Early Monday morning and late Tuesday night are the preferred days and times for scammers to attempt bank fraud, according to the 2024 edition of the “Fraud Report idwall Financeiro” by idwall, a company specializing in identity verification and fraud prevention.Financial scams account for 2.4 times more scams than other types, according to idwall.
According to Serasa, four out of ten Brazilians have been victims of financial scams this year. Of the people who were victims, 57% suffered an average loss of R$ 2,288.The most common frauds were related to credit cards, fake payments via boleto or Pix (payment system used in Brazil), and fraudulent communications.In 2023, Tuesday and early Saturday morning were the scammers’ preferred days.
Protecting Yourself Security Tips to Avoid Falling for Bank FraudThe financial system is the most targeted by scammers and has a fraud rate 2.4 times higher than the average in other sectors.
The idwall report focuses on document fraud and points out that the photo and holes made in the identity card were the most altered elements, with 90% of frauds committed using RGs (identity cards).The study was based on data collected through the provision of document verification services to clients in the financial sector. idwall serves institutions such as Itaú and Safra banks.
For scams involving services that require a selfie, such as proof of life, for example, there was a 40.3% increase in cases where the customer uses document photos to prove they are alive.
While the use of screen photos decreased to 43.8%. This step usually appears in processes such as opening an account, hiring credit, or other services with financial institutions.According to the company, the overall fraud rate decreased by 40% between 2024 and 2023, and 65.03% of the scams are of low complexity, i.e., they have document alterations that are easier to identify.
However, high and medium complexity frauds increased by 19% and 16%, respectively.”The scammers have migrated to the weakest point of the system, which is the individuals,” says Walter Faria, Deputy Director of Febraban (Brazilian Federation of Banks) Services.
This is because the security measures that banks have implemented in recent years have increased, with an estimated investment of R$ 4.7 billion in cybersecurity in 2024.
Criminals generally operate with simple schemes that can be reproduced on a large scale in the digital environment, as well as using social engineering techniques, involving calls from false call centers, deceptive emails, social media or WhatsApp messages, or contacts through fraudulent websites.
In Brazil, eight out of ten banking transactions are carried out through bank apps on cell phones, internet banking, or messaging apps like WhatsApp, according to Febraban in its banking technology survey commissioned to Deloitte.
Between 2019 and 2023, transactions made through smartphones increased by 251%.According to a Datafolha survey, Brazilians are more afraid of having their cell phones stolen than their wallets.
In this scenario, Alexandre Nery, executive manager of Serasa, states that “today security focus is on the devices [cell phones], which are almost like an identity.
“He also emphasizes the importance of layered protection, which consists of combining various protection technologies, such as biometrics, document verification, and checking other data.
Security Tips to Avoid Falling for Bank FraudSome good protection practices for the population are encouraged to increase security, such as being suspicious of any calls requesting personal or banking information.
Verifying the authenticity of messages and calls, whether through WhatsApp, email, or social media, promising big deals or having an urgent nature, should also become routine in citizens’ lives.Spelling errors or different addresses from official channels are common fraud indicators.
Furthermore, it is not recommended to download apps from outside the official Apple and Android stores.To prevent the risk of being cloned on the internet, it is recommended to limit the circulation of images and audios of oneself.
An option is to make the account private and limit the visibility of posts to friends. Another option is to avoid publishing sensitive information. See more tips to increase your security.
Do not type or share your passwords under any circumstances other than the official bank app;Activate geolocation on bank and delivery apps and on the phone itself;Enable two-factor authentication on WhatsApp; Carry out as many transactions as possible from home, preferably connected to the home wifi;Download bank apps only directly from the Play Store or Apple Store.
Do not click on links sent as if they were from the bank;Reduce transaction limits when outside the home and at unusual times;Be diligent in choosing the bank;Do not allow contacts not added to see your photo on WhatsApp;Avoid using face photos on open social media, such as WhatsApp profile;Communicate with the bank only through official channels.
See the Most Common Bank ScamsSome Nubank customers took to social media last year to report attempted scams through phone calls, where the caller ID displayed the company’s official number.
The calls were made from other lines than those of the institution. In these cases, cybercriminals use masks to alter the number displayed by the caller ID.Additionally, there are other practices to be aware of such as:Pix ScamAnother common scam this year diverts money from Pix transfers via cell phone when the customer is about to make a bank transfer.
This malware has already affected more than 6,300 victims in Brazil since January this year, according to data from Kaspersky, an online security company.The scammers act through the ATS system (automated transfer system), after the consumer downloads an app infected with the trojan, a type of virus also known as Trojan horse.Cybercriminals access the victim’s cell phone when the person downloads an infected app or clicks on suspicious links.
Gaming apps, for example, are among those identified as vectors for the new virus that transfers the Pix value from the customer.Instagram Identity Theft with Artificial Intelligence.
After infiltrating social media accounts, scammers use artificial intelligence (AI) to clone the victim’s features and voice and publish fake videos to carry out new scams.
The criminals use bait such as incredible financial returns or the sale of furniture at unfeasible prices, endorsed with the credibility of the person whose profile was stolen.
This technology, known in recent years as deepfake, is becoming more accessible every day with the popularization of generative AIs, such as ChatGPT. Today, it only takes five minutes of audio to copy a voice with acceptable quality.Fake Websites, Emails, and MessagesThe most common scam in Brazil is also the simplest: fake websites and messages that lead the victim to make payments to criminals.
This practice is called phishing, referring to the verb “to fish” in English, as it involves using bait.Criminals use hot topics like Bolsa Família (government social program), the Desenrola Brasil debt refinancing program, Income Tax, or job opportunities, such as the National Unified Contest that the government will hold.
Even if the person does not make a transfer at the time, they may provide sensitive information. In the hands of criminals, this information enables the creation of “dummy” accounts and frauds against the victim’s acquaintances.