Brazil is the world champion in scams against individuals, surveys from several digital security companies show. Unlike cybercriminals in rich countries who target million-dollar frauds against large companies, those here prefer simple and reproducible schemes on a large scale.
These virtual crimes can involve cell phone and computer viruses, the so-called “banking Trojans”, but can also be carried out on a conversational basis — through calls from fake telephone exchanges, misleading messages via email, social networks or WhatsApp or from fraudulent websites .
The number of incidents of fraud on the internet still skyrocketed after social isolation as a result of the Covid pandemic and never returned to previous levels.
Therefore, the Sheet has separated a list of the five most common scams and precautions to avoid them.
FAKE TELEPHONE CENTER OR SPOOFING
In recent weeks, Nubank customers took to social media to report attempted scams based on telephone calls, in which the caller ID showed the company’s official number.
These calls, however, are made from lines other than those of the financial institution. Cybercriminals, in these cases, use masks to tamper with the number presented by the identifier.
This scam does not require the installation of malicious programs on the agency’s or the victim’s phone, which leaves everyone vulnerable.
Banks warn that customers should be suspicious of any call that asks for personal or banking information. This is not a practice of financial institutions.
GHOST HAND STRIKE
The most detected viruses on Brazilian smartphones have the remote access function, used in the scam that became known as “ghost hand”.
In this scheme, cybercriminals darken the device’s screen and use banking applications in the background to search passwords and personal information and then carry out banking operations.
Turning off the device or keeping it disconnected would prevent scammers from continuing to look for passwords or carry out new transactions, but it is very difficult for the victim to realize that the scam is happening in time to stop it.
The best prevention against this fraud is not to download applications from outside the official Apple and Android stores and pay attention to strange cell phone notifications to avoid them.
PIX DEVIATION SCAM
Another common scam this year diverts money from Pix via cell phone when the customer is going to make a bank transfer. This virus has claimed more than 6,300 victims in Brazil since January this year, according to data from Kaspersky, an online security company.
The scammers’ action occurs through the ATS system (acronym in English for automated transfer system), after the consumer downloads an application that is infected with the trojan, a type of virus also known as a Trojan horse.
Cybercriminals enter the victim’s cell phone when they download infected applications or click on dubious links. Gaming apps, for example, are among those identified as vectors of the new virus that transfers the value of the customer’s Pix.
The best form of prevention, as in the case of “ghost hand”, is to pay attention to suspicious websites and notifications and avoid downloading applications from unofficial sources.
IDENTITY THEFT ON INSTAGRAM WITH ARTIFICIAL INTELLIGENCE
Scammers, after hacking into social media accounts, use artificial intelligence (AI) to clone the victim’s features and voice and publish fake videos in order to carry out new scams.
Criminals use investments with incredible financial returns or the sale of furniture at impractical prices as bait and certify the offer with the credibility of the person whose profile was stolen.
This technology has become known in recent years as deepfake and is becoming more accessible every day with the popularization of generative AIs, those like ChatGPT. Today, five minutes of audio is enough to copy a voice with acceptable quality.
The only way to prevent yourself from the risk of being cloned on the internet is to restrict the circulation of images and audio of yourself. One option is to make the account private and limit viewing of posts to friends. The other is to avoid publishing.
FAKE WEBSITES, EMAILS AND MESSAGES
The most common scam in Brazil is also the simplest: fake websites and messages that induce the victim to make payments to criminals. This practice is called phishing, in reference to the verb to fish in English, as bait is used.
Criminals use current issues such as Bolsa Família, the Desenrola Brasil debt refinancing program, Income Tax or employment opportunities, such as the Unified National Competition that the government will hold.
Even if the person does not make a transfer at the time, they may give up sensitive information. In the hands of criminals, this data allows the creation of orange accounts and the application of scams to the victim’s acquaintances.
The biggest prevention tip is to be suspicious. Check the authenticity of messages and calls, whether via WhatsApp, email or social media, that promise big deals or are urgent.
Spelling errors or addresses different from official channels are common signs of fraud. If you receive a link, prefer to manually type the official URL into your browser. Therefore, it is possible to find errors in the URL that are difficult to identify at first glance, such as “1” instead of “I” or “0” instead of “O”.