ESET researchers reveal cybercriminals target Peru, Brazil and Mexico

ESET researchers reveal cybercriminals target Peru, Brazil and Mexico

AnalysisBrazilEnterprise SecurityGovernmentInsightsMexicoMore NewsPeruResearch

A report from ESET reveals that Peru, Brazil and Mexico are the Latam countries in which the highest number of detections of social engineering attacks were registered.

Researchers from ESET, a leading company in proactive threat detection, analyzed detections of social engineering attacks from the past year and identified a significant growth in these types of threats compared to 2019.

In 2020, detections of social engineering attacks doubled in Latin America with Peru, Brazil and Mexico as the countries that registered the highest number of attack detections.

Social engineering refers to attempted attacks in which malicious actors use the name of a brand, organization to try to make the user believe that it is a real email or message. The objective of this strategy is to trick the victim into taking an unwanted action, such as downloading malware onto the computer, handing over their access credentials, sending other types of personal information, or displaying advertising on their device.

Comparing the detections, it is observed that in August 2019 there was a significant growth in the detection curve, but one of the peculiarities of 2020 is the almost constant level of this type of threats and the almost sustained growth during much of the year. If the total number of detections is taken as a reference year by year, a growth of just over 200% is observed in 2020, with August being the month with the highest number of detections.

In March 2020, ESET warned about the significant growth of social engineering campaigns that tried to take advantage of the fear caused by the pandemic as an excuse to affect users in different ways. ESET’s Research Laboratory in Latin America analyzed several campaigns that were distributed through the mail or WhatsApp in which potential victims were made to believe that governments and companies were giving financial aid or that some brands were giving gifts. While some seem more “harmless” by simply seeking to display advertising without delivering what was promised in the initial message, others seek to steal personal information or even affect devices with malicious code.

Regarding detections in the Latin American region, Peru was the country that registered the highest percentage, with just over 31%, followed by Brazil with more than 18% and Mexico with almost 17% of the detections in the region .

Camilo Gutiérrez Amaya, Head of ESET’s Research Laboratory Latin America, said: “Social engineering attacks remain a very prevalent threat affecting both the general public and corporate users. Cybercriminals continue to use this technique to steal personal and financial information. Also as a strategy to carry out more sophisticated attacks directed at government entities or companies. Probably the validity of this technique has to do with the constant improvements of the attackers. Also the lack of training and awareness of users, who in many cases still do not know well what phishing is and this makes them vulnerable to falling into the traps of attackers.”