Overview
- Spain’s Social Security Ministry confirmed that a touted 200‑euro monthly “bonus” is a vishing scam that spoofs caller IDs and tricks victims into dictating SMS authentication codes to move money.
- Mexico City’s Cyber Police warned about a “Regalos Navideños” scheme that circulates through messaging apps and social networks, leading to fake sites that harvest banking data or install malware, and it published reporting channels for victims.
- Palo Alto Networks reported a seasonal uptick in corporate threats, including the reactivation of Scattered LAPSUS$ Hunters and the “Jingle Thief” operation that infiltrates gift‑card issuance to create fraudulent cards for resale.
- Official guidance stresses verifying promotions via trusted sites, avoiding unsolicited links, and recognizing that legitimate institutions do not request banking credentials or one‑time passcodes by phone or message.
- Context from Spain shows the long‑term rise in digital crime, with 412,850 cyber offenses reported in 2024—up 488% since 2016—underscoring heightened holiday risk and the value of strong authentication and monitored payment methods.