A KnowBe4, a renowned global cybersecurity platform that comprehensively addresses human and AI agent risk management, notes that seasonal high-consumption periods, such as Black Friday and Christmas, remain among the times of highest cyber risk for companies across Latin America.
During this period, increased digital traffic, higher email volume, and overloaded IT teams create the “perfect storm” of risk. The scenario is worsened by factors typical of the retail sector, such as the use of untrained temporary staff and the complexity of multi-channel environments that combine physical stores, e-commerce, applications, and payment systems.
According to the Global Retail Report 2025, retail is among the top five most targeted sectors globally. The average cost of a data breach in this segment reached US$ 3.48 million in 2024 (IBM), a 18% increase from the previous year. Latin America appears as the second most attacked region, accounting for 32% of all attempts, behind only North America (56%). Brazil is among the top five countries most affected by ransomware in retail.
How the most common scams work
Cybercriminals take advantage of the accelerated pace and increased communication during the period to insert fraudulent messages that blend in with legitimate ones. These attacks affect both companies, which may have their systems compromised, and consumers, who often share personal and payment data during online promotions.
One of the most frequent scams involves fake promotions that mimic offers from major retailers and redirect users to cloned websites. On these pages, corporate or personal logins and passwords are stolen and sold on malicious forums.
Another common tactic involves messages that simulate technical alerts, such as software updates, password resets, or delivery notifications. Written professionally and with a legitimate appearance, these communications induce the user to click on links or open attached files, resulting in the installation of malware or spyware capable of monitoring activities, stealing session cookies, and capturing stored credentials.
These scams exploit psychological triggers such as urgency, reward, and familiarity. An email signed by a colleague or the IT department, for example, is less questioned when the workload is high and deadlines are tight. This makes the human factor the primary entry point for cyber attacks.
Reducing risk through culture, behavior, and continuous training
Combating this type of fraud requires a cultural shift within organizations. Continuous awareness programs and phishing simulations can reduce by up to 88% the likelihood of an employee interacting with malicious messages over 12 months. The report highlights that, before training, the average Phish-prone™ Percentage is 30.7% in small companies, 32% in medium-sized ones, and 42.4% in large organizations. After ninety days, these rates drop to around 20%.
“This evolution shows that human behavior has come to be recognized as one of the most effective pillars in defending against cyber threats, especially when employees learn to identify subtle signs of fraud, understand psychological manipulation tactics, and become active participants in the company's cybersecurity defense,”, says Rafael Peruch, Technical CISO Advisor at KnowBe4.
In addition to training, it is essential to reinforce internal security policies during seasonal dates, review communication flows, and implement multi-factor authentication (MFA) on all systems. Features such as real-time coaching and automatic phishing alerts help create immediate responses to fraud attempts.
“Automation helps detect threats, but it is human risk management that truly reduces risk. With the support of artificial intelligence, we can identify behavioral patterns and create customized awareness programs for each organization,”, concludes Peruch.
