Hackers opened 500,000 fake accounts with leaked emails in Brazil, says study

Taking advantage of frequent database exposures, hackers created 500,000 fake accounts with leaked emails in Brazil in 2021, the year in which the country recorded 3.7 online fraud attempts per minute.

As personal information about payments, password changes and registration confirmations reside in emails, fraudsters are able to use them to create new accesses or recover existing ones, putting the user’s privacy and finances at risk.

The data are part of a study prepared by AllowMe, a company specialized in protecting digital identities. The survey, entitled Device Fraud Scan 2022, analyzed 155.6 million interactions of Brazilian users with applications and websites from different sectors to understand the behavior of a fraudster on the internet.

Analysis identified account theft as the main online fraud practiced in Brazil last year.

According to the AllowMe criteria, a number of suspicious activities are taken into account for an interaction to be considered fraud, such as the time it was made, the use of more than one account on the device, unusual changes in geolocation and the adoption of disposable emails.

“This, in isolation, may not mean fraud, but the composition of this context generates this differentiation between a good and a bad user – even when we are talking about a good user who carries out many transactions”, explains Gustavo Monteiro, managing director of AllowMe

While the user considered good makes an average of 6.6 transactions –which include registrations, logins, registration changes and device changes–, the fraudster makes 11 in the same period.

If the accesses were made through a virtual machine and the network and device used are already associated with other malicious practices, the chance of being a fraudster increases.

According to the study, more than 70% of interactions identified as fraud contained at least two suspicious behaviors.

The study also shows that most of the online frauds applied in the country were targeted at the financial sector. Loyalty programs, traditional banking institutions, fintechs, online rating systems and cryptocurrencies, in that order, were the segments most affected by malicious transaction threats, according to the study.

“The fraudster looks for sectors in which he can turn that stolen asset into cash or something that is important to him – and quickly. The miles sector, for example, is an sector where he can turn that into cash more quickly”, explains Monteiro.

Most of these attacks (63.7%) happen when logging into a website or application. This means that fraudsters’ main objective is to access third-party accounts directly, with data they obtained through social engineering, phishing, password resets or leaks.

The rest of the fraud attempts take place at the time of registration on the platforms and, finally, in the financial transactions themselves, where the greatest security measures are concentrated.

That’s why, among the types of fraud, account theft was the most applied scam by Brazilian fraudsters last year, according to the study. The list also includes promotion abuse, friendly fraud, self-fraud, SIM Swap, synthetic identity and account numerator.

According to the survey, most attacks occur during the day: 70% of those identified were carried out between 9 am and 8 pm. The time that concentrates the highest number, at 11 am, with 6.2% of the total, is also the one in which the highest number of interactions take place.

From 9 pm onwards, the average number of attempted frauds drops to about half, with 1.6 frauds per minute until 8 am.

This does not mean that the user is at greater risk during business hours. The probability of a user being threatened, defined by the proportion between the number of fraud attempts and the number of transactions, is higher at dawn, between 00:00 and 5:59, with a 1.6% chance.

“The important thing is that companies think of a layered fraud prevention process and know that there is no silver bullet. It is essential to have tools and processes designed throughout the customer’s journey in order to prevent fraud, while always respecting privacy. of the user”, says Monteiro.