Latin America. Appgate managed more than 27,900 cybersecurity incidents during 2022 in Latin America, from that experience it was able to conclude the 7 topics most used by cybercrime when carrying out a scam in this region.
The company reported, in a statement, that "cybercriminals have taken advantage of the high degree of digitization to deceive users and affect companies." He also pointed to Brazil, Argentina, Ecuador, Colombia, Costa Rica and Chile as the Latin American countries most likely to suffer this type of crime on the network.
David López Agudelo, Vice President of Sales for Latin America at Appgate, said:
"While you might think that the most effective cyberattacks use automated systems, artificial intelligence or sophisticated forms of hacking to circumvent security in systems; The reality is that the most common and effective attacks
They target human error as the most vulnerable link. Users are easily manipulated with false identities, fraudulent links and misleading messages or news, which seek to steal information, credentials and even money."
Other relevant data, according to Appgate's Security Operations Center (SOC), are that, of the 27,900 cases of fraud, which were reported in the Latin American territory in 2022, 59% correspond to phishing; 29% to unauthorized use of the brand, and 7% to malicious mobile applications. Where the impact of these scams mostly impacted Brazil (34%), Argentina (33%); Ecuador (10%), Colombia (5%), Costa Rica (5%) and Chile (4%).
Thus, Appgate concluded that there are seven topics most used by cybercriminals to carry out scams from the internet, thanks to the data collected during 2022 in their monitoring and protection services, these topics were:
1. Job offers: Cybercriminals impersonate head hunting companies to obtain business or corporate information from organizations and individuals.
2. Fake shops: Scams related to online purchases, offers and misleading advertising are becoming more common. According to the Better Business Bureau (BBB), this type of fraud represents about 37% of the complaints filed in 2021, and reports money losses in 3 out of 4 victims. These types of cases can originate from social networks or fraudulent links that lead to fake marketplaces created by criminals.
3. Bank accounts: Cybercriminals create false contact centers to offer support to users with financial product management processes and thus get credentials of transactional electronic channels, social networks and other information.
4. Investment frauds: This type of scam has been gaining strength in the region, in which pyramid models are presented as they are typical, and in which they are shown to the public as an investment business with a high level of return so they usually attract their victims quickly.
5. Apps and add-ons: According to statistics from the APWG and the Appgate SOC, mobile applications are one of the most desired scenarios for cybercriminals and in the year of 2022, 7% of managed incidents were related to malicious applications installed on these devices.
"Attackers analyze companies' digital footprints and use different masks to trick the user for fraudulent purposes. These attacks are launched from email, social networks, mobile applications and search engines, "explains the company's spokesperson.
6. Legal or tax issues: This type of fraud arrived with force during the past year, in several Latin American countries. Several attacks were identified where users received a call from the bank to refund VAT, and during the process they seized people's credentials, their social networks and other personal information and then vacated bank accounts. The banks in response, had to carry out campaigns clarifying to users that they never call to offer a refund of this type of tax.
7. Family issues: Through distress calls or chat messages with personal situations, criminals pose as relatives or relatives to deceive and manipulate victims. In this way, they appeal to people's feelings to get high sums of money or valuable information that can be used in much larger scams.
Finally, David López Agudelo concluded that for every organization and user of the network it is essential to always be updated on the strategies of cybercriminals to avoid being a victim and thus avoid large economic losses or expose both personal and business systems.
"Having a solution like Digital Threat Protection (DTP) can be known about the level of exposure and information disclosed from workers, being one of the best options to deal with these threats."