Colombia. During the holiday season, as e-commerce and digital transactions intensified, online fraud attempts also increased. Fake promotions, impersonation of businesses and messages that simulated order deliveries became some of the most used strategies by cybercriminals to deceive users and companies.
According to the State of Cybersecurity in Latin America 2025 Report, prepared by GMS, the region registered more than 60,000 incidents during the first half of the year. Of the total number of events reported, 70% corresponded to multi-vector attacks, which evidenced the simultaneous use of various tactics, supported by increasingly realistic content and malware with the ability to modify its behavior to evade security controls.
Esteban Lubensky, executive president of GMS, warned that the months of December and November represented a particularly favorable period for attackers. As he explained, the high volume of purchases and the avalanche of discounts facilitated the activation of fraud campaigns that exposed users to malicious links, non-existent purchases and requests for sensitive data, such as credit card information or alleged delivery confirmations.
Among the most frequent modalities during the end-of-year festivities were promotions created to capture personal data, pages that replicated the visual identity of recognized businesses, and messages that simulated shipment notifications or order updates. In addition, links were distributed by messaging applications such as WhatsApp, which requested identity validation or activation of alleged bonuses, as well as fraudulent virtual stores and malicious applications designed to obtain elevated permissions and access private information.
Against this backdrop, cybersecurity specialists recommended that users activate alerts of unusual activity in their accounts and payment methods, periodically review the permissions of installed applications, and avoid making transactions from open WiFi networks. They also suggested using temporary virtual cards for online purchases and checking for possible unauthorized redirects in browsers. In the business environment, key measures included strengthening anti-phishing filters, implementing behavior-based access controls, and adjusting security policies to anticipate typical seasonal tactics.
Alejandro Navarro, general manager of GMS Colombia, pointed out that awareness and prevention have been consolidated as the main line of defense against these threats. According to him, cybercriminals expanded their radius of action to homes, taking advantage of apparently harmless emails, messages, calls and applications to steal information and commit scams.
In this context of increased pressure on digital channels, GMS announced the expansion of its operations in Colombia with the opening of new facilities and the strengthening of its team specialized in monitoring, analysis and incident response. The company foresaw an increase in its technical and operational capacity to meet the growing demand for digital protection services, especially during the holiday season, characterized by more frequent, faster and more sophisticated attacks.


