Israeli cybersecurity company Perception Point recently revealed it has uncovered a widespread phishing campaign in Mexico that lasted for nearly two years and left behind over 4,000 victims.

Perception Point specializes in detection, investigation and remediation of all cyber threats across corporate organizations’ email, web browsers and cloud collaboration apps.

The company’s researchers dubbed the phishing campaign “The Manipulated Caiman” due to the mention of the words “Loader Manipulado” in the script of the cyberattack and the perpetrators’ likely Latin American origin.

The campaign targeted primarily Mexican citizens, who were collectively defrauded out of $55 million.

The researchers say the attackers used a wide variety of tools with an ultimate goal of gaining access to bank credentials of individuals and organizations based in Mexico — only to steal them along with the victims’ funds.

Although the full extent of the attack is still unknown, an initial probe reveals the campaign started sometime in 2021 and continued until at least until May 2023. The Perception Point specialists believe the attackers managed to remain under the radar — and even grow their enterprise — due to Mexico’s relatively lax cybercrime laws.

“The ‘Manipulated Caiman’ operation highlights the dangerous extent of sophisticated attacks that leverage techniques such as geofencing and multi-layered scripting,” Perception Point Incident Response Team Leader Igal Lytzki told ISRAEL21c.

“The fact that the operation flew under the radar for nearly two years underscores the urgency for proactive security measures like advanced persistent threat [APT] and anomaly detection.”