In recent weeks, a concerning pattern has emerged across several Latin American countries involving a sophisticated extortion scheme that leverages food delivery platforms to intimidate victims. Authorities and cybersecurity experts have begun issuing public warnings about this evolving threat, which combines digital deception with real-world coercion to extract money from individuals and small businesses.
The scheme, informally referred to by some local officials as “MOSCA” — an acronym that has circulated in law enforcement briefings — typically begins with a fraudulent order placed through a popular delivery app. Victims receive what appears to be a legitimate request for food or goods, often targeting restaurants, pharmacies, or convenience stores. Once the order is accepted and prepared, the perpetrator arrives to collect it but refuses payment, instead demanding money under threat of violence, false legal action, or the release of compromising information.
What distinguishes this method from traditional extortion is its exploitation of the trust and convenience inherent in on-demand delivery services. By using these platforms, criminals can mask their identity, operate across jurisdictional boundaries, and create a veneer of legitimacy that lowers the victim’s guard. In some cases, attackers have used stolen accounts or fabricated profiles to place orders, making tracing more difficult for investigators.
Law enforcement agencies in Colombia, Mexico, and Peru have reported a noticeable uptick in incidents matching this profile over the past six months. While exact figures vary by jurisdiction, officials in Bogotá’s Secretariat of Security noted a 40% increase in delivery-related extortion complaints between January and June 2024 compared to the same period in 2023. Similar trends have been observed in Mexico City and Lima, where prosecutors’ offices have begun tracking such cases separately to better allocate resources.
The modus operandi often follows a predictable sequence. First, the extortionist places an order through a delivery app, sometimes using a burner phone or compromised account. The order is typically small in value — designed to avoid suspicion — but timed to arrive during peak hours or late at night when staff may be fewer. Upon arrival, the individual claims an issue with payment, alleges a failed transaction, or simply states they lack funds. They then pivot to demands, which may include immediate cash payment, electronic transfers via peer-to-peer apps, or even cryptocurrency. Threats range from accusations of involvement in illegal activity to claims of possessing sensitive data obtained through hacking.
Cybersecurity analysts warn that the real danger lies not just in the immediate financial loss but in the potential for repeat targeting. Once a business or individual complies, they may be marked as a vulnerable target, leading to escalating demands. In several verified cases, victims reported being contacted days later with additional demands, framed as “protection fees” to prevent future incidents.
Delivery platforms themselves have acknowledged the issue, though responses vary. In statements to regional news outlets, representatives from major services emphasized their commitment to user safety and outlined measures such as enhanced account verification, real-time transaction monitoring, and cooperation with law enforcement. Some platforms now allow users to report suspicious orders directly through the app, triggering internal reviews that may lead to account suspensions or data sharing with authorities.
Though, experts caution that technical solutions alone are insufficient. “The challenge here is hybrid,” said a digital crime specialist from the Organization of American States (OAS), speaking on condition of anonymity due to the ongoing nature of investigations. “You’re dealing with both cyber-enabled deception and physical-world intimidation. Stopping it requires coordination between tech companies, local police, and judicial systems — something that remains inconsistent across the region.”
Small business owners, particularly those operating late-night food stalls or independent pharmacies, have expressed growing anxiety. Many lack the resources to implement advanced security measures or absorb financial losses. In interviews conducted by consumer protection groups in Medellín and Quito, owners described feeling trapped between the need to remain accessible to customers and the fear of becoming targets.
Legal frameworks in most countries do not yet specifically address extortion carried out via delivery platforms, leaving prosecutors to rely on existing laws against threats, fraud, or coercion. This can complicate prosecution, especially when digital evidence is fragmented or when perpetrators operate across borders. Regional bodies such as the OAS and INTERPOL have begun advocating for updated legislation and cross-border protocols to close these gaps.
For individuals and businesses seeking to reduce risk, authorities recommend several precautionary steps. These include verifying customer identities through in-app communication before fulfilling orders, avoiding cash-on-delivery for high-value or suspicious requests, and preserving all transaction records and communications as potential evidence. Some police departments have issued printable guides and hosted virtual workshops to educate merchants on recognizing red flags, such as repeated orders from modern accounts, insistence on contactless handoffs in secluded areas, or pressure to accept unconventional payment methods.
As of July 2024, no centralized regional database tracks MOSCA-style incidents, though national police forces in Colombia and Mexico have begun piloting shared reporting systems. The next official update on national trends is expected from Colombia’s National Police in September 2024, when quarterly crime statistics are scheduled for release. In Mexico, the Executive Secretariat of the National Public Security System plans to publish a special report on digital-enabled extortion in October.
Until then, vigilance remains the most accessible defense. By understanding how these schemes operate and sharing verified information within communities, individuals can help disrupt the cycle of intimidation. Authorities urge anyone who believes they have been targeted to report the incident promptly — not only to seek possible recourse but to contribute to a broader effort to map and counteract this evolving threat.
Stay informed, stay cautious, and consider sharing this information with local business associations or neighborhood groups. Collective awareness is one of the most effective tools we have against crimes that exploit both technology and trust.