind assaults on police. Policing and Society, 35, 1235–1255.

13.

Kim

Lee

C. S.

(2025). Cyberbullying victimization and perpetration in South Korean youth: Structural equation modeling and latent means analysis. Crime & Delinquency, 71(6–7), 2228–2252.

14.

Lee

C. S.

(2021). Online fraud victimization in China: A case study of Baidu Tieba. Victims & Offenders, 16(3), 343–362.

15.

Lee

C. S.

(2022). How online fraud victims are targeted in China: A crime script analysis of Baidu Tieba C2C fraud. Crime & Delinquency, 68(13–14), 2529–2553.

16.

Sun

I. Y.

Liu

(2021). The mediating roles of law legitimacy and police legitimacy in predicting cooperation with police in China. Journal of Criminology, 54(2), 201–219.

17.

Lin

Sun

I. Y.

(2025). Telecommunication and cyber fraud victimization among Chinese college students: An application of routine activity theory. Criminology & Criminal Justice, 25(3), 717–735.

18.

T. W.

Kan

W. S.

(2023). How to win trust: The case of P2P financial fraud in China. Journal of Criminology, 56(1), 116–135.

19.

Los Angeles Police Department. (2019). Training bulletin: Tactical disengagement (Volume XLVIII, Issue 5). Field Training Services Unit, Police Training and Education.

20.

Mallard

Sun

(2022). Viral governance: How unilateral US sanctions changed the rules of financial capitalism. American Journal of Sociology, 128(1), 144–188.

21.

Mallard

Sun

(2024). International law, security, and sanctions: A decolonial perspective on the transnational legal order of sanctions. Annual Review of Law and Social Science, 20, 97–116.

22.

Manning

Akartuna

E. A.

Johnson

(2025). Opportunities to future crime: Scoping the future of money laundering and terrorist financing through cryptoassets. Technological Forecasting and Social Change, 210, Article 123894.

23.

Ministry of Public Security of the People’s Republic of China. (2024). China-Myanmar police achieve new breakthroughs in cracking down on telecom and online fraud crimes in the in-depth areas of Myanmar; 763 Chinese suspects who committed cross-border telecom and online fraud in the Tangyang area of Myanmar are transferred to China. https://www.mps.gov.cn/n2253534/n2253535/c9861580/content.html

24.

Ministry of Public Security of the People’s Republic of China. (2025a). Losses from Yunnan cyberfraud cases drop 20% year-on-year. https://www.mps.gov.cn/n2255079/n4876594/n5104076/n5104080/c10043616/content.html

25.

Ministry of Public Security of the People’s Republic of China. (2025b). China, Myanmar, and Thailand jointly launched an operation to wipe out gambling and fraud parks in the Myawaddy region of Myanmar https://www.mps.gov.cn/n2253534/n2253535/c10342965/content.html

26.

Peng

(2026). The enduring legacy and historical continuity of Kokang’s mutinies in the China–Myanmar borderlands. Journal of Contemporary Asia, 56, 41–63.

27.

Peoples. (2024). The second of People’s Online comments on “Internet scalpers”: Abuse of technology, profiting in a single day. http://opinion.people.com.cn/n1/2024/0903/c1003-40311587.html

28.

People’s Procuratorate of Zhejiang. (2025). Jay Chou concert tickets used as fraud bait: A gambler lures customers into paying large sums step by step. https://www.zjjcy.gov.cn/art/2025/2/9/art_31_202852.html

29.

Lin

Sun

I. Y.

(2024). Fear and perceived risk of cyber fraud victimization among Chinese University students. Crime, Law and Social Change, 82(3), 543–562.

30.

Sun

(2025). Statist but responsive regulation: Targeted responsive campaigns as agile governance for tech innovation. Journal of Asian Public Policy. Advance online publication. https://doi.org/10.1080/17516234.2025.2554109

31.

Sun

I. Y.

Chu

D. C.

Sung

H. E.

(2011). A cross-national analysis of the mediating effect of economic deprivation on crime. Asian Journal of Criminology, 6(1), 15–32.

32.

Sun

I. Y.

(2013). Public assessments of the police in rural and urban China: A theoretical extension and empirical investigation. British Journal of Criminology, 53(4), 643–664.

33.

Sun

(2025). Sustainable financialization: Leveraging FinTech, social innovation and inclusive partnership for sustainable development goals. Palgrave Macmillan.

34.

Sun

(2026). Responsive policing for cyberfraud prevention: An empirical inquiry into the regulatory pyramid to protect cyberfraud victims in China. Policing and Society, 36, 232–252.

35.

Sun

(2026). AI-empowered responsive regulation for preventing future crimes: An empirical inquiry into the regulatory pyramid to combat future crimes in China and Southeast Asia. Asian Journal of Criminology, 21(1), 8.

36.

Tiwari

Zhou

Childs

Chang

L. Y.

Ferrill

(2025a). Metaverse policing: A systematic literature review of challenges and recommendations. Computers in Human Behavior, 166, Article 108591.

37.

Tiwari

Zhou

Ferrill

Smith

(2025b). Crypto crashes: An examination of the Binance and FTX scandals and associated accounting challenges. The British Accounting Review, 57, 1–12.

38.

United Nations Office on Drugs and Crime. (2025). Inflection point: Global implications of scam centres, underground banking and illicit online marketplaces in Southeast Asia. https://www.unodc.org/roseap/uploads/documents/Publications/2025/Inflection_Point_2025.pdf

39.

U.S. Embassy in Cambodia. (2024). 2024 trafficking in persons report: Cambodia. https://kh.usembassy.gov/2024-trafficking-in-persons-report-cambodia/

40.

Wang

(2024). Victim-offender overlap: The identity transformations experienced by trafficked Chinese workers escaping from pig-butchering scam syndicate. Trends in Organized Crime. Advance online publication. https://doi.org/10.1007/s12117-024-09525-5

41.

Wang

(2025). Breaking the silence: Examining process of cyber sextortion and victims’ coping strategies. International Review of Victimology, 31(1), 91–116.

42.

Wang

Dickinson

Ghazi-Tehrani

(2025). Not all money is the same: The meanings of money in online fraud. Crime & Delinquency. Advance online publication. https://doi.org/10.1177/00111287251321442

43.

Wang

Topalli

(2024). Understanding romance scammers through the lens of their victims: Qualitative modeling of risk and protective factors in the online context. American Journal of Criminal Justice, 49(1), 145–181.

44.

Wang

Zhou

(2023). Persuasive schemes for financial exploitation in online romance scam: An Anatomy on Sha Zhu pan (杀猪盘) in China. Victims & Offenders, 18(5), 915–942.

45.

Sun

Zhu

Zhou

(2024). Understanding health fraud offenders in China: An emotional labour perspective. Asian Journal of Law and Society, 11(1), 54–69.

46.

Zhang

(2021). Restorative justice and police discretion in China: Stories from the street-level police. International Journal of Offender Therapy and Comparative Criminology, 65(4), 498 –520.

47.

Zhang

Liu

Braithwaite

(2023). The pluralism of restorative justice in greater China: An introduction. Asian Journal of Criminology, 18(2), 83–87.

48.

Zhang

Xia

(2021). Can restorative justice reduce incarceration? A story from China. Justice Quarterly, 38(7), 1471–1491.

49.

Zhou

Tiwari

Bernot

Lin

(2024a). Metacrime and cybercrime: Exploring the convergence and divergence in digital criminality. Asian Journal of Criminology, 19(3), 419–439.

50.

Zhou

Tiwari

Lee

C. S.

Dupont

(2026). Exploring future crimes: Technologies, digitalization, and criminal malleability. Asian Journal of Criminology, 21(1), 11.

51.

Zhou

Zhu

(2024b). Health fraud against the elderly in China: The perspective of vulnerability manipulation. In Byrne

Byrne

(Eds.), Scams, cons, frauds, and deceptions (pp. 170–188). Routledge.