Phishing Isn’t Going Anywhere—and in Latin America, It’s Thriving. This old cybercriminal trick (posing as banks, platforms, or well-known companies to steal your data) is more relevant than ever. Why? Because it works, and it works well.
These days, all it takes is a quick look at your inbox or phone messages to spot a trap: an email claiming your account was locked, a suspicious prize via SMS, or a call confirming an “unauthorized transaction.” And it's no coincidence: countries like Mexico, Colombia, Chile, and Argentina are reporting more incidents than ever.
The impact can be severe—from personal financial theft to major corporate data breaches. That’s why, if you work in tech, security, or compliance, understanding how these attacks operate isn’t optional—it’s part of the job. This guide walks you through the five most common types of phishing in the region, with real-world examples, recent data, and proven tips to stay safe.
Phishing isn’t new, but it’s stronger than ever in Latin America. Between July 2023 and July 2024, more than 397 million phishing attempts were blocked in the region, according to Kaspersky. That’s over 1,300 attacks per minute. Even more concerning: nearly 40% targeted financial data, taking advantage of rapid digitalization and AI-driven fraud automation.
While Brazil leads in attack volume, countries like Mexico, Colombia, Chile, and Argentina are facing a sharp rise. Here’s a country-by-country breakdown:
Mexico is among the hardest hit. From August 2023 to July 2024, phishing attacks surged by an astounding 220%, reaching 118 million blocked attempts—that’s more than 325,000 attacks per day.
And it’s not just statistics: a study by Adyen revealed that 55% of Mexicans fell victim to digital fraud in 2023, many through phishing. The average financial loss per person was over 1,000 Mexican pesos.
Colombia ranks second in the region for cyber incidents, with phishing at the core. According to IBM X-Force, 22% of cyberattacks in 2023 began with a malicious email or stolen credentials.
By early 2025, a highly targeted campaign was detected, impersonating government electronic notifications to install banking trojans. Clearly, Colombia is a key target for sophisticated threats.
Chile isn’t far behind. Between July 2023 and July 2024, phishing attempts rose by 125%, with a clear focus: fake messages crafted to steal online banking credentials.
In 2023, Chile was the third most targeted country in the region, accounting for 8% of all reported incidents in Latin America. The trend suggests attackers are zeroing in on the Chilean market.
While Argentina doesn’t top the charts by volume, the growth rate is alarming: phishing attacks increased by 300% in 2024 compared to the previous year.
The standout trend? 56% of incidents were linked to fake profiles on social media, particularly Facebook, Instagram, and LinkedIn. This tactic preys directly on user trust and is being exploited to the fullest.
Read more: Why are we still falling for phishing attacks in the middle of 2025?
Phishing has become part of daily digital life in Latin America. If you live in the region, chances are you’ve already come across a suspicious email, a weird SMS, or even a strange phone call. These attacks are not just more frequent—they’re also more convincing.
In this article, we break down the five most common types of phishing affecting users and businesses in countries like Mexico, Colombia, Chile, and Argentina. The best defense starts with knowing how you’re being targeted.
This is the most traditional type. You get an email that looks like it’s from your bank, a store, or a well-known app, urging you to act fast—click a link, download something, or confirm your data. The trick lies in the sense of urgency and how believable the message is.
Example from Chile (2022): Emails from “Banco de Chile” warned of an alleged increase in a credit limit. The link led to a perfect replica of the bank’s website. Once users entered their information, cybercriminals stole it instantly.
Check the sender carefully (they often use lookalike domains).
Be wary of messages with errors, generic greetings, or threats.
Don’t click without verifying. Hover over links to see where they really lead.
Never open strange attachments (.exe, .docm, .html).
When in doubt, go directly to the official website or call your bank.
Unlike mass phishing, spear phishing is targeted. Attackers research their victims and craft specific messages using names, job titles, and real details from LinkedIn or leaked emails.
Example from Mexico and Costa Rica (2025): The Hive0148 group impersonated tax authorities (SAT, AFIP) and sent emails mimicking real alerts. Clicking the links installed banking trojans designed to steal credentials.
Always confirm through another channel (call or direct message).
If the tone feels “off,” trust your instincts.
Inspect the sender’s domain (don’t trust appearances).
Enable two-factor authentication wherever possible.
Train your team with simulations and configure SPF, DKIM, and DMARC protocols.
Vishing involves someone calling you pretending to be from the bank, tech support, or an authority figure. They use a professional tone and urgency to pressure you into giving up sensitive info.
Example from Argentina: A “bank” call warned about suspicious activity and asked users to verify their accounts. Some even used AI-cloned voices of company execs requesting urgent transfers.
Be suspicious if you weren’t expecting the call.
No legit entity will ask for passwords or codes over the phone.
