Ransomware and Phishing Attacks Drop by 7% in Latin America

By Mario A. Beroes R. – Communications at IT Business Solutions

Although cybercrime never rests and often seems one step ahead of cybersecurity techniques, the number of ransomware attacks in Latin America has decreased so far in 2025. This decline does not indicate a reduction in intent, but rather a diversification of tools and strategies used to infiltrate corporate environments—alongside the capture of a threat known as Phobos.

According to data from various cybersecurity agencies and companies compiled by journalist William Peña on the portal Telecomunicaciones360.com, Latin America recorded over 1.1 million attempted breaches of corporate security systems between August 2024 and June 2025. Brazil led the ranking with nearly 50% of all attempts—approximately 549,000 penetration attempts in that country alone.

The numbers speak for themselves.

On average, the region experienced around 3,000 attacks per day over the past year—roughly two per minute. After Brazil, Mexico ranked second with about 237,000 attacks, followed by Chile with 43,000, Ecuador with 37,000, and Colombia with 35,000, making them the most affected countries by this cyber threat.

Phishing emerged as the most common attack method in Colombia and the Andean region (Venezuela, Ecuador, and Peru) during the first half of the year, accounting for 70% of all reported incidents. This technique far surpassed others such as fake social media networks (28%) and unauthorized brand use (2%), highlighting a clear contrast with other parts of the continent.

In contrast, the landscape shifts dramatically in the Southern Cone, where 84% of attacks are carried out through fake social media networks, while phishing accounts for just 15%. In Mexico and Central America, the phenomenon is more balanced, with 42% of attacks via phishing and 39% through fake social media.

In Central America and the Caribbean, the numbers are significant: Panama reported 22,000 ransomware attack attempts, El Salvador 15,000, Costa Rica 7,800, the Dominican Republic 2,700, and Guatemala 1,200.

One of the reasons for the decline in attacks in the region has been the arrest of the cybercriminal group Phobos. During the police operation, more than 100 servers belonging to the network were intercepted, dismantling its infrastructure.

This group was responsible for one of the most active threat families, ranking among the top five affecting users in Latin America and impacting 4.44% of organizations in the region.

The Venezuela case

In Venezuela, the figures—though not the highest—are still concerning. While there are no official statistics, it is known that between August 2024 and July 2025, approximately 8,403 attacks were recorded. The total number of cyber threats in the country exceeded 9.3 million during the same period, including 5.3 million phishing attacks and 8,266 trojans.

Ransomware attacks have already forced century-old companies to shut down operations and led many healthcare organizations to close their doors following massive data breaches, compromising sensitive information and public trust.

For all these reasons, it is essential—an absolute necessity—to have systems capable of minimizing threats and attacks online, supported by constantly updated platforms. Security is no longer an expense. Rethinking it as an investment will mitigate the risk of falling victim to an attack that could jeopardize a company’s future.