Mexico has moved to the front of Latin America’s digital banking fraud problem, at least in the latest data gathered by fraud-prevention firm BioCatch. The jump is large enough to get boardrooms, regulators, and customers paying closer attention. But the numbers tell only part of the story. The bigger question is why Mexico is proving so vulnerable, how these attacks actually work, and what that means for anyone who banks through a phone.

Mexico moves to the center of a growing threat

Mexico has become the region’s main flashpoint for digital banking fraud, according to newly released data from BioCatch. The company said Mexican banks in its network saw the sharpest rise in account takeover attempts in Latin America, with cases up 324 percent between the end of 2024 and the beginning of 2026. Across the region, scam attempts rose 155 percent in 2025. BioCatch also reported sharp increases in fraud tied to remote-access tools, malware, and stolen devices.

That matters because account takeover is not a narrow technical problem. It is the point where a phishing message, a fake bank call, a stolen password, or a remote-access app turns into real financial loss. Once criminals gain access to an account, they can move money, add beneficiaries, or use it as part of a broader laundering chain. For banks, the damage goes beyond reimbursement. It hits customer trust, fraud operations, compliance, and the credibility of digital channels that institutions have spent years trying to expand.

What the numbers do and do not show

The BioCatch findings are based on data from 36 Latin American financial institutions that together serve more than 300 million customers. That gives the report weight, but it is still important to be precise. These numbers do not represent every bank in Mexico. They reflect what BioCatch says it is seeing inside its own client network. Even so, the trend is difficult to ignore because it aligns with a broader regional picture of rapidly evolving fraud methods.

The same release said remote-access fraud increased fivefold across Latin America. Reported malware attacks rose 225 percent. Fraud from stolen devices rose 344 percent. BioCatch also said account takeover attempts nearly tripled regionwide over the same period that Mexico recorded the steepest jump. In plain terms, the region is not dealing with one single scam. It is dealing with a layered ecosystem in which phishing, device compromise, impersonation, and fast money movement now reinforce one another.

Why Mexico looks especially exposed

Part of the answer is simple. More banking activity now happens through phones, and criminals go where the traffic is. In its latest regional update, BioCatch said that, so far in 2025, 88 percent of fraudulent sessions in Latin America have taken place on mobile devices. It also said Mexico was among the countries where total fraud volumes more than doubled and among those hardest hit by malware.

That combination matters because mobile banking compresses everything. Login, authentication, messaging, account changes, and transfers happen on one device, often within minutes. A scammer no longer needs to break into a branch-like system. The criminal only needs to convince a user to click, approve, share a code, or install a tool that gives remote access. The fraud can then appear legitimate on the bank’s side because the session appears to originate from the customer’s own phone.

The attack path is often more psychological than technical. A fake alert arrives by text, email, social media, or phone call. The person on the other end claims to be from the bank. The customer is told there is an urgent charge, a security breach, or a need to “protect” the account. A remote-access app may be suggested. A one-time code may be requested. A transfer may be framed as a safety move. By the time the victim realizes what happened, the money may already have been pushed through one or more mule accounts.

Why official complaint data can look different

Official consumer-protection figures do not always align with private fraud telemetry, and that is part of the challenge. CONDUSEF, Mexico’s financial consumer watchdog, confirmed 620 cases in the banking sector under its possible identity theft protocol in the first half of 2025, a slight decline from the same period a year earlier. That does not necessarily contradict the BioCatch warning. It shows that institutions are often measuring different slices of the same problem.

Identity theft, account takeover, social engineering, and “authorized” transfers induced by fraud are related, but they are not identical categories. Some victims never file formal complaints. Some cases are classified under different channels. Others may, at first glance, look like voluntary transactions. This is one reason fraud has moved from an IT issue to a broader business issue. Banks can strengthen logins and still miss what happens after a customer is manipulated into helping the attacker.

What this means for Mexico’s banking agenda

The larger lesson is that fraud is becoming more organized and more collaborative than many defenses were designed to handle. BioCatch argues that banks still spend too much time focusing on the sender side of a transaction and not enough on the receiving account. That leaves room for mule-account networks to collect and disperse stolen funds before a response can catch up. It also leaves institutions dependent on their own internal view of a threat that may already be moving across several banks.

That is why this story belongs on the business agenda, not just the cybersecurity agenda. Fraud now affects customer retention, reimbursement costs, operational budgets, compliance exposure, and confidence in digital finance. Mexico’s banking system is expanding digital services because customers expect speed and convenience. The same shift increases the premium on real-time detection of coercion, impersonation, remote control, and abnormal behavior. Faster banking without stronger fraud intelligence becomes a larger target.

For customers, the practical takeaway is not panic but routine skepticism. CONDUSEF has repeatedly warned that criminals often pose as banks through calls, texts, email, and social media to request sensitive information. In that environment, the old advice still matters. Do not share codes. Do not trust urgent messages at face value. Do not install remote-access software because someone claiming to be from a bank tells you to do it. In Mexico, where more of life is moving online, those habits are no longer optional. They are part of basic account security.