Israeli Firm Uncovers 2-Year Phishing Campaign In Mexico, 4,000 Victims Affected

strongFictitious html pages and hacker programs are seen on screens while a man has his hands on the keyboard. Perception Point, an Israeli cybersecurity firm, recently disclosed that it has discovered an extensive phishing campaign in Mexico that lasted for almost two years and claimed over 4,000 victims. ANNETTE RIEDLE/DPA/GETTY IMAGES/strong
strongFictitious html pages and hacker programs are seen on screens while a man has his hands on the keyboard. Perception Point, an Israeli cybersecurity firm, recently disclosed that it has discovered an extensive phishing campaign in Mexico that lasted for almost two years and claimed over 4,000 victims. ANNETTE RIEDLE/DPA/GETTY IMAGES/strong


By Yulia Karra

Israeli cybersecurity company Perception Point recently revealed it has uncovered a widespread phishing campaign in Mexico that lasted for nearly two years and left behind over 4,000 victims.

Perception Point specializes in detection, investigation and remediation of all cyber threats across corporate organizations’ email, web browsers and cloud collaboration apps.

The company’s researchers dubbed the phishing campaign “The Manipulated Caiman” due to the mention of the words “Loader Manipulado” in the script of the cyberattack and the perpetrators’ likely Latin American origin.

Fictitious html pages and hacker programs are seen on screens while a man has his hands on the keyboard. Perception Point, an Israeli cybersecurity firm, recently disclosed that it has discovered an extensive phishing campaign in Mexico that lasted for almost two years and claimed over 4,000 victims. ANNETTE RIEDLE/DPA/GETTY IMAGES

The campaign targeted primarily Mexican citizens, who were collectively defrauded out of $55 million.

The researchers say the attackers used a wide variety of tools with an ultimate goal of gaining access to bank credentials of individuals and organizations based in Mexico — only to steal them along with the victims’ funds.

Although the full extent of the attack is still unknown, an initial probe reveals the campaign started sometime in 2021 and continued until at least until May 2023. The Perception Point specialists believe the attackers managed to remain under the radar — and even grow their enterprise — due to Mexico’s relatively lax cybercrime laws.

“The ‘Manipulated Caiman’ operation highlights the dangerous extent of sophisticated attacks that leverage techniques such as geofencing and multi-layered scripting,” Perception Point Incident Response Team Leader Igal Lytzki told ISRAEL21c.

Fictitious html pages and hacker programs are seen on screens while a man has his hands on the keyboard. Perception Point, an Israeli cybersecurity firm, recently disclosed that it has discovered an extensive phishing campaign in Mexico that lasted for almost two years and claimed over 4,000 victims. ANNETTE RIEDLE/DPA/GETTY IMAGES

“The fact that the operation flew under the radar for nearly two years underscores the urgency for proactive security measures like advanced persistent threat [APT] and anomaly detection.”

 

Produced in association with ISRAEL21c