As Digital Asset Markets Grow, So Do the Risks — and the Responsibility to Address Them

The expansion of digital asset markets over the past two years has brought new opportunities for investors across Southeast Asia and beyond. It has also brought new risks. Fraud, phishing attacks, and account compromises have grown alongside the platforms that serve hundreds of millions of users globally. How the industry responds to that challenge is becoming as important as the products it offers.

Bitget, one of the world’s largest multi-asset trading platforms, released its 2025 security report alongside the launch of its annual Anti-Scam Month campaign in June 2026. The figures it published offer a rare detailed look at the scale of security threats facing users of digital financial platforms — and the infrastructure required to counter them.

In 2025, Bitget’s security systems blocked more than 150 million malicious attack requests and identified over 13,000 high-risk malicious IP addresses. The platform’s web security systems recorded more than 2.8 billion interceptions through custom protection rules, and blocked over 1.5 billion distributed denial-of-service (DDoS) attack attempts during the year. Across 18,135 user protection cases handled during the period, the platform recovered approximately $32.3 million for users affected by security incidents and fraudulent activity.

“The industry is entering a multi-asset era where users can access a wider range of products and markets through a single platform,” said Hon Ng, Chief Legal Officer at Bitget. “As that access expands, security responsibilities increase, too.”

This year’s campaign theme — “More Assets, Stronger Shield: Stay Safe in the Multi-Asset Era” — reflects a structural shift in how digital financial platforms operate. As platforms expand beyond digital assets to offer access to equities, commodities, and other financial instruments, the range of potential fraud and security threats expands with them. Users who are familiar with the risks in one market may be less alert to the specific threats that arise in another.

Bitget said its security infrastructure improvements in 2025 included strengthening authentication using industry-standard security protocols, expanding multi-factor authentication (MFA) for high-risk account actions, and deploying machine learning-based behavioural analysis to detect suspicious activity. The platform also expanded its Anti-Scam Hub and ran the Smarter Eyes Challenge — a phishing and scam detection exercise that drew participation from nearly 50,000 people.

User education is central to this effort. Bitget reported that its Anti-Scam Month campaigns across 2024 and 2025 reached approximately 1.38 billion people globally through educational content, security resources, and community initiatives. The company works with specialist blockchain security firms on threat intelligence sharing and anti-fraud research.

The security dimension of digital asset platforms is increasingly relevant to regulators as well as users. The National Bank of Cambodia’s Prakas B7-024-735 Prokor on cryptoasset activities, which took effect in December 2024, includes cybersecurity and risk management requirements as core obligations for licensed cryptoasset service providers — reflecting an understanding that consumer protection in this sector requires both legal and technical frameworks working together.

Separately, Bitget announced in June 2026 that it would make Level 2 market data for US stocks available free of charge to eligible users. Level 2 data provides visibility into the full depth of buy and sell orders in a market — information that has historically been available only to institutional traders and professional desks due to the high cost of exchange data licensing. “In traditional markets, data and insights come at a premium,” said Gracy Chen, CEO of Bitget. “We’re eradicating that by making professional-grade stock market data available to our users, who can now access tools that were once limited to a small segment of the market.”

The two developments — expanded security infrastructure and democratised market data — point in the same direction: as digital financial platforms mature, the gap between what was once available only to professional or institutional participants and what is accessible to ordinary investors continues to narrow. Managing that transition responsibly, both in terms of consumer protection and regulatory compliance, is the defining challenge for the sector in the years ahead.

Key Terms
Digital asset platformAn online service where people can buy, sell, or hold digital assets such as tokens, as well as — on some platforms — traditional investments like gold, stocks, and currencies. Similar to an online bank or brokerage, but operating across digital and traditional markets.
Phishing attackA type of fraud where criminals send fake messages — emails, SMS, or app notifications — pretending to be a trusted organisation. The goal is to trick users into revealing passwords, account details, or transferring money. Common on all digital platforms, not just digital asset exchanges.
DDoS attack (Distributed Denial-of-Service)A cyberattack where criminals flood a website or platform with enormous volumes of fake traffic, attempting to overwhelm and shut it down. Like thousands of people blocking the entrance to a shop so real customers cannot get in. Platforms block these by filtering traffic automatically.
Level 2 market dataDetailed, real-time information showing not just the latest price of an asset, but all the buy and sell orders waiting to be filled — how many, at what price, and in what volume. Think of it like seeing not just the final sale price of a property, but every offer made and by whom. Historically available only to professional traders and institutions due to high licensing costs.
Multi-factor authentication (MFA)A security method requiring users to verify their identity in more than one way before accessing an account — for example, a password plus a one-time code sent to a phone. Most Cambodian banking apps use this already. Platforms use it to prevent unauthorised access even if a password is stolen.

Note: Digital asset trading is subject to regulation in Cambodia under directives issued by the National Bank of Cambodia. Readers are advised to consult applicable local regulations and seek independent financial advice before engaging with any digital asset platform.