Today, it costs $130 to hack a Facebook account, $162 to hack a Gmail account, and $500 to hack a corporate email account (BCG, 2025). When crimes have reference prices, segmented supply, and tailor-made services, we are no longer dealing with a technical problem, but with an established illicit market that is not sustained by lone hackers, but by criminal organizations that take advantage of their victims’ distraction and low digital literacy. In fact, measurements continue to treat these crimes as an isolated phenomenon, failing to capture the sense of digital insecurity that accompanies the daily lives of millions of Chileans who, for the most part, consider being digitally scammed to be “inevitable” (Mastercard, 2025).
In Chile, the most commonly reported crimes are fraud and malicious use of cards (Public Prosecutor’s Office, 2025). In 2024, there were almost five times more attacks than in 2023 (FortiGuard Lab), meaning that the noise escalated exponentially and became automated, personalized, and cheaper thanks to AI, with global economic damage estimated at US$10.5 trillion (10% more than in 2024, according to Cybersecurity Ventures).
The most exposed sectors are those used on a daily basis: government, banking, retail, and healthcare. And the weakest link is the user and their careless way of managing their accounts: recycled passwords, opening links with an urgent tone, and excessive trust in messages received that “seem legitimate.” It is therefore not surprising that traditional scams, such as “the uncle story,” have mutated so successfully to WhatsApp, email, or social media, with leaked data and increasingly plausible messages. Periods of reduced vigilance—vacations, holidays, travel—amplify existing threats because they change our habits with more mobile connections, more public networks, and less verification.
Chile invests just 0.08% of its GDP in cybersecurity, less than half the global average (BCG, 2025), and at the institutional level, the response remains in its infancy and deeply asymmetrical. Although the country took a significant step forward with the Cybersecurity Framework Law and the creation of the National Cybersecurity Agency, the focus is on public bodies, essential services, and operators of vital importance. However, this leaves out 97% of the productive fabric: MSMEs. These do not have the budgets, personnel, or tools to prevent, detect, or recover from incidents, operating without monitoring, robust backups, or response protocols. Unlike OECD countries, where public policy combines regulation with financing, technical assistance, and mass literacy, in Chile cybersecurity continues to be addressed as a sectoral rather than a systemic problem, creating a risky gap between what the law requires and what thousands of organizations—and their users—can effectively comply with.
In the face of industrialized and automated crime, we must build capabilities at all levels and develop a social understanding of risk that makes deception less profitable. Otherwise, any law will always be insufficient. Because cybersecurity is no longer just a technical or police problem, but a citizen problem, and digital trust is built, practiced, and above all, taught.