IntSights report highlights ‘cultural acceptance of cybercrime as an alternative way to make money’
Widespread adoption of digital technology in Latin America alongside government corruption and organized crime has resulted in a dangerous environment for e-commerce operators.
According to a new study by threat intel firm IntSights, companies across the region are “struggling to keep up with threat actors that are financially motivated, coordinated, and persistent in their efforts to fraud, scam, and steal from consumers and businesses alike”.
The region’s retail, financial services, and hospitality industries are suffering persistent attacks, IntSights said, with banking trojans and ransomware topping the list of malware threats.
Phishing is also commonplace, in some cases turbocharged by the illicit use of legitimate online marketing tools such as Google and Bing advertising platforms.
Carding – the use of stolen credit cards to make fraudulent purchases – is additionally widespread across Latin America, where the practice is known as “compras”, Spanish for “purchase” or Portuguese for “shopping”.
Easily spotted but soon forgotten
Latin America does not boast any notable state-sponsored Advanced Persistent Threat (APT) groups, IntSights said, but the region is a melting pot of fraudsters and sometimes drug cartels working with cybercriminals.
“Cybercrime in Latin America happens out in the open, through open source channels,” said Charity Wright, cyber threat intelligence advisor at IntSights.
“This highlights the lack of government response and cultural acceptance of cybercrime as an alternative way to make money.”
Researchers found that in many cases it was not difficult to determine where threats were coming from because miscreants “spent more time changing their infrastructure and tactics than they did hiding their identities”.
Criminals in Latin America communicate on open source platforms and often do not put work into disguising their true identities, unless they are tied to cartels or gangs.
WhatsApp, Facebook Messenger, and Telegram are the most popular methods for cybercriminals to talk to each other, collaborate, or provide tips to would-be crooks. Facebook, in particular, is a great place to find cybercrime tutorials.
South American cybercriminals more generally take advantage of unregulated exchanges that do not require registration information and proof of identification in order to launder money.
GDPR com um samba
As with most regions that experience a combination of rapid digitization, high internet usership, and myriad political challenges, data privacy legislation in Latin America is has yet to catch up with its online user base.
“[The region] has digitized so quickly but their compliance and data privacy laws are lagging,” Wright told The Daily Swig. “There's not a lot of accountability there.”
There is at least one exception to this general rule: Brazil has already enacted over 40 different data privacy regulations, and the country is currently consolidating these into GDPR-style umbrella law called Lei Geral de Proteção de Dados (LGPD).
Wright concluded: “Latin American countries are generally way behind when it comes to regulating data and enforcing privacy. And so, these [regional] companies are just struggling to make ends meet and make a profit."
The Dark Side of Latin America
IntSights partnered in its research with CipherTrace and regional cybersecurity experts Scitum. The research is based on the analysis of data held on closed-access databases and hundreds of underground sources (deep web and dark web), along with manual and automated searches in hundreds of messaging platform conversations and group forums that are used exclusively by cybercriminals.
The researchers’ findings are summarised in a report – ‘The Dark Side of Latin America: Cryptocurrency, Cartels, Carding, and the Rise of Cybercrime’ – released on Thursday during the RSA Conference in San Francisco.
The report is a follow-up to an earlier study that focused specifically on Venezuela.
YOU MIGHT ALSO LIKE Inside J-CAT – Europol’s Joint Cybercirme Action Taskforce