Brazil Among Top Global Targets for Cybercrime

Brazil has entered 2025 facing an unprecedented wave of cyberattacks, according to new global threat data. A recent Acronis Cyberthreats Report places the country as the third most targeted nation in the world for ransomware, behind only the United States and India, and the clear leader in Latin America.

The findings highlight a troubling trend: cybercriminals are deploying more sophisticated, AI‑enhanced attacks, overwhelming companies and public institutions with speed and precision.

Phishing Still Dominates, and It’s Getting Worse

The Acronis report shows that phishing remains the primary entry point for ransomware and other intrusions, responsible for 52% of all attacks detected in Brazil.

Even more alarming, the average number of phishing attempts per user grew 20% in the last six months, signaling a shift toward mass‑scale, automated campaigns.

“These attacks are no longer amateur attempts,” the report notes. “They are industrialized operations powered by automation and artificial intelligence.”

AI Supercharges Cybercrime

Cybercriminal groups are now using artificial intelligence to:

• Automate extortion attempts

• Create large volumes of convincing fake messages

• Produce deepfakes used in virtual kidnapping scams

• Conduct reconnaissance and negotiate ransomware payments at scale

Acronis found that attacks on collaboration platforms, such as Microsoft Teams and Slack, jumped from 12% in 2024 to 31% in 2025, driven by remote and hybrid work environments.

Sectors Under Pressure: Manufacturing, Tech, and Healthcare

Industries that cannot afford downtime are the most heavily targeted.
Manufacturing, technology, and healthcare organizations face constant pressure to restore operations quickly, making them more likely to pay ransoms.

Globally, more than 7,600 victims had sensitive data exposed by ransomware groups in 2025.

Expert Analysis: “Cybercrime Is Evolving Faster Than Companies Can Defend Themselves”

To understand the scale of the threat, we spoke with Thiago Manzaro Serain, a cybersecurity specialist with 23 years of experience in corporate technology environments.

Serain has spent 16 years working in Governance, Risk, and Compliance (GRC) for multinational companies, focusing on access governance, system auditing, and the protection of large‑scale SAP‑based infrastructures. His expertise includes designing security frameworks, mitigating operational risks, and implementing controls for complex enterprise systems.

According to Serain, the new data confirms what cybersecurity teams have been witnessing daily. “Cybercrime is evolving faster than companies can defend themselves. Attackers are using automation and AI to scale operations, while many organizations still rely on outdated defenses.”

He warns that phishing is only the beginning of a much larger problem. “When 52% of attacks start with a single click, it shows how critical user training and access governance have become. Technology alone is not enough, people need to be prepared.”

Companies Must Modernize Defenses, or Fall Behind

The Acronis report reinforces that organizations must:

• Automate security monitoring

• Train employees regularly

• Strengthen identity and access governance

• Prepare for AI‑driven social engineering

• Implement rapid‑response protocols

Serain adds that the shift toward remote work has expanded the attack surface dramatically:

“Collaboration platforms are the new battlefield. If companies don’t secure these environments, attackers will continue to exploit them.”

A New Era of Cyber Risk

With Brazil now among the world’s top three ransomware hotspots, experts agree: the country is entering a new era of digital vulnerability.
The combination of mass phishing, AI‑powered attacks, and weak corporate defenses creates a perfect storm, one that requires urgent action from both the public and private sectors.

“Cybersecurity is no longer optional. It’s a matter of national resilience,” concludes Serain