Researchers from Israel-based cybersecurity company Perception Point, estimated that since early 2021, threat actors have defrauded more than 4,000 victims in Mexico out of over $55 million. Named “Manipulated Caiman,” since the attack used “Loader Manipulado” in its script, it starts as a phishing scam, in which the victim receives an email with a faked tax receipt attached. This leads to a malware download. This attack was geofenced to Mexico only, meaning that a potential victim with an IP outside of Mexico is redirected to a legitimate website and the attack is terminated. This method can make it extremely difficult for even the most advanced threat detection solutions to identify and catch. It also helped the attacker uses the victims’ own computers to distribute the attack.
This excerpt is from “Cyber Security Headlines: Fast-acting Gamaredon, WormGPT improves phishing, Microsoft email mystery” in Ciso Series, written by Steve Prentice on July 17, 2023.