Hang up and call back using the official number.
Establish internal code words for validating calls.
If it feels rushed, take the time to verify.
Similar to email phishing but sent via text. You get an SMS or WhatsApp message with a link that mimics a bank, delivery app, or prize. Clicking it may steal your data or install malware.
Example from Mexico (2024): Thousands received fake “traffic fine” SMS messages from the Finance Department. After entering their license plate, they were shown fake debts and asked to pay by card. The site was cloned and instantly stole their data.
Don’t click suspicious links in messages.
Always verify by visiting the official site via browser.
Never enter personal data through SMS or WhatsApp links.
Keep your phone updated and use reliable security apps.
For companies, use MDM solutions to manage mobile devices.
Social networks are fertile ground for scams. Attackers impersonate companies, brands, or even friends to send malicious links or request help.
Example from Peru (2024): After a data breach at Interbank, an attacker created fake social media profiles to amplify the fraud. They contacted users pretending to be from the bank—or even relatives—to gather more data or gain access.
Verify accounts are official (blue check, real activity).
Don’t share info via DM, even if it looks like a friend.
Be skeptical of giveaways or promos asking for personal data.
Enable two-factor authentication on all your social accounts.
For businesses, monitor mentions and report fake profiles immediately.
Read more: Do you know how to spot a phishing attack?
Now that you’ve seen how phishing works in Latin America and the most common types, let’s get to the crucial part: What can you do—whether you're a CISO, IT manager, or security lead—to reduce real risks within your organization?
Here’s a practical guide you can apply day to day:
Security starts with people. A yearly talk or email course isn’t enough. Companies that run regular phishing simulations and train staff on current threats (like deepfakes or WhatsApp scams) have teams that are more alert and ready to respond.
The best part? Employees start reporting suspicious emails on their own—saving you countless headaches.
Every employee should know:
How are transfers approved?
Through which channels should IT issues be reported?
What information should never be requested by email or message?
You don’t need an 80-page manual. Simple messages like “We will never ask for your password via phone or WhatsApp” should be posted across all internal communication channels.
If you haven’t implemented multi-factor authentication (MFA) on critical access points, you’re already behind. It’s not a luxury—it’s a must. Even if an attacker gets a password, without the second factor, they’re locked out.
Enable MFA on:
Corporate emails
VPN access
Sensitive systems
Admin accounts
Security shouldn’t rely solely on people. Well-configured tools can block many attacks before they ever reach users. A standout example is TecnetProtect, powered by Acronis, which safeguards one of phishing’s primary targets: email.
This solution detects and blocks malicious emails, deceptive links, and dangerous files before they hit the inbox. Using Acronis’s AI, it recognizes phishing patterns, impersonation tactics, and fake websites in real time.
Complement this with:
Properly configured email filters
Secure DNS and web filters
Active SPF, DKIM, and DMARC
Updated browsers and systems
EDR solutions for threat detection
Tools like TecnetProtect strengthen your first line of defense and drastically reduce the risk of falling for digital traps.
Outdated systems are open doors. Often, phishing is just the first step before exploiting a vulnerability.
The fix? Keep all devices and systems up to date. That way, even if someone falls for a scam, the potential damage is contained.
Is someone logging in from another country? Is an employee suddenly sending hundreds of emails? Those are red flags.
Set up your SIEM system and have an incident protocol ready: reset access, notify the team, and investigate. Speed makes the difference between a scare and a crisis.
Phishing works by triggering emotions—urgency, fear, pressure. Teach your team that it’s okay to take a moment and double-check before clicking or replying to a suspicious message.
Use:
Reminders on Slack or Teams
Posters in the office
Quick notes on the intranet
Everything helps to keep awareness high and defenses strong.
The recipe? A powerful mix of:
Trained people
Clear processes
Technology that actually works
Investing in these three areas doesn’t just protect your company—it also safeguards your customers, partners, and your reputation.
From Mexico to the Southern Cone, phishing isn’t letting up. And we’re no longer talking about poorly written emails—today’s campaigns use AI, cloned voices, fake social media profiles, and websites identical to the real ones.
If you’re responsible for your company’s security, turning a blind eye is no longer an option. It’s not just about having a firewall or antivirus. It’s about people, processes, and culture.
Because if an attack slips in through a single click, a convincing call, or a disguised message, the damage can be huge: data leaks, lost clients, regulatory fines, or even a total operational shutdown.
At TecnetOne, we help you move from “we should do something” to “we’re already doing it.” With our phishing tests, we simulate real attacks and measure how your team responds. Who clicks? Who reports? What can be improved?
Want to go further? We also offer pentesting and ethical hacking services to help you find and fix vulnerabilities before real attackers do. Don’t wait to be the next victim—train, test, and strengthen your cybersecurity today.