Security & Fraud

Five Or More Mexican Banks Suffer Unauthorized Transfers

Lorenza Martinez, head of Banxico’s payment system, said late last week that five or more Mexican financial groups saw “unauthorized transfers” during the past few days, but wouldn’t call it a hack.

According to a Reuters report, it’s not clear how much money was transferred, and Martinez wouldn’t specify which institutions were impacted by the incident. “These unauthorized transfers were originated in the system that connects the institutions to the payment system,” Martinez said in a telephone interview. She added that the banks had to move to an alternate – and slower – method of processing payments.

The slow interbank transfers since the end of April, as well as the lack of clarity on the part of regulators and authorities, has sparked speculation that Mexico was the latest country to fall victim to the hacks that have been plaguing central banks and financial services firms around the world. Martinez said the SPEI interbank transfer system wasn’t compromised, but that the software developed by the banking industry and/or third parties to connect to the payment network may have been. SPEI is similar to the SWIFT global messaging system in the U.S.

Martinez refrained from calling the incidents in Mexico a cyberattack. “At this time, we cannot reject any hypothesis,” she said in the phone interview with Reuters. “It was something done on purpose, but how it was done, we are in the process of finding out.”

Martinez said the funds were transferred to accounts that seem to be fake. At the same time that the central bank in Mexico is investigating, local banks have also tapped security experts to launch their own inquiries.

Reuters noted that at the end of April, the Mexican bank Banorte reported an incident that it said slowed transactions. Meanwhile, Citibanamex, a Mexico unit of Citigroup, said some of its clients saw delays in interbank transfers, but that there weren’t any problems with the payment network.


New PYMNTS Report: Preventing Financial Crimes Playbook – July 2020 

Call it the great tug-of-war. Fraudsters are teaming up to form elaborate rings that work in sync to launch account takeovers. Chris Tremont, EVP at Radius Bank, tells PYMNTS that financial institutions (FIs) can beat such highly organized fraudsters at their own game. In the July 2020 Preventing Financial Crimes Playbook, Tremont lays out how.