Cybersecurity firm Kaspersky has identified at least 25 websites that use the Central Bank’s Amounts Receivable system as bait for financial scams.
Launched at the end of January, the tool allowed the consultation of R$ 8 billion that Brazilians have forgotten in current accounts or closed savings accounts, for example. Off the air due to high demand, the system will work again this Monday (14), but on a new website, aimed only at that. The query can be made through the address valorareceber.bcb.gov.br.
The fraud identified by experts begins with a flashy message via WhatsApp, which needs to be shared with ten contacts so that the victim is supposed to have the money released. Scammers inform you that it will now be possible to check if there are amounts to be received and promise instant withdrawal via Pix of this amount owed by the bank.
By clicking on the link in the message, the victim is sent to fake websites that try to impersonate the Central Bank’s Registrato system. One of the sites has the Central Bank logo to try to convey more credibility. It is important to clarify that the consultation, in addition to not being released yet, will no longer be done with access by the Registrant, but by the gov.br platform.
Once on the fraudulent website, the user is usually faced with requests for CPF number, full name and Pix key and is tricked into accepting notifications from the page. In addition, the fake website indicates that the victim has an amount to receive – between R$1,000 and R$4,000 in simulations carried out by Kaspersky specialists.
When sharing the message with friends, the site asks for permission to send notifications through the mobile browser. “By doing so, the victim releases a direct communication channel between the criminal and her browser”, says Fabio Assolini, a researcher at the company that discovered the scam. From there, criminals can continue sending malicious messages to the person.
Despite the amount announced by the Central Bank, most citizens must have forgotten small amounts. The central objective, therefore, is to obtain the data, explains Assolini.
“Scammers need information. They don’t always have it all”, says the expert. “They will allow you to find other information in leaked databases and, from there, try to steal the person’s money.”
The coup does not surprise Assolini. Topics of public interest are usually used by criminals, similar to what happened with emergency aid — when citizens went to withdraw the benefit and the money was no longer available.
“From now until the service goes live, we expect more hits,” he says.
To protect yourself, the expert recommends not clicking on any links received on the topic.
“People have to initially contain their curiosity,” he says. “Do not click on anything you receive on the subject. It is preferable that you go to the Central Bank’s website and find out there.”
I have over 8 years of experience in the news industry. I have worked for various news websites and have also written for a few news agencies. I mostly cover healthcare news, but I am also interested in other topics such as politics, business, and entertainment. In my free time, I enjoy writing fiction and spending time with my family and friends.
