In the current cybercrime ecosystem, the combination of web vulnerability exploitation and brand impersonation of high recognition has led to a growing threat in the region. Recently, ESET has issued an alert after detecting the proliferation of fake Spotify pages hosted on legitimate domains belonging to Latin American companies. Martina Lopez, a cybersecurity researcher at ESET Latin America, points out that this problem reveals a structural flaw in the maintenance of digital platforms for small and medium-sized enterprises (SMEs). According to the expert, the lack of updates not only exposes the company to its own incidents but also turns them into involuntary platforms for large-scale fraud. ESET's research has identified specific cases that illustrate this modality. For users, the risk includes financial fraud, the resale of credentials in clandestine markets, and the loss of control over their personal accounts. In Chile, a dental center in the Fifth Region suffered a compromise of its web portal, which was used to display fraudulent Spotify interfaces. Cybercriminals use fake Spotify pages to scam users in Latin America. Security experts have detected that attackers exploit flaws in SME portals in Argentina and Chile to steal credentials and financial data. For companies, it is essential to keep their servers updated, perform periodic audits, and implement integrity monitoring solutions to avoid being part of the digital fraud chain. In both examples, once the user enters the information, it is sent directly to servers controlled by the cyberattackers, leaving the victim in a fictional processing wait. Impact for users and companies The consequences of these actions are twofold. Once the site is compromised, criminals host a visually identical copy of the streaming service. Attackers take advantage of websites of small and medium-sized enterprises (SMEs) that present deficient security measures, such as outdated content management systems (CMS) or insecure plugins. In this case, access credentials were initially requested, and then the victim was urged to enter bank data under the premise of updating the payment method. A similar scenario was detected in Argentina, where the website of a tire company was manipulated to host data capture forms. This phishing technique seeks to deceive users to illicitly obtain their access credentials and sensitive financial data. Mechanics of deception and domain exploitation The effectiveness of this campaign lies in the usurpation of trust. On the other hand, SMEs face severe damage to their reputation, possible blockages by search engines that affect their SEO positioning, and economic costs derived from the remediation and cleaning of their systems. To mitigate these risks, it is recommended that internet users thoroughly verify the full domain of any site before delivering data and activate two-factor authentication.